What is the severity of CVE-2010-1635?

CVE-2010-1635 is classified as a denial of service vulnerability.

How do I fix CVE-2010-1635?

To fix CVE-2010-1635, update Samba to version 3.5.2 or later.

What versions of Samba are affected by CVE-2010-1635?

CVE-2010-1635 affects Samba versions up to and including 3.4.7 and several 3.0.x versions.

Is CVE-2010-1635 remotely exploitable?

Yes, CVE-2010-1635 can be exploited remotely by sending specially crafted requests to the Samba server.

What is the impact of successfully exploiting CVE-2010-1635?

Successful exploitation of CVE-2010-1635 can lead to a denial of service, causing the affected Samba service to crash.

Vulnerability/
CVE-2010-1635

medium

CWE

NVD-CWE-Other 476

12/5/2010

17/6/2010

7/8/2024

CVE-2010-1635: Null Pointer Dereference

First published: Wed May 12 2010(Updated: )

It was reported [1] that two vulnerabilities were found in Samba's smbd that would allow an attacker to trigger a null pointer dereference or an unitialized variable read by sending a specific 'Sessions Setup AndX' query. Successful exploitation of these issues would result in a denial of service. The upstream bug report [2] has a patch. [1] <a href="http://www.stratsec.net/Research/Advisories/Samba-Multiple-DoS-Vulnerabilities-(SS-2010-005">http://www.stratsec.net/Research/Advisories/Samba-Multiple-DoS-Vulnerabilities-(SS-2010-005</a>) [2] <a href="https://bugzilla.samba.org/show_bug.cgi?id=7254">https://bugzilla.samba.org/show_bug.cgi?id=7254</a>

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
Samba	<=3.4.7
Samba	=3.0.0
Samba	=3.0.1
Samba	=3.0.2
Samba	=3.0.2a
Samba	=3.0.3
Samba	=3.0.4
Samba	=3.0.4-rc1
Samba	=3.0.5
Samba	=3.0.6
Samba	=3.0.7
Samba	=3.0.8
Samba	=3.0.9
Samba	=3.0.10
Samba	=3.0.11
Samba	=3.0.12
Samba	=3.0.13
Samba	=3.0.14
Samba	=3.0.14a
Samba	=3.0.15
Samba	=3.0.16
Samba	=3.0.17
Samba	=3.0.18
Samba	=3.0.19
Samba	=3.0.20
Samba	=3.0.20a
Samba	=3.0.20b
Samba	=3.0.21
Samba	=3.0.21a
Samba	=3.0.21b
Samba	=3.0.21c
Samba	=3.0.22
Samba	=3.0.23
Samba	=3.0.23a
Samba	=3.0.23b
Samba	=3.0.23c
Samba	=3.0.23d
Samba	=3.0.24
Samba	=3.0.25
Samba	=3.0.25-pre1
Samba	=3.0.25-pre2
Samba	=3.0.25-rc1
Samba	=3.0.25-rc2
Samba	=3.0.25-rc3
Samba	=3.0.25a
Samba	=3.0.25b
Samba	=3.0.25c
Samba	=3.0.26
Samba	=3.0.26a
Samba	=3.0.27
Samba	=3.0.27a
Samba	=3.0.28
Samba	=3.0.28a
Samba	=3.0.29
Samba	=3.0.30
Samba	=3.0.31
Samba	=3.0.32
Samba	=3.0.33
Samba	=3.0.34
Samba	=3.0.35
Samba	=3.0.36
Samba	=3.0.37
Samba	=3.1.0
Samba	=3.2
Samba	=3.2.0
Samba	=3.2.1
Samba	=3.2.2
Samba	=3.2.3
Samba	=3.2.4
Samba	=3.2.5
Samba	=3.2.6
Samba	=3.2.7
Samba	=3.2.8
Samba	=3.2.9
Samba	=3.2.10
Samba	=3.2.11
Samba	=3.2.12
Samba	=3.2.13
Samba	=3.2.14
Samba	=3.2.15
Samba	=3.3
Samba	=3.3.0
Samba	=3.3.1
Samba	=3.3.2
Samba	=3.3.3
Samba	=3.3.4
Samba	=3.3.5
Samba	=3.3.6
Samba	=3.3.7
Samba	=3.3.8
Samba	=3.3.9
Samba	=3.3.10
Samba	=3.3.11
Samba	=3.4
Samba	=3.4.0
Samba	=3.4.1
Samba	=3.4.2
Samba	=3.4.3
Samba	=3.4.4
Samba	=3.4.5
Samba	=3.4.6
Samba	=3.5
Samba	=3.5.0
Samba	=3.5.1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2010-1635?
CVE-2010-1635 is classified as a denial of service vulnerability.
How do I fix CVE-2010-1635?
To fix CVE-2010-1635, update Samba to version 3.5.2 or later.
What versions of Samba are affected by CVE-2010-1635?
CVE-2010-1635 affects Samba versions up to and including 3.4.7 and several 3.0.x versions.
Is CVE-2010-1635 remotely exploitable?
Yes, CVE-2010-1635 can be exploited remotely by sending specially crafted requests to the Samba server.
What is the impact of successfully exploiting CVE-2010-1635?
Successful exploitation of CVE-2010-1635 can lead to a denial of service, causing the affected Samba service to crash.

agent/type
agent/softwarecombine
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2010-1635
collector/redhat-cve
agent/first-publish-date
agent/references
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/severity
agent/weakness
agent/author
agent/description
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-historical
vendor/samba
canonical/samba
version/samba/3.4.7
version/samba/3.0.0
version/samba/3.0.1
version/samba/3.0.2
version/samba/3.0.2a
version/samba/3.0.3
version/samba/3.0.4
version/samba/3.0.4-rc1
version/samba/3.0.5
version/samba/3.0.6
version/samba/3.0.7
version/samba/3.0.8
version/samba/3.0.9
version/samba/3.0.10
version/samba/3.0.11
version/samba/3.0.12
version/samba/3.0.13
version/samba/3.0.14
version/samba/3.0.14a
version/samba/3.0.15
version/samba/3.0.16
version/samba/3.0.17
version/samba/3.0.18
version/samba/3.0.19
version/samba/3.0.20
version/samba/3.0.20a
version/samba/3.0.20b
version/samba/3.0.21
version/samba/3.0.21a
version/samba/3.0.21b
version/samba/3.0.21c
version/samba/3.0.22
version/samba/3.0.23
version/samba/3.0.23a
version/samba/3.0.23b
version/samba/3.0.23c
version/samba/3.0.23d
version/samba/3.0.24
version/samba/3.0.25
version/samba/3.0.25-pre1
version/samba/3.0.25-pre2
version/samba/3.0.25-rc1
version/samba/3.0.25-rc2
version/samba/3.0.25-rc3
version/samba/3.0.25a
version/samba/3.0.25b
version/samba/3.0.25c
version/samba/3.0.26
version/samba/3.0.26a
version/samba/3.0.27
version/samba/3.0.27a
version/samba/3.0.28
version/samba/3.0.28a
version/samba/3.0.29
version/samba/3.0.30
version/samba/3.0.31
version/samba/3.0.32
version/samba/3.0.33
version/samba/3.0.34
version/samba/3.0.35
version/samba/3.0.36
version/samba/3.0.37
version/samba/3.1.0
version/samba/3.2
version/samba/3.2.0
version/samba/3.2.1
version/samba/3.2.2
version/samba/3.2.3
version/samba/3.2.4
version/samba/3.2.5
version/samba/3.2.6
version/samba/3.2.7
version/samba/3.2.8
version/samba/3.2.9
version/samba/3.2.10
version/samba/3.2.11
version/samba/3.2.12
version/samba/3.2.13
version/samba/3.2.14
version/samba/3.2.15
version/samba/3.3
version/samba/3.3.0
version/samba/3.3.1
version/samba/3.3.2
version/samba/3.3.3
version/samba/3.3.4
version/samba/3.3.5
version/samba/3.3.6
version/samba/3.3.7
version/samba/3.3.8
version/samba/3.3.9
version/samba/3.3.10
version/samba/3.3.11
version/samba/3.4
version/samba/3.4.0
version/samba/3.4.1
version/samba/3.4.2
version/samba/3.4.3
version/samba/3.4.4
version/samba/3.4.5
version/samba/3.4.6
version/samba/3.5
version/samba/3.5.0
version/samba/3.5.1