Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2010-1642

The reply_sesssetup_and_X_spnego function in sesssetup.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to trigger an out-of-bounds read, and cause a denial of service (process crash), via a \xff\xff security blob length in a Session Setup AndX request.

Related bugs and status

CVE-2010-1642 (Candidate) is related to these bugs:

Bug #932239: Multiple Samba security vulnerabilities

Summary				In	Importance	Status
	932239	Multiple Samba security vulnerabilities		samba (Ubuntu)	Undecided	Invalid

See the

CVE page on Mitre.org for more details.

References

MISC: http://www.securityfoc...
MISC: http://www.vupen.com/e...
MISC: http://www.mandriva.co...
MISC: https://bugzilla.redha...
MISC: http://git.samba.org/?...
MISC: http://samba.org/samba...
MISC: http://samba.org/samba...
MISC: http://security-tracke...
MISC: http://www.stratsec.ne...
MISC: https://bugzilla.samba...