CVE-2010-3069
samba - buffer overflow
EPSS 15.2%
Description
Stack-based buffer overflow in the (1) sid_parse and (2) dom_sid_parse functions in Samba before 3.5.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Windows Security ID (SID) on a file share.
How to fix CVE-2010-3069
To remediate CVE-2010-3069, upgrade the affected package to a fixed version below.
- Debian/samba—upgrade to 2:3.5.5~dfsg-1 or later
- Debian/samba—upgrade to 2:3.2.5-4lenny13 or later
Is CVE-2010-3069 being exploited?
Moderate — EPSS is 15.2%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (2)
- from 0, < 2:3.5.5~dfsg-1
- from 0, < 2:3.2.5-4lenny13