Vulnerabilities > CVE-2009-3297
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN nessus
Summary
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-0787, CVE-2010-0788, CVE-2010-0789. Reason: this candidate was intended for one issue in Samba, but it was used for multiple distinct issues, including one in FUSE and one in ncpfs. Notes: All CVE users should consult CVE-2010-0787 (Samba), CVE-2010-0788 (ncpfs), and CVE-2010-0789 (FUSE) to determine which ID is appropriate. All references and descriptions in this candidate have been removed to prevent accidental usage
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2010-1190.NASL description - Tue Jan 26 2010 Guenther Deschner <gdeschner at redhat.com> - 3.4.5-0.47 - Security Release, fixes CVE-2009-3297 - resolves: #532940 - Tue Jan 19 2010 Guenther Deschner <gdeschner at redhat.com> - 3.4.5-0.46 - Update to 3.4.5 - Thu Jan 7 2010 Guenther Deschner <gdeschner at redhat.com> - 3.4.4-0.45 - Update to 3.4.4 - Thu Oct 29 2009 Guenther Deschner <gdeschner at redhat.com> - 3.4.3-0.44 - Update to 3.4.3 - Wed Oct 7 2009 Guenther Deschner <gdeschner at redhat.com> - 3.4.2-0.43 - Fix required talloc version - resolves: #527806 - Thu Oct 1 2009 Guenther Deschner <gdeschner at redhat.com> - 3.4.2-0.42 - Update to 3.4.2 - Security Release, fixes CVE-2009-2813, CVE-2009-2948 and CVE-2009-2906 - Wed Sep 9 2009 Guenther Deschner <gdeschner at redhat.com> - 3.4.1.0-41 - Update to 3.4.1 - Fri Jul 17 2009 Guenther Deschner <gdeschner at redhat.com> - 3.4.0-0.40 - Fix Bug #6551 (vuid and tid not set in sessionsetupX and tconX) - Specify required talloc and tdb version for BuildRequires - Wed Jul 15 2009 Guenther Deschner <gdeschner at redhat.com> - 3.4.0-0.39 - Update to 3.4.0 - resolves: #510558 - Fri Jun 19 2009 Guenther Deschner <gdeschner at redhat.com> - 3.3.5-0.38 - Fix password expiry calculation in pam_winbind - Tue Jun 16 2009 Guenther Deschner <gdeschner at redhat.com> - 3.3.5-0.37 - Update to 3.3.5 - Wed Apr 29 2009 Guenther Deschner <gdeschner at redhat.com> - 3.3.4-0.36 - Update to 3.3.4 - Mon Apr 20 2009 Guenther Deschner <gdeschner at redhat.com> - 3.3.3-0.35 - Enable build of idmap_tdb2 for clustered setups - Wed Apr 1 2009 Guenther Deschner <gdeschner at redhat.com> - 3.3.3-0.34 - Update to 3.3.3 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47239 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47239 title Fedora 11 : samba-3.4.5-0.47.fc11 (2010-1190) NASL family SuSE Local Security Checks NASL id SUSE_11_1_FUSE-100203.NASL description A race condition in fusermount allowed users to umount any filesystem (CVE-2009-3297). last seen 2020-06-01 modified 2020-06-02 plugin id 44611 published 2010-02-15 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/44611 title openSUSE Security Update : fuse (fuse-1897) NASL family SuSE Local Security Checks NASL id SUSE_11_0_FUSE-100203.NASL description A race condition in fusermount allowed users to umount any filesystem (CVE-2009-3297). last seen 2020-06-01 modified 2020-06-02 plugin id 44606 published 2010-02-15 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/44606 title openSUSE Security Update : fuse (fuse-1897) NASL family Fedora Local Security Checks NASL id FEDORA_2010-1159.NASL description Fixed CVE-2009-3297 (rhbz #558833) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47236 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47236 title Fedora 12 : fuse-2.8.1-4.fc12 (2010-1159) NASL family SuSE Local Security Checks NASL id SUSE_11_FUSE-100126.NASL description A race condition in fusermount allowed users to umount any filesystem (CVE-2009-3297). This has been fixed. last seen 2020-06-01 modified 2020-06-02 plugin id 44389 published 2010-02-03 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/44389 title SuSE 11 Security Update : fuse (SAT Patch Number 1867) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-2004.NASL description Two local vulnerabilities have been discovered in samba, a SMB/CIFS file, print, and login server for Unix. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-3297 Ronald Volgers discovered that a race condition in mount.cifs allows local users to mount remote filesystems over arbitrary mount points. - CVE-2010-0547 Jeff Layton discovered that missing input sanitising in mount.cifs allows denial of service by corrupting /etc/mtab. last seen 2020-06-01 modified 2020-06-02 plugin id 44950 published 2010-03-02 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/44950 title Debian DSA-2004-1 : samba - several vulnerabilities NASL family Fedora Local Security Checks NASL id FEDORA_2010-1140.NASL description Fixed CVE-2009-3297 (rhbz #558833) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47233 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47233 title Fedora 11 : fuse-2.8.1-2.fc11 (2010-1140) NASL family Fedora Local Security Checks NASL id FEDORA_2010-14678.NASL description - Thu Sep 9 2010 Guenther Deschner <gdeschner at redhat.com> - 3.4.9-60 - Security Release, fixes CVE-2010-3069 - resolves: #630869 - Wed May 12 2010 Guenther Deschner <gdeschner at redhat.com> - 3.4.8-59 - Update to 3.4.8 - Make sure nmb and smb initscripts return LSB compliant return codes - resolves: #521095 - Mon Mar 8 2010 Simo Sorce <ssorce at redhat.com> - 3.4.7-58 - Security update to 3.4.7 - Fixes CVE-2010-0728 - Wed Feb 24 2010 Guenther Deschner <gdeschner at redhat.com> - 3.4.6-57 - Update to 3.4.6 - Wed Feb 17 2010 Guenther Deschner <gdeschner at redhat.com> - 3.4.5-56 - Fix crash in cifs.upcall - resolves: #565446 - Tue Jan 26 2010 Guenther Deschner <gdeschner at redhat.com> - 3.4.5-55 - Security Release, fixes CVE-2009-3297 - resolves: #532940 - Tue Jan 26 2010 Guenther Deschner <gdeschner at redhat.com> - 3.4.5-54 - Fix crash in pdbedit - resolves: #541267 - Tue Jan 19 2010 Guenther Deschner <gdeschner at redhat.com> - 3.4.5-53 - Update to 3.4.5 - Thu Jan 14 2010 Guenther Deschner <gdeschner at redhat.com> - 3.4.4-52 - Fix crash bug in libsmbclient (SMBC_parse_path) - resolves: #552658 - Thu Jan 7 2010 Guenther Deschner <gdeschner at redhat.com> - 3.4.4-51 - Update to 3.4.4 - Tue Dec 1 2009 Guenther Deschner <gdeschner at redhat.com> - 3.4.3-50 - Fix uninitialized rpc client pipe, causing winbind to crash - resolves: #541328 - Wed Nov 25 2009 Guenther Deschner <gdeschner at redhat.com> - 3.4.3-49 - Various updates to inline documentation in default smb.conf file - resolves: #483703 - Thu Oct 29 2009 Guenther Deschner <gdeschner at redhat.com> - 3.4.3-48 - Update to 3.4.3 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 49248 published 2010-09-16 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/49248 title Fedora 12 : samba-3.4.9-60.fc12 (2010-14678) NASL family SuSE Local Security Checks NASL id SUSE_FUSE-6840.NASL description A race condition in fusermount allows non-privileged users to umount any file system. (CVE-2009-3297) last seen 2020-06-01 modified 2020-06-02 plugin id 51741 published 2011-01-27 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/51741 title SuSE 10 Security Update : fuse (ZYPP Patch Number 6840) NASL family SuSE Local Security Checks NASL id SUSE_11_2_FUSE-100203.NASL description A race condition in fusermount allowed users to umount any filesystem (CVE-2009-3297). last seen 2020-06-01 modified 2020-06-02 plugin id 44616 published 2010-02-15 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/44616 title openSUSE Security Update : fuse (fuse-1897) NASL family SuSE Local Security Checks NASL id SUSE_FUSE-6838.NASL description A race condition in fusermount allows non-privileged users to umount any file system. (CVE-2009-3297) last seen 2020-06-01 modified 2020-06-02 plugin id 51740 published 2011-01-27 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/51740 title SuSE 10 Security Update : fuse (ZYPP Patch Number 6838) NASL family Fedora Local Security Checks NASL id FEDORA_2010-1218.NASL description - Tue Jan 26 2010 Guenther Deschner <gdeschner at redhat.com> - 3.4.5-55 - Security Release, fixes CVE-2009-3297 - resolves: #532940 - Tue Jan 26 2010 Guenther Deschner <gdeschner at redhat.com> - 3.4.5-54 - Fix crash in pdbedit - resolves: #541267 - Tue Jan 19 2010 Guenther Deschner <gdeschner at redhat.com> - 3.4.5-53 - Update to 3.4.5 - Thu Jan 14 2010 Guenther Deschner <gdeschner at redhat.com> - 3.4.4-52 - Fix crash bug in libsmbclient (SMBC_parse_path) - resolves: #552658 - Thu Jan 7 2010 Guenther Deschner <gdeschner at redhat.com> - 3.4.4-51 - Update to 3.4.4 - Tue Dec 1 2009 Guenther Deschner <gdeschner at redhat.com> - 3.4.3-50 - Fix uninitialized rpc client pipe, causing winbind to crash - resolves: #541328 - Wed Nov 25 2009 Guenther Deschner <gdeschner at redhat.com> - 3.4.3-49 - Various updates to inline documentation in default smb.conf file - resolves: #483703 - Thu Oct 29 2009 Guenther Deschner <gdeschner at redhat.com> - 3.4.3-48 - Update to 3.4.3 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47241 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47241 title Fedora 12 : samba-3.4.5-55.fc12 (2010-1218)
Seebug
bulletinFamily | exploit |
description | Bugraq ID: 37992 CVE ID:CVE-2009-3297 mount.cifs是Samba应用程序包含的工具。mount.cifs程序允许用户通过不同的方式传送凭据文件的名称或包含有口令的文件。 mount.cifs存在竞争条件问题,本地攻击者可以利用漏洞提升特权。 建立一个路径不包含符号链接的tmp目录,使用mount.cifs开始加载攻击者所控制的共享,但当密码对话框提示时把它转到到后台,使用符号链接把 temp目录链接到/etc/pam.d,然后再把mount.cifs切换到前台,输入密码,按回车,此时攻击者的共享加载在/etc/pam.d中,导致特权提升。 Samba Samba 3.4.5 Samba Samba 3.4.2 Samba Samba 3.4.1 Samba Samba 3.3.8 Samba Samba 3.3.7 Samba Samba 3.3.6 Samba Samba 3.3.5 Samba Samba 3.2.15 Samba Samba 3.2.14 Samba Samba 3.2.13 Samba Samba 3.2.12 Samba Samba 3.2.5 Samba Samba 3.2.4 Samba Samba 3.2.3 Samba Samba 3.2.2 Samba Samba 3.2.1 Samba Samba 3.2 Samba Samba 3.0.37 Samba Samba 3.0.36 Samba Samba 3.0.35 Samba Samba 3.0.34 Samba Samba 3.0.33 Samba Samba 3.0.32 Samba Samba 3.0.30 Samba Samba 3.0.29 Samba Samba 3.0.29 Samba Samba 3.0.28 a Samba Samba 3.0.28 Samba Samba 3.0.27 Samba Samba 3.0.26 Samba Samba 3.0.25 rc3 Samba Samba 3.0.25 rc2 Samba Samba 3.0.25 rc1 Samba Samba 3.0.25 pre2 Samba Samba 3.0.25 pre1 Samba Samba 3.0.25 c Samba Samba 3.0.25 b Samba Samba 3.0.25 a Samba Samba 3.0.25 Samba Samba 3.0.24 Samba Samba 3.0.22 Samba Samba 3.0.21 Samba Samba 3.0.20 Samba Samba 3.0.14 Samba Samba 3.0.13 Samba Samba 3.0.12 Samba Samba 3.0.11 Samba Samba 3.0.10 Samba Samba 3.0.9 Samba Samba 3.0.8 Samba Samba 3.0.7 Samba Samba 3.0.6 Samba Samba 3.0.5 Samba Samba 3.0.4 -r1 Samba Samba 3.0.4 Samba Samba 3.0.3 Samba Samba 3.0.2 a Samba Samba 3.0.2 Samba Samba 3.0.1 Samba Samba 3.0 alpha Samba Samba 3.0 Samba Samba 3.0.27a Samba Samba 3.0.27 Samba Samba 3.0.26a Samba Samba 3.0.23d Samba Samba 3.0.23c Samba Samba 3.0.23b Samba Samba 3.0.23a Samba Samba 3.0.21c Samba Samba 3.0.21b Samba Samba 3.0.21a Samba Samba 3.0.20b Samba Samba 3.0.20a Samba Samba 3.0.14a 用户可联系供应商获得最新程序: http://www.samba.org/ |
id | SSV:19045 |
last seen | 2017-11-19 |
modified | 2010-02-02 |
published | 2010-02-02 |
reporter | Root |
title | Samba 'mount.cifs'本地特权提升漏洞 |