CVE-2011-0719

EPSS 10.3%

samba - missing input sanisiting

Published: 3/1/2011Modified: 4/28/2026

Description

Samba 3.x before 3.3.15, 3.4.x before 3.4.12, and 3.5.x before 3.5.7 does not perform range checks for file descriptors before use of the FD_SET macro, which allows remote attackers to cause a denial of service (stack memory corruption, and infinite loop or daemon crash) by opening a large number of files, related to (1) Winbind or (2) smbd.

Affected packages (2)

Debian/sambafrom 0, < 2:3.5.7~dfsg-1
Debian/sambafrom 0, < 2:3.2.5-4lenny14

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2011-0719