All versions of Samba from 3.5.0 to 4.2.0rc4 are
vulnerable to an unexpected code execution vulnerability
in the smbd file server daemon.
A malicious client could send packets that may set up the
stack in such a way that the freeing of memory in a
subsequent anonymous netlogon packet could allow execution
of arbitrary code. This code would execute with root
privileges.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchsamba4= 4.0.0UNKNOWN
FreeBSDanynoarchsamba4< 4.0.25UNKNOWN
FreeBSDanynoarchsamba41= 4.1.0UNKNOWN
FreeBSDanynoarchsamba41< 4.1.17UNKNOWN
FreeBSDanynoarchsamba36= 3.6.0UNKNOWN
FreeBSDanynoarchsamba36< 3.6.25UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	samba4	= 4.0.0	UNKNOWN
FreeBSD	any	noarch	samba4	< 4.0.25	UNKNOWN
FreeBSD	any	noarch	samba41	= 4.1.0	UNKNOWN
FreeBSD	any	noarch	samba41	< 4.1.17	UNKNOWN
FreeBSD	any	noarch	samba36	= 3.6.0	UNKNOWN
FreeBSD	any	noarch	samba36	< 3.6.25	UNKNOWN

References

www.samba.org/samba/security/CVE-2015-0240

f5 2

nessus 38

suse 7

openvas 31

centos 4

cisa 1

debiancve 1

securityvulns 1

altlinux 4

redhat 9

myhack58 1

thn 1

fedora 2

ubuntucve 1

debian 3

ibm 2

mageia 1

cvelist 1

metasploit 1

exploitpack 1

archlinux 1

zdt 1

ubuntu 1

samba 1

veracode 1

prion 1

nvd 1

cve 1

oraclelinux 5

slackware 1

seebug 1

checkpoint_advisories 1

lenovo 2

osv 2

exploitdb 1

gentoo 1

kitploit 1

SOL16350 - Samba vulnerability CVE-2015-0240

2015-04-02 00:00:00

K16350 : Samba vulnerability CVE-2015-0240

2015-04-02 00:00:00

nessus

RHEL 6 : samba4 (RHSA-2015:0255)

2015-02-24 00:00:00

Oracle Linux 7 : samba (ELSA-2015-0252)

2015-02-24 00:00:00

SUSE SLED12 / SLES12 Security Update : samba (SUSE-SU-2015:0353-1)

2015-05-20 00:00:00

suse

Security update for samba (important)

2015-02-23 16:05:05

Security update for Samba (important)

2015-02-25 08:09:00

Security update for Samba (important)

2015-02-27 11:04:55

openvas

CentOS Update for libsmbclient CESA-2015:0251 centos6

2015-02-25 00:00:00

RedHat Update for samba4 RHSA-2015:0250-01

2015-02-25 00:00:00

CentOS Update for samba4 CESA-2015:0250 centos6

2015-02-25 00:00:00

centos

samba4 security update

2015-02-23 14:24:03

libsmbclient, samba security update

2015-02-23 14:23:09

samba3x security update

2015-02-23 14:18:15

cisa

Samba Remote Code Execution Vulnerability

2015-02-24 00:00:00

debiancve

CVE-2015-0240

2015-02-24 01:59:00

securityvulns

Samba memory corruption

2015-02-23 00:00:00

altlinux

Security fix for the ALT Linux 8 package samba-DC version 4.1.17-alt1

2015-02-23 00:00:00

Security fix for the ALT Linux 10 package samba version 4.1.17-alt1

2015-02-23 00:00:00

Security fix for the ALT Linux 6 package samba version 3.5.22-alt0.M60P.1

2015-02-24 00:00:00

redhat

(RHSA-2015:0255) Critical: samba4 security update

2015-02-23 00:00:00

(RHSA-2015:0250) Critical: samba4 security update

2015-02-23 00:00:00

(RHSA-2015:0254) Critical: samba security update

2015-02-23 00:00:00

myhack58

Samba CVE-2 0 1 5-0 2 4 0 remote code execution exploit practice-vulnerability warning-the black bar safety net

2015-04-14 00:00:00

thn

Samba Service Hit By Remote Code Execution Vulnerability

2015-02-24 00:10:00

fedora

[SECURITY] Fedora 21 Update: samba-4.1.17-1.fc21

2015-02-25 13:30:51

[SECURITY] Fedora 20 Update: samba-4.1.17-1.fc20

2015-02-25 13:28:25

ubuntucve

CVE-2015-0240

2015-02-23 00:00:00

debian

[SECURITY] [DSA 3171-1] samba security update

2015-02-23 11:48:45

[SECURITY] [DLA 156-1] samba security update

2015-02-23 17:00:36

[SECURITY] [DSA 3171-1] samba security update

2015-02-23 11:48:45

ibm

Security Bulletin: Samba vulnerability issue on IBM SONAS (CVE-2015-0240)

2018-06-18 00:09:22

Security Bulletin: Samba vulnerability issue on IBM Storwize V7000 Unified (CVE-2015-0240)

2018-06-18 00:09:17

mageia

Updated samba packages fix CVE-2015-0240

2015-02-25 00:20:13

cvelist

CVE-2015-0240

2015-02-24 01:00:00

metasploit

Samba _netr_ServerPasswordSet Uninitialized Credential State

2015-03-05 05:50:14

exploitpack

Samba 3.6.2 (x86) - Denial of Service (PoC)

2015-04-13 00:00:00

archlinux

samba: arbitrary code execution

2015-02-23 00:00:00

zdt

Samba < 3.6.2 x86 - PoC

2015-04-15 00:00:00

ubuntu

Samba vulnerability

2015-02-23 00:00:00

samba

Unexpected code execution in smbd.

2015-02-23 00:00:00

veracode

Arbitrary Code Execution

2019-01-15 09:04:32

prion

Null pointer dereference

2015-02-24 01:59:00

nvd

CVE-2015-0240

2015-02-24 01:59:00

cve

CVE-2015-0240

2015-02-24 01:59:00

oraclelinux

samba security update

2015-02-23 00:00:00

samba4 security update

2015-02-23 00:00:00

samba security update

2015-02-23 00:00:00

slackware

[slackware-security] samba

2015-03-05 22:49:31

seebug

Samba NetLogon未初始化指针漏洞（CVE-2015-0240）

2015-11-13 00:00:00

checkpoint_advisories

Samba smbd ServerPasswordSet RPC Memory Corruption (CVE-2015-0240)

2015-03-03 00:00:00

lenovo

Samba Remote Code Execution Vulnerability - Lenovo Support US

2017-01-23 00:00:00

Samba Remote Code Execution Vulnerability

2017-01-23 00:00:00

osv

samba - security update

2015-02-23 00:00:00

samba - security update

2015-02-23 00:00:00

exploitdb

Samba < 3.6.2 (x86) - Denial of Service (PoC)

2015-04-13 00:00:00

gentoo

Samba: Multiple vulnerabilities

2015-02-25 00:00:00

kitploit

Jok3R - Network And Web Pentest Framework

2019-01-23 12:25:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.974 High

EPSS

Percentile

99.9%

JSON

Related for 996C219C-BBB1-11E4-88AE-D050992ECDE8