CVE-2010-2063

Publication date 16 June 2010

Last updated 24 July 2024

Buffer overflow in the SMB1 packet chaining implementation in the chain_reply function in process.c in smbd in Samba 3.0.x before 3.3.13 allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a crafted field in a packet.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
samba	10.04 LTS lucid	Not affected
	9.10 karmic	Not affected
	9.04 jaunty	Fixed 2:3.3.2-1ubuntu3.5
	8.04 LTS hardy	Fixed 3.0.28a-1ubuntu4.12
	6.06 LTS dapper	Fixed 3.0.22-1ubuntu3.12

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-951-1
Samba vulnerability
16 June 2010

Other references

https://www.cve.org/CVERecord?id=CVE-2010-2063