CVE-2010-0547
samba - several vulnerabilities
EPSS 2.0%
Description
client/mount.cifs.c in mount.cifs in smbfs in Samba 3.4.5 and earlier does not verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string.
How to fix CVE-2010-0547
To remediate CVE-2010-0547, upgrade the affected package to a fixed version below.
- Debian/samba—upgrade to 2:3.4.5~dfsg-2 or later
- Debian/samba—upgrade to 2:3.2.5-4lenny9 or later
Is CVE-2010-0547 being exploited?
Low — EPSS is 2.0%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 2:3.4.5~dfsg-2
- from 0, < 2:3.2.5-4lenny9