5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
8.7 High
AI Score
Confidence
High
0.916 High
EPSS
Percentile
98.9%
Samba is prone to a heap memory information leak.
# SPDX-FileCopyrightText: 2017 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
CPE = "cpe:/a:samba:samba";
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.108295");
script_version("2023-07-14T16:09:27+0000");
script_cve_id("CVE-2017-15275");
script_tag(name:"cvss_base", value:"5.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_tag(name:"last_modification", value:"2023-07-14 16:09:27 +0000 (Fri, 14 Jul 2023)");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2022-08-29 20:43:00 +0000 (Mon, 29 Aug 2022)");
script_tag(name:"creation_date", value:"2017-11-23 07:09:22 +0100 (Thu, 23 Nov 2017)");
script_name("Samba Server 'CVE-2017-15275' Heap Memory Information Leak");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2017 Greenbone AG");
script_family("General");
script_dependencies("smb_nativelanman.nasl", "gb_samba_detect.nasl");
script_mandatory_keys("samba/smb_or_ssh/detected");
script_xref(name:"URL", value:"https://www.samba.org/samba/security/CVE-2017-15275.html");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/101908");
script_tag(name:"summary", value:"Samba is prone to a heap memory information leak.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");
script_tag(name:"insight", value:"The flaw exists due to the server which may return the
contents of heap allocated memory to the client.");
script_tag(name:"impact", value:"There is no known vulnerability associated with this error,
but uncleared heap memory may contain previously used data that may help an attacker compromise
the server via other methods. Uncleared heap memory may potentially contain password hashes or
other high-value data.");
script_tag(name:"affected", value:"Samba versions 3.6.0 to 4.5.14, 4.6.x prior to
4.6.11, 4.7.x prior to 4.7.3.");
script_tag(name:"solution", value:"Update to Samba 4.5.15, 4.6.11, 4.7.3 or later.");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"remote_banner_unreliable");
exit(0);
}
include("version_func.inc");
include("host_details.inc");
if( isnull( port = get_app_port( cpe:CPE ) ) ) exit( 0 );
if( ! infos = get_app_version_and_location( cpe:CPE, port:port, exit_no_version:TRUE ) ) exit( 0 );
vers = infos['version'];
loc = infos['location'];
if( version_in_range( version:vers, test_version:"3.6.0", test_version2:"4.5.14" ) ) {
fix = "4.5.15";
} else if( version_in_range( version:vers, test_version:"4.6.0", test_version2:"4.6.10" ) ) {
fix = "4.6.11";
} else if( version_in_range( version:vers, test_version:"4.7.0", test_version2:"4.7.2" ) ) {
fix = "4.7.3";
}
if( fix ) {
report = report_fixed_ver( installed_version:vers, fixed_version:fix, install_path:loc );
security_message( port:port, data:report );
exit( 0 );
}
exit( 99 );
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
8.7 High
AI Score
Confidence
High
0.916 High
EPSS
Percentile
98.9%