2.1

CVE-2010-0547

client/mount.cifs.c in mount.cifs in smbfs in Samba 3.4.5 and earlier does not verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string.

Data is provided by the National Vulnerability Database (NVD)
SambaSamba Version <= 3.4.5
SambaSamba Version1.9.17
SambaSamba Version1.9.17 Updatep1
SambaSamba Version1.9.17 Updatep2
SambaSamba Version1.9.17 Updatep3
SambaSamba Version1.9.17 Updatep4
SambaSamba Version1.9.17 Updatep5
SambaSamba Version1.9.18
SambaSamba Version1.9.18 Updatep1
SambaSamba Version1.9.18 Updatep10
SambaSamba Version1.9.18 Updatep2
SambaSamba Version1.9.18 Updatep3
SambaSamba Version1.9.18 Updatep4
SambaSamba Version1.9.18 Updatep5
SambaSamba Version1.9.18 Updatep6
SambaSamba Version1.9.18 Updatep7
SambaSamba Version1.9.18 Updatep8
SambaSamba Version2.2.0
SambaSamba Version2.2.0a
SambaSamba Version2.2.1
SambaSamba Version2.2.1a
SambaSamba Version2.2.2
SambaSamba Version2.2.3
SambaSamba Version2.2.3a
SambaSamba Version2.2.4
SambaSamba Version2.2.5
SambaSamba Version2.2.6
SambaSamba Version2.2.7
SambaSamba Version2.2.7a
SambaSamba Version2.2.8
SambaSamba Version2.2.8a
SambaSamba Version2.2.9
SambaSamba Version2.2.10
SambaSamba Version2.2.11
SambaSamba Version2.2.12
SambaSamba Version2.2a
SambaSamba Version3.0.0
SambaSamba Version3.0.1
SambaSamba Version3.0.2
SambaSamba Version3.0.2a
SambaSamba Version3.0.3
SambaSamba Version3.0.4
SambaSamba Version3.0.4 Updaterc1
SambaSamba Version3.0.5
SambaSamba Version3.0.6
SambaSamba Version3.0.8
SambaSamba Version3.0.9
SambaSamba Version3.0.10
SambaSamba Version3.0.11
SambaSamba Version3.0.12
SambaSamba Version3.0.13
SambaSamba Version3.0.14
SambaSamba Version3.0.14a
SambaSamba Version3.0.20
SambaSamba Version3.0.20a
SambaSamba Version3.0.20b
SambaSamba Version3.0.21
SambaSamba Version3.0.21a
SambaSamba Version3.0.21b
SambaSamba Version3.0.21c
SambaSamba Version3.0.22
SambaSamba Version3.0.23
SambaSamba Version3.0.23a
SambaSamba Version3.0.23b
SambaSamba Version3.0.23c
SambaSamba Version3.0.23d
SambaSamba Version3.0.24
SambaSamba Version3.0.25
SambaSamba Version3.0.25 Updatepre1
SambaSamba Version3.0.25 Updatepre2
SambaSamba Version3.0.25 Updaterc1
SambaSamba Version3.0.25 Updaterc2
SambaSamba Version3.0.25 Updaterc3
SambaSamba Version3.0.25a
SambaSamba Version3.0.25b
SambaSamba Version3.0.25c
SambaSamba Version3.0.26
SambaSamba Version3.0.26a
SambaSamba Version3.0.27
SambaSamba Version3.0.27a
SambaSamba Version3.0.28
SambaSamba Version3.0.28a
SambaSamba Version3.0.29
SambaSamba Version3.0.30
SambaSamba Version3.0.31
SambaSamba Version3.0.32
SambaSamba Version3.0.33
SambaSamba Version3.0.34
SambaSamba Version3.0.35
SambaSamba Version3.0.36
SambaSamba Version3.0.37
SambaSamba Version3.2.0
SambaSamba Version3.2.1
SambaSamba Version3.2.2
SambaSamba Version3.2.3
SambaSamba Version3.2.4
SambaSamba Version3.2.5
SambaSamba Version3.2.6
SambaSamba Version3.2.7
SambaSamba Version3.2.8
SambaSamba Version3.2.9
SambaSamba Version3.2.10
SambaSamba Version3.2.11
SambaSamba Version3.2.12
SambaSamba Version3.2.13
SambaSamba Version3.2.14
SambaSamba Version3.2.15
SambaSamba Version3.3.0
SambaSamba Version3.3.1
SambaSamba Version3.3.2
SambaSamba Version3.3.3
SambaSamba Version3.3.4
SambaSamba Version3.3.5
SambaSamba Version3.3.6
SambaSamba Version3.3.7
SambaSamba Version3.3.8
SambaSamba Version3.3.9
SambaSamba Version3.3.10
SambaSamba Version3.4.0
SambaSamba Version3.4.1
SambaSamba Version3.4.2
SambaSamba Version3.4.3
SambaSamba Version3.4.4
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 1.11% 0.774
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:N/I:N/A:P
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.