I have found the following information on CVE-2010-1635 and CVE-2010-1642. I am going to open a bug on CVE-2010-2063 and CVE-2010-3069 for more information:
CVE-2010-1642 & CVE-2010-1635
===================================
1. Audit ID: 18463
2. Category: CAT II
3. Reference: CVE-2010-1635,CVE-2010-1642
4. Description Samba contains multiple vulnerabilities when handling crafted Negotiate
Protocol and Session Setup AndX requests. Successful exploitation may
result in denial-of-service conditions (process crash).
5. Status: Open
6. Explanation: Upgrade Samba to version 3.5.2, 3.4.8, or newer.
7. Resolution: Not Applicable. The version of Samba in the DD operating system uses a different mechanism for CIFS request/response buffers. Because of this, Samba security vulnerability CVE-2010-1635 doesn't apply to DDOS.
Further, EMC Data Domain Engineering has verified that CVE-2010-1642 remediation has been included in DDOS 5.1.4.0-343209, 5.2.2.0-347573, 5.3.0.0-342406, 5.4.0.0-347751.
EDIT: I found the following already in our bugzilla database:
CVE-2010-3069
Stack-based buffer overflow in the (1) sid_parse and (2) dom_sid_parse functions in Samba before 3.5.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Windows
Security ID (SID) on a file share.
RESPONSE: Fixed in DDOS 5.1.x.x which uses a slightly older version of Samba (3.0.35), which has had the 3.3.x patch hand merged into the code to resolve the vulnerability; internal engineering reference 47832.
CVE-2010-2063
1. Audit ID: 13121
2. Category: CAT I
3. Reference: CVE-2010-2063
4. Description: Samba contains a vulnerability when handling specially crafted SMB1 chained packets. Successful exploitation could allow remote unauthenticated attackers to corrupt system memory in such a way that could be leveraged to execute arbitrary code or cause the daemon to crash. Note: This audit may report false
findings on systems running backported versions of Samba.
5. Status: Open
6. Explanation: Upgrade Samba to version 3.3.13 or newer; or install updated packages from appropriate vendor.
7. Resolution: False Finding. EMC Engineering has reviewed and determined Samba was updated and this vulnerability was completely remediated in DD OS version 5.0.
PatrickBetts
1 Rookie
•
116 Posts
1
May 7th, 2014 06:00
NotAStorageGuy,
I have found the following information on CVE-2010-1635 and CVE-2010-1642. I am going to open a bug on CVE-2010-2063 and CVE-2010-3069 for more information:
CVE-2010-1642 & CVE-2010-1635
===================================
1. Audit ID: 18463
2. Category: CAT II
3. Reference: CVE-2010-1635,CVE-2010-1642
4. Description Samba contains multiple vulnerabilities when handling crafted Negotiate
Protocol and Session Setup AndX requests. Successful exploitation may
result in denial-of-service conditions (process crash).
5. Status: Open
6. Explanation: Upgrade Samba to version 3.5.2, 3.4.8, or newer.
7. Resolution: Not Applicable. The version of Samba in the DD operating system uses a different mechanism for CIFS request/response buffers. Because of this, Samba security vulnerability CVE-2010-1635 doesn't apply to DDOS.
Further, EMC Data Domain Engineering has verified that CVE-2010-1642 remediation has been included in DDOS 5.1.4.0-343209, 5.2.2.0-347573, 5.3.0.0-342406, 5.4.0.0-347751.
EDIT: I found the following already in our bugzilla database:
CVE-2010-3069
Stack-based buffer overflow in the (1) sid_parse and (2) dom_sid_parse functions in Samba before 3.5.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Windows
Security ID (SID) on a file share.
RESPONSE: Fixed in DDOS 5.1.x.x which uses a slightly older version of Samba (3.0.35), which has had the 3.3.x patch hand merged into the code to resolve the vulnerability; internal engineering reference 47832.
CVE-2010-2063
1. Audit ID: 13121
2. Category: CAT I
3. Reference: CVE-2010-2063
4. Description: Samba contains a vulnerability when handling specially crafted SMB1 chained packets. Successful exploitation could allow remote unauthenticated attackers to corrupt system memory in such a way that could be leveraged to execute arbitrary code or cause the daemon to crash. Note: This audit may report false
findings on systems running backported versions of Samba.
5. Status: Open
6. Explanation: Upgrade Samba to version 3.3.13 or newer; or install updated packages from appropriate vendor.
7. Resolution: False Finding. EMC Engineering has reviewed and determined Samba was updated and this vulnerability was completely remediated in DD OS version 5.0.
NotAStorageGuy
2 Posts
0
May 8th, 2014 08:00
Thanks for the detailed responses. I have opened a "False Positive" report with our scanning vendor.