Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Samba < 3.4.0 Remote Code Execution Vulnerability (CVE-2012-0870)
Information
Severity
Severity
High
Family
Family
General
CVSSv2 Base
CVSSv2 Base
7.9
CVSSv2 Vector
CVSSv2 Vector
AV:A/AC:M/Au:N/C:C/I:C/A:C
Solution Type
Solution Type
Vendor Patch
Created
Created
2 years ago
Modified
Modified
2 years ago
Summary
Ensure AndX offsets are increasing strictly monotonically in pre-3.4 versions.
Insight
Insight
Samba versions up to 3.4.0 do not ensure that AndX offsets of the smb daemon (smbd) are increasing strictly monotonically. Therefore a remote code execution vulnerability exists in the smbd service. A remote attacker could use the vulnerability to launch an exploit over a network connection.
Affected Software
Affected Software
Samba versions prior to 3.4.0.
Detection Method
Detection Method
Checks if a vulnerable version is present on the target host.
Solution
Solution
Apply the patch mentioned in the linked reference.