CVE-2010-0787

Publication date 2 March 2010

Last updated 24 July 2024

Ubuntu priority

client/mount.cifs.c in mount.cifs in smbfs in Samba 3.0.22, 3.0.28a, 3.2.3, 3.3.2, 3.4.0, and 3.4.5 allows local users to mount a CIFS share on an arbitrary mountpoint, and gain privileges, via a symlink attack on the mountpoint directory file.

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
samba	9.10 karmic	Fixed 2:3.4.0-3ubuntu5.4
	9.04 jaunty	Fixed 2:3.3.2-1ubuntu3.3
	8.10 intrepid	Fixed 2:3.2.3-1ubuntu3.7
	8.04 LTS hardy	Fixed 3.0.28a-1ubuntu4.10
	6.06 LTS dapper	Fixed 3.0.22-1ubuntu3.10

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-893-1
Samba vulnerability
28 January 2010

Other references

https://www.cve.org/CVERecord?id=CVE-2010-0787