Lucene search

K
debianDebianDEBIAN:DLA-156-1:7AF41
HistoryFeb 23, 2015 - 5:00 p.m.

[SECURITY] [DLA 156-1] samba security update

2015-02-2317:00:59
lists.debian.org
20

9.8 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.974 High

EPSS

Percentile

99.9%

Package : samba
Version : 2:3.5.6~dfsg-3squeeze12
CVE ID : CVE-2015-0240
Debian Bug : 779033

Richard van Eeden of Microsoft Vulnerability Research discovered that
Samba, a SMB/CIFS file, print, and login server for Unix, contains a
flaw in the netlogon server code which allows remote code execution with
root privileges from an unauthenticated connection.

For the oldstable distribution (squeeze), this problem has been fixed in
version 2:3.5.6~dfsg-3squeeze12.

For the stable distribution (wheezy), this problem has been fixed in
version 2:3.6.6-6+deb7u5.

We recommend that you upgrade your samba packages.

RaphaΓ«l Hertzog β—ˆ Debian Developer

Support Debian LTS: http://www.freexian.com/services/debian-lts.html
Learn to master Debian: http://debian-handbook.info/get/

9.8 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.974 High

EPSS

Percentile

99.9%