Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-0870

Overview

Vulnerability Score 7.9 7.9
CVE Id CVE-2012-0870
Last Modified 18 Dec 2012 11:49:44
Published 23 Feb 2012 07:33:55
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector ADJACENT_NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-0870

Summary

Heap-based buffer overflow in process.c in smbd in Samba 3.0, as used in the file-sharing service on the BlackBerry PlayBook tablet before 2.0.0.7971 and other products, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a Batched (aka AndX) request that triggers infinite recursion.

Vulnerable Systems

Operating System

  • Rim Blackberry Playbook Os 1.0

  • Rim Blackberry Playbook Os 1.0.3

  • Rim Blackberry Playbook Os 1.0.5

  • Rim Blackberry Playbook Os 1.0.6

  • Rim Blackberry Playbook Os 1.0.7

  • Rim Blackberry Playbook Os 1.0.7.2942

  • Rim Blackberry Playbook Os 1.0.7.3312

  • Rim Blackberry Playbook Os 1.0.8.4985

  • Rim Blackberry Playbook Os 1.0.8.6067

  • Rim Blackberry Playbook Os 2.0

Application

  • Samba 3.0


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=795509

CONFIRM - http://btsc.webapps.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB29565

XF - blackberry-playbook-samba-code-execution(73361)

UBUNTU - USN-1374-1

SECUNIA - 48186

SECUNIA - 48116

CONFIRM - http://support.apple.com/kb/HT5281

APPLE - APPLE-SA-2012-05-09-1

SECUNIA - 48879

SECUNIA - 48844

Related Patches

SUN114684-19 Solaris 9 SPARC: Samba Patch

Apple 2012-05-09 Security Update 2012-002 Server (Snow Leopard)

Apple 2012-05-09 Security Update 2012-002 (Snow Leopard)

Red Hat 2012:0332-01 RHSA Critical: samba security update for RHEL 4 x86

Red Hat 2012:0332-01 RHSA Critical: samba security update for RHEL 5 x86

Red Hat 2012:0332-01 RHSA Critical: samba security update for RHEL 5 x86_64

Red Hat 2012:0332-01 RHSA Critical: samba security update for RHEL 4 x86_64

Novell SUSE 2012:6120 ldapsmb security update for SLE 11 SP2 x86_64

Novell SUSE 2012:6120 ldapsmb security update for SLE 11 SP2 i586

Novell SUSE 2012:6145 ldapsmb security update for SLE 11 SP2 i586

Novell SUSE 2012:6145 ldapsmb security update for SLE 11 SP2 x86_64

Novell SUSE 2012:7985 cifs-mount security update for SLE 10 SP4 i586

Novell SUSE 2012:7985 cifs-mount security update for SLE 10 SP4 x86_64


Last Updated: 27 May 2016 10:58:18