The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execute arbitrary code via crafted Netlogon packets that use the ServerPasswordSet RPC API, as demonstrated by packets reaching the _netr_ServerPasswordSet function in rpc_server/netlogon/srv_netlog_nt.c. (CVE-2015-0240)
Impact
None. F5 products are not affected by this vulnerability.

CPENameOperatorVersion
big-ip afmeq11.3.0
big-ip afmeq11.4.0
big-ip afmeq11.4.1
big-ip afmeq11.5.0
big-ip afmeq11.5.1
big-ip afmeq11.5.2
big-ip afmeq11.6.0
big-ip analyticseq11.0.0
big-ip analyticseq11.1.0
big-ip analyticseq11.2.0

Name	Operator	Version
big-ip afm	eq	11.3.0
big-ip afm	eq	11.4.0
big-ip afm	eq	11.4.1
big-ip afm	eq	11.5.0
big-ip afm	eq	11.5.1
big-ip afm	eq	11.5.2
big-ip afm	eq	11.6.0
big-ip analytics	eq	11.0.0
big-ip analytics	eq	11.1.0
big-ip analytics	eq	11.2.0

Rows per page:

1-10 of 1951

securityvulns 1

altlinux 4

cisa 1

suse 7

debiancve 1

nessus 38

openvas 31

freebsd 1

centos 4

f5 1

oraclelinux 5

redhat 9

slackware 1

debian 3

seebug 1

prion 1

veracode 1

ubuntu 1

samba 1

nvd 1

zdt 1

archlinux 1

cve 1

ibm 2

checkpoint_advisories 1

lenovo 2

osv 2

thn 1

myhack58 1

mageia 1

cvelist 1

ubuntucve 1

exploitpack 1

metasploit 1

fedora 2

exploitdb 1

gentoo 1

kitploit 1

securityvulns

Samba memory corruption

2015-02-23 00:00:00

altlinux

Security fix for the ALT Linux 8 package samba-DC version 4.1.17-alt1

2015-02-23 00:00:00

Security fix for the ALT Linux 6 package samba version 3.5.22-alt0.M60P.1

2015-02-24 00:00:00

Security fix for the ALT Linux 8 package samba version 4.1.17-alt1

2015-02-23 00:00:00

cisa

Samba Remote Code Execution Vulnerability

2015-02-24 00:00:00

suse

Security update for samba (important)

2015-02-23 16:05:05

Security update for Samba (important)

2015-02-25 08:09:00

Security update for Samba (important)

2015-02-27 11:04:55

debiancve

CVE-2015-0240

2015-02-24 01:59:00

nessus

Oracle Linux 7 : samba (ELSA-2015-0252)

2015-02-24 00:00:00

Fedora 21 : samba-4.1.17-1.fc21 (2015-2538)

2015-02-26 00:00:00

RHEL 6 : samba4 (RHSA-2015:0255)

2015-02-24 00:00:00

openvas

CentOS Update for samba4 CESA-2015:0250 centos6

2015-02-25 00:00:00

CentOS Update for libsmbclient CESA-2015:0251 centos6

2015-02-25 00:00:00

Debian: Security Advisory (DSA-3171-1)

2015-02-22 00:00:00

freebsd

samba -- Unexpected code execution in smbd

2015-02-23 00:00:00

centos

samba4 security update

2015-02-23 14:24:03

samba3x security update

2015-02-23 14:18:15

libsmbclient, libwbclient, samba security update

2015-02-23 14:35:15

SOL16350 - Samba vulnerability CVE-2015-0240

2015-04-02 00:00:00

oraclelinux

samba4 security update

2015-02-23 00:00:00

samba security update

2015-02-23 00:00:00

samba3x security update

2015-02-23 00:00:00

redhat

(RHSA-2015:0257) Critical: samba security update

2015-02-23 00:00:00

(RHSA-2015:0252) Important: samba security update

2015-02-23 00:00:00

(RHSA-2015:0251) Critical: samba security update

2015-02-23 00:00:00

slackware

[slackware-security] samba

2015-03-05 22:49:31

debian

[SECURITY] [DSA 3171-1] samba security update

2015-02-23 11:48:45

[SECURITY] [DSA 3171-1] samba security update

2015-02-23 11:48:45

[SECURITY] [DLA 156-1] samba security update

2015-02-23 17:00:59

seebug

Samba NetLogon未初始化指针漏洞（CVE-2015-0240）

2015-11-13 00:00:00

prion

Null pointer dereference

2015-02-24 01:59:00

veracode

Arbitrary Code Execution

2019-01-15 09:04:32

ubuntu

Samba vulnerability

2015-02-23 00:00:00

samba

Unexpected code execution in smbd.

2015-02-23 00:00:00

nvd

CVE-2015-0240

2015-02-24 01:59:00

zdt

Samba < 3.6.2 x86 - PoC

2015-04-15 00:00:00

archlinux

samba: arbitrary code execution

2015-02-23 00:00:00

cve

CVE-2015-0240

2015-02-24 01:59:00

ibm

Security Bulletin: Samba vulnerability issue on IBM Storwize V7000 Unified (CVE-2015-0240)

2018-06-18 00:09:17

Security Bulletin: Samba vulnerability issue on IBM SONAS (CVE-2015-0240)

2018-06-18 00:09:22

checkpoint_advisories

Samba smbd ServerPasswordSet RPC Memory Corruption (CVE-2015-0240)

2015-03-03 00:00:00

lenovo

Samba Remote Code Execution Vulnerability - Lenovo Support US

2017-01-23 00:00:00

Samba Remote Code Execution Vulnerability

2017-01-23 00:00:00

osv

samba - security update

2015-02-23 00:00:00

samba - security update

2015-02-23 00:00:00

thn

Samba Service Hit By Remote Code Execution Vulnerability

2015-02-24 00:10:00

myhack58

Samba CVE-2 0 1 5-0 2 4 0 remote code execution exploit practice-vulnerability warning-the black bar safety net

2015-04-14 00:00:00

mageia

Updated samba packages fix CVE-2015-0240

2015-02-25 00:20:13

cvelist

CVE-2015-0240

2015-02-24 01:00:00

ubuntucve

CVE-2015-0240

2015-02-23 00:00:00

exploitpack

Samba 3.6.2 (x86) - Denial of Service (PoC)

2015-04-13 00:00:00

metasploit

Samba _netr_ServerPasswordSet Uninitialized Credential State

2015-03-05 05:50:14

fedora

[SECURITY] Fedora 21 Update: samba-4.1.17-1.fc21

2015-02-25 13:30:51

[SECURITY] Fedora 20 Update: samba-4.1.17-1.fc20

2015-02-25 13:28:25

exploitdb

Samba < 3.6.2 (x86) - Denial of Service (PoC)

2015-04-13 00:00:00

gentoo

Samba: Multiple vulnerabilities

2015-02-25 00:00:00

kitploit

Jok3R - Network And Web Pentest Framework

2019-01-23 12:25:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

9.7 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.974 High

EPSS

Percentile

99.9%

JSON

Related for F5:K16350