5

CVE-2011-0719

Samba 3.x before 3.3.15, 3.4.x before 3.4.12, and 3.5.x before 3.5.7 does not perform range checks for file descriptors before use of the FD_SET macro, which allows remote attackers to cause a denial of service (stack memory corruption, and infinite loop or daemon crash) by opening a large number of files, related to (1) Winbind or (2) smbd.

Data is provided by the National Vulnerability Database (NVD)
SambaSamba Version3.0.0
SambaSamba Version3.0.1
SambaSamba Version3.0.2
SambaSamba Version3.0.2 Updatea
SambaSamba Version3.0.2a
SambaSamba Version3.0.3
SambaSamba Version3.0.4
SambaSamba Version3.0.4 Updaterc1
SambaSamba Version3.0.5
SambaSamba Version3.0.6
SambaSamba Version3.0.7
SambaSamba Version3.0.8
SambaSamba Version3.0.9
SambaSamba Version3.0.10
SambaSamba Version3.0.11
SambaSamba Version3.0.12
SambaSamba Version3.0.13
SambaSamba Version3.0.14
SambaSamba Version3.0.14 Updatea
SambaSamba Version3.0.14a
SambaSamba Version3.0.15
SambaSamba Version3.0.16
SambaSamba Version3.0.17
SambaSamba Version3.0.18
SambaSamba Version3.0.19
SambaSamba Version3.0.20
SambaSamba Version3.0.20 Updatea
SambaSamba Version3.0.20 Updateb
SambaSamba Version3.0.20a
SambaSamba Version3.0.20b
SambaSamba Version3.0.21
SambaSamba Version3.0.21 Updatea
SambaSamba Version3.0.21 Updateb
SambaSamba Version3.0.21 Updatec
SambaSamba Version3.0.21a
SambaSamba Version3.0.21b
SambaSamba Version3.0.21c
SambaSamba Version3.0.22
SambaSamba Version3.0.23
SambaSamba Version3.0.23 Updatea
SambaSamba Version3.0.23 Updateb
SambaSamba Version3.0.23 Updatec
SambaSamba Version3.0.23 Updated
SambaSamba Version3.0.23a
SambaSamba Version3.0.23b
SambaSamba Version3.0.23c
SambaSamba Version3.0.23d
SambaSamba Version3.0.24
SambaSamba Version3.0.25
SambaSamba Version3.0.25 Updatea
SambaSamba Version3.0.25 Updateb
SambaSamba Version3.0.25 Updatec
SambaSamba Version3.0.25 Updatepre1
SambaSamba Version3.0.25 Updatepre2
SambaSamba Version3.0.25 Updaterc1
SambaSamba Version3.0.25 Updaterc2
SambaSamba Version3.0.25 Updaterc3
SambaSamba Version3.0.25a
SambaSamba Version3.0.25b
SambaSamba Version3.0.25c
SambaSamba Version3.0.26
SambaSamba Version3.0.26 Updatea
SambaSamba Version3.0.26a
SambaSamba Version3.0.27
SambaSamba Version3.0.27 Updatea
SambaSamba Version3.0.28
SambaSamba Version3.0.28 Updatea
SambaSamba Version3.0.29
SambaSamba Version3.0.30
SambaSamba Version3.0.31
SambaSamba Version3.0.32
SambaSamba Version3.0.33
SambaSamba Version3.0.34
SambaSamba Version3.0.35
SambaSamba Version3.0.36
SambaSamba Version3.0.37
SambaSamba Version3.1.0
SambaSamba Version3.2.0
SambaSamba Version3.2.1
SambaSamba Version3.2.2
SambaSamba Version3.2.3
SambaSamba Version3.2.4
SambaSamba Version3.2.5
SambaSamba Version3.2.6
SambaSamba Version3.2.7
SambaSamba Version3.2.8
SambaSamba Version3.2.9
SambaSamba Version3.2.10
SambaSamba Version3.2.11
SambaSamba Version3.2.12
SambaSamba Version3.2.13
SambaSamba Version3.2.14
SambaSamba Version3.2.15
SambaSamba Version3.3.0
SambaSamba Version3.3.1
SambaSamba Version3.3.2
SambaSamba Version3.3.3
SambaSamba Version3.3.4
SambaSamba Version3.3.5
SambaSamba Version3.3.6
SambaSamba Version3.3.7
SambaSamba Version3.3.8
SambaSamba Version3.3.9
SambaSamba Version3.3.10
SambaSamba Version3.3.11
SambaSamba Version3.3.12
SambaSamba Version3.3.13
SambaSamba Version3.3.14
SambaSamba Version3.4.0
SambaSamba Version3.4.1
SambaSamba Version3.4.2
SambaSamba Version3.4.3
SambaSamba Version3.4.4
SambaSamba Version3.4.5
SambaSamba Version3.4.6
SambaSamba Version3.4.7
SambaSamba Version3.4.8
SambaSamba Version3.4.9
SambaSamba Version3.4.10
SambaSamba Version3.4.11
SambaSamba Version3.5.0
SambaSamba Version3.5.1
SambaSamba Version3.5.2
SambaSamba Version3.5.3
SambaSamba Version3.5.4
SambaSamba Version3.5.5
SambaSamba Version3.5.6
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 18.03% 0.947
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.