CVE - CVE-2011-0719

CVE-ID
CVE-2011-0719	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Samba 3.x before 3.3.15, 3.4.x before 3.4.12, and 3.5.x before 3.5.7 does not perform range checks for file descriptors before use of the FD_SET macro, which allows remote attackers to cause a denial of service (stack memory corruption, and infinite loop or daemon crash) by opening a large number of files, related to (1) Winbind or (2) smbd.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
CONFIRM:http://samba.org/samba/security/CVE-2011-0719.html CONFIRM:http://www.samba.org/samba/history/samba-3.3.15.html CONFIRM:http://www.samba.org/samba/history/samba-3.4.12.html CONFIRM:http://www.samba.org/samba/history/samba-3.5.7.html CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=678328 CONFIRM:http://support.apple.com/kb/HT4723 APPLE:APPLE-SA-2011-06-23-1 URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html DEBIAN:DSA-2175 URL:http://www.debian.org/security/2011/dsa-2175 FEDORA:FEDORA-2011-3118 URL:http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056241.html FEDORA:FEDORA-2011-3120 URL:http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056229.html HP:HPSBUX02657 URL:http://marc.info/?l=bugtraq&m=130835366526620&w=2 HP:SSRT100460 URL:http://marc.info/?l=bugtraq&m=130835366526620&w=2 MANDRIVA:MDVSA-2011:038 URL:http://www.mandriva.com/security/advisories?name=MDVSA-2011:038 REDHAT:RHSA-2011:0305 URL:http://www.redhat.com/support/errata/RHSA-2011-0305.html REDHAT:RHSA-2011:0306 URL:http://www.redhat.com/support/errata/RHSA-2011-0306.html SLACKWARE:SSA:2011-059-01 URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.593629 UBUNTU:USN-1075-1 URL:http://www.ubuntu.com/usn/USN-1075-1 BID:46597 URL:http://www.securityfocus.com/bid/46597 SECTRACK:1025132 URL:http://www.securitytracker.com/id?1025132 SECUNIA:43512 URL:http://secunia.com/advisories/43512 SECUNIA:43482 URL:http://secunia.com/advisories/43482 SECUNIA:43503 URL:http://secunia.com/advisories/43503 SECUNIA:43517 URL:http://secunia.com/advisories/43517 SECUNIA:43556 URL:http://secunia.com/advisories/43556 SECUNIA:43557 URL:http://secunia.com/advisories/43557 SECUNIA:43843 URL:http://secunia.com/advisories/43843 VUPEN:ADV-2011-0517 URL:http://www.vupen.com/english/advisories/2011/0517 VUPEN:ADV-2011-0518 URL:http://www.vupen.com/english/advisories/2011/0518 VUPEN:ADV-2011-0519 URL:http://www.vupen.com/english/advisories/2011/0519 VUPEN:ADV-2011-0520 URL:http://www.vupen.com/english/advisories/2011/0520 VUPEN:ADV-2011-0522 URL:http://www.vupen.com/english/advisories/2011/0522 VUPEN:ADV-2011-0541 URL:http://www.vupen.com/english/advisories/2011/0541 VUPEN:ADV-2011-0702 URL:http://www.vupen.com/english/advisories/2011/0702 XF:samba-fdset-dos(65724) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/65724
Assigning CNA
N/A
Date Entry Created
20110131	Disclaimer: The entry creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20110131)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: cve@mitre.org

Use of the Common Vulnerabilities and Exposures (CVE®) List and the associated references from this website are subject to the terms of use. CVE is sponsored by US-CERT in the office of Cybersecurity and Communications at the U.S. Department of Homeland Security. Copyright © 1999–2018, The MITRE Corporation. CVE and the CVE logo are registered trademarks of The MITRE Corporation. For more information, please contact us.