CVE-2014-3493: Buffer Overflow
First published: Thu Jun 12 2014(Updated: )
It was discovered that smbd, the Samba file server deamon, did not properly handle certain valid on-disk unicode path names if an authenticated client tries to read them via a non-unicode request. In case the push_ascii() function encounters an error, e.g. a conversion failure, its error return value may incorrectly be used as a pointer in subsequent memory writes, leading to a crash or possible memory corruption. Acknowledgments: Red Hat would like to thank the Samba project for reporting this issue. The Samba project acknowledges Simon Arlott as the original reporter.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Samba Samba | =3.6.0 | |
| Samba Samba | =3.6.1 | |
| Samba Samba | =3.6.2 | |
| Samba Samba | =3.6.3 | |
| Samba Samba | =3.6.4 | |
| Samba Samba | =3.6.5 | |
| Samba Samba | =3.6.6 | |
| Samba Samba | =3.6.7 | |
| Samba Samba | =3.6.8 | |
| Samba Samba | =3.6.9 | |
| Samba Samba | =3.6.10 | |
| Samba Samba | =3.6.11 | |
| Samba Samba | =3.6.12 | |
| Samba Samba | =3.6.13 | |
| Samba Samba | =3.6.14 | |
| Samba Samba | =3.6.15 | |
| Samba Samba | =3.6.16 | |
| Samba Samba | =3.6.17 | |
| Samba Samba | =3.6.18 | |
| Samba Samba | =3.6.19 | |
| Samba Samba | =3.6.20 | |
| Samba Samba | =3.6.21 | |
| Samba Samba | =3.6.22 | |
| Samba Samba | =3.6.23 | |
| Samba Samba | =4.1.0 | |
| Samba Samba | =4.1.1 | |
| Samba Samba | =4.1.2 | |
| Samba Samba | =4.1.3 | |
| Samba Samba | =4.1.4 | |
| Samba Samba | =4.1.5 | |
| Samba Samba | =4.1.6 | |
| Samba Samba | =4.1.7 | |
| Samba Samba | =4.1.8 | |
| Samba Samba | =4.0.0 | |
| Samba Samba | =4.0.1 | |
| Samba Samba | =4.0.2 | |
| Samba Samba | =4.0.3 | |
| Samba Samba | =4.0.4 | |
| Samba Samba | =4.0.5 | |
| Samba Samba | =4.0.6 | |
| Samba Samba | =4.0.7 | |
| Samba Samba | =4.0.8 | |
| Samba Samba | =4.0.9 | |
| Samba Samba | =4.0.10 | |
| Samba Samba | =4.0.11 | |
| Samba Samba | =4.0.12 | |
| Samba Samba | =4.0.13 | |
| Samba Samba | =4.0.14 | |
| Samba Samba | =4.0.15 | |
| Samba Samba | =4.0.16 | |
| Samba Samba | =4.0.17 | |
| Samba Samba | =4.0.18 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://advisories.mageia.org/MGASA-2014-0279.html
- http://linux.oracle.com/errata/ELSA-2014-0866.html
- http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136864.html
- http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134717.html
- http://rhn.redhat.com/errata/RHSA-2014-0866.html
- http://secunia.com/advisories/59378
- http://secunia.com/advisories/59407
- http://secunia.com/advisories/59433
- http://secunia.com/advisories/59579
- http://secunia.com/advisories/59834
- http://secunia.com/advisories/59848
- http://secunia.com/advisories/59919
- http://secunia.com/advisories/61218
- http://security.gentoo.org/glsa/glsa-201502-15.xml
- http://www.mandriva.com/security/advisories?name=MDVSA-2014:136
- http://www.mandriva.com/security/advisories?name=MDVSA-2015:082
- http://www.samba.org/samba/security/CVE-2014-3493
- http://www.securityfocus.com/archive/1/532757/100/0/threaded
- http://www.securityfocus.com/bid/68150
- http://www.securitytracker.com/id/1030455
- https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_samba1
- https://bugzilla.redhat.com/show_bug.cgi?id=1108748
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05115993
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1112251
- https://rhn.redhat.com/errata/RHSA-2014-0867.html
- https://rhn.redhat.com/errata/RHSA-2014-0866.html
- https://rhn.redhat.com/errata/RHSA-2014-1009.html
- collector/nvd-index
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2014-3493
- agent/author
- agent/references
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/tags
- agent/event
- agent/description
- agent/trending
- vendor/samba
- canonical/samba samba
- version/samba samba/3.6.0
- version/samba samba/3.6.1
- version/samba samba/3.6.2
- version/samba samba/3.6.3
- version/samba samba/3.6.4
- version/samba samba/3.6.5
- version/samba samba/3.6.6
- version/samba samba/3.6.7
- version/samba samba/3.6.8
- version/samba samba/3.6.9
- version/samba samba/3.6.10
- version/samba samba/3.6.11
- version/samba samba/3.6.12
- version/samba samba/3.6.13
- version/samba samba/3.6.14
- version/samba samba/3.6.15
- version/samba samba/3.6.16
- version/samba samba/3.6.17
- version/samba samba/3.6.18
- version/samba samba/3.6.19
- version/samba samba/3.6.20
- version/samba samba/3.6.21
- version/samba samba/3.6.22
- version/samba samba/3.6.23
- version/samba samba/4.1.0
- version/samba samba/4.1.1
- version/samba samba/4.1.2
- version/samba samba/4.1.3
- version/samba samba/4.1.4
- version/samba samba/4.1.5
- version/samba samba/4.1.6
- version/samba samba/4.1.7
- version/samba samba/4.1.8
- version/samba samba/4.0.0
- version/samba samba/4.0.1
- version/samba samba/4.0.2
- version/samba samba/4.0.3
- version/samba samba/4.0.4
- version/samba samba/4.0.5
- version/samba samba/4.0.6
- version/samba samba/4.0.7
- version/samba samba/4.0.8
- version/samba samba/4.0.9
- version/samba samba/4.0.10
- version/samba samba/4.0.11
- version/samba samba/4.0.12
- version/samba samba/4.0.13
- version/samba samba/4.0.14
- version/samba samba/4.0.15
- version/samba samba/4.0.16
- version/samba samba/4.0.17
- version/samba samba/4.0.18