Description
The reply_sesssetup_and_X_spnego function in sesssetup.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to trigger an out-of-bounds read, and cause a denial of service (process crash), via a \xff\xff security blob length in a Session Setup AndX request.
Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| n/a | n/a | affected |
|
Configuration 1 [-]
|
No data.
No data available yet.
Remediation
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2010-1663 | The reply_sesssetup_and_X_spnego function in sesssetup.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to trigger an out-of-bounds read, and cause a denial of service (process crash), via a \xff\xff security blob length in a Session Setup AndX request. |
References
History
Wed, 28 May 2025 14:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
Thu, 22 May 2025 04:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
MITRE
Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2024-08-07T01:28:42.967Z
Reserved: 2010-04-29T00:00:00.000Z
Link: CVE-2010-1642
Vulnrichment
No data.
NVD
Status : Modified
Published: 2010-06-17T16:30:01.873
Modified: 2026-04-29T01:13:23.040
Link: CVE-2010-1642
Redhat
OpenCVE Enrichment
No data.
Weaknesses