CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
91.9%
Stack-based buffer overflow in cifskey.c or cifscreds.c in cifs-utils before 6.4, as used in pam_cifscreds, allows remote attackers to have unspecified impact via unknown vectors.
Vendor | Product | Version | CPE |
---|---|---|---|
debian | cifs-utils | * | cpe:2.3:a:debian:cifs-utils:*:*:*:*:*:*:*:* |
advisories.mageia.org/MGASA-2014-0242.html
seclists.org/oss-sec/2014/q2/96
www.mandriva.com/security/advisories?name=MDVSA-2015:114
bugs.mageia.org/show_bug.cgi?id=13386
bugzilla.novell.com/show_bug.cgi?id=870168
bugzilla.redhat.com/show_bug.cgi?id=1086224
lists.samba.org/archive/samba-technical/2014-July/101132.html
security.gentoo.org/glsa/201612-08