Security Advisory

CVE-2010-1642

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2010-06-17 16:00:00

Last updated 2024-08-07 01:28:42

Assigner redhat

State PUBLISHED

Description

The reply_sesssetup_and_X_spnego function in sesssetup.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to trigger an out-of-bounds read, and cause a denial of service (process crash), via a xffxff security blob length in a Session Setup AndX request.

← Browse all CVEs View on cve.org ↗