Think you have a false positive on this rule?

Sid 1-19007

Message

SERVER-SAMBA Samba SID parsing overflow attempt

Summary

Stack-based buffer overflow in the (1) sidparse and (2) domsid_parse functions in Samba before 3.5.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Windows Security ID (SID) on a file share.

Impact

CVSS base score 7.5 CVSS impact score 6.4 CVSS exploitability score 10.0 confidentialityImpact PARTIAL integrityImpact PARTIAL availabilityImpact PARTIAL

CVE-2010-3069:

CVSS base score 7.5

CVSS impact score 6.4

CVSS exploitability score 10.0

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

Detailed information

CVE-2010-3069: Stack-based buffer overflow in the (1) sidparse and (2) domsid_parse functions in Samba before 3.5.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Windows Security ID (SID) on a file share.

Affected systems

  • samba samba 1.9.17
  • samba samba 1.9.18
  • samba samba 2.0
  • samba samba 2.0.0
  • samba samba 2.0.1
  • samba samba 2.0.2
  • samba samba 2.0.3
  • samba samba 2.0.4
  • samba samba 2.0.5
  • samba samba 2.0.5a
  • samba samba 2.0.6
  • samba samba 2.0.7
  • samba samba 2.0.8
  • samba samba 2.0.9
  • samba samba 2.0.10
  • samba samba 2.2.0
  • samba samba 2.2.0a
  • samba samba 2.2.1
  • samba samba 2.2.1a
  • samba samba 2.2.2
  • samba samba 2.2.3
  • samba samba 2.2.3a
  • samba samba 2.2.4
  • samba samba 2.2.5
  • samba samba 2.2.6
  • samba samba 2.2.7
  • samba samba 2.2.7a
  • samba samba 2.2.8
  • samba samba 2.2.8a
  • samba samba 2.2.9
  • samba samba 2.2.10
  • samba samba 2.2.11
  • samba samba 2.2.12
  • samba samba 2.2a
  • samba samba 2.18.3
  • samba samba 3.0
  • samba samba 3.0.0
  • samba samba 3.0.1
  • samba samba 3.0.2
  • samba samba 3.0.2a
  • samba samba 3.0.3
  • samba samba 3.0.4
  • samba samba 3.0.5
  • samba samba 3.0.6
  • samba samba 3.0.7
  • samba samba 3.0.8
  • samba samba 3.0.9
  • samba samba 3.0.10
  • samba samba 3.0.11
  • samba samba 3.0.12
  • samba samba 3.0.13
  • samba samba 3.0.14
  • samba samba 3.0.14a
  • samba samba 3.0.15
  • samba samba 3.0.16
  • samba samba 3.0.17
  • samba samba 3.0.18
  • samba samba 3.0.19
  • samba samba 3.0.20
  • samba samba 3.0.20a
  • samba samba 3.0.20b
  • samba samba 3.0.21
  • samba samba 3.0.21a
  • samba samba 3.0.21b
  • samba samba 3.0.21c
  • samba samba 3.0.22
  • samba samba 3.0.23
  • samba samba 3.0.23a
  • samba samba 3.0.23b
  • samba samba 3.0.23c
  • samba samba 3.0.23d
  • samba samba 3.0.24
  • samba samba 3.0.25
  • samba samba 3.0.25a
  • samba samba 3.0.25b
  • samba samba 3.0.25c
  • samba samba 3.0.26
  • samba samba 3.0.26a
  • samba samba 3.0.27
  • samba samba 3.0.27a
  • samba samba 3.0.28
  • samba samba 3.0.28a
  • samba samba 3.0.29
  • samba samba 3.0.30
  • samba samba 3.0.31
  • samba samba 3.0.32
  • samba samba 3.0.33
  • samba samba 3.0.34
  • samba samba 3.0.35
  • samba samba 3.0.36
  • samba samba 3.0.37
  • samba samba 3.1
  • samba samba 3.2
  • samba samba 3.2.0
  • samba samba 3.2.1
  • samba samba 3.2.2
  • samba samba 3.2.3
  • samba samba 3.2.4
  • samba samba 3.2.5
  • samba samba 3.2.6
  • samba samba 3.2.7
  • samba samba 3.2.8
  • samba samba 3.2.9
  • samba samba 3.2.10
  • samba samba 3.2.11
  • samba samba 3.2.12
  • samba samba 3.2.13
  • samba samba 3.2.14
  • samba samba 3.2.15
  • samba samba 3.3
  • samba samba 3.3.0
  • samba samba 3.3.1
  • samba samba 3.3.2
  • samba samba 3.3.3
  • samba samba 3.3.4
  • samba samba 3.3.5
  • samba samba 3.3.6
  • samba samba 3.3.7
  • samba samba 3.3.8
  • samba samba 3.3.9
  • samba samba 3.3.10
  • samba samba 3.3.11
  • samba samba 3.3.12
  • samba samba 3.4
  • samba samba 3.4.0
  • samba samba 3.4.1
  • samba samba 3.4.2
  • samba samba 3.4.3
  • samba samba 3.4.4
  • samba samba 3.4.5
  • samba samba 3.4.6
  • samba samba 3.4.7
  • samba samba 3.5
  • samba samba 3.5.0
  • samba samba 3.5.1
  • samba samba 3.5.2
  • samba samba 3.5.3
  • samba samba 3.5.4

Ease of attack

CVE-2010-3069:

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

False positives

None known

False negatives

None known

Corrective action

Upgrade to the latest non-affected version of the software.

Apply the appropriate vendor supplied patches.

Contributors

  • Talos research team.
  • This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology.
  • For more information see nvd.

Additional References