Lucene search

K

PRIOn knowledge basePRION:CVE-2014-3560

HistoryAug 06, 2014 - 6:55 p.m.

Heap overflow

2014-08-0618:55:00

PRIOn knowledge base

www.prio-n.com

9

8.1 High

AI Score

Confidence

Low

7.9 High

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:M/Au:N/C:C/I:C/A:C

0.934 High

EPSS

Percentile

99.0%

NetBIOS name services daemon (nmbd) in Samba 4.0.x before 4.0.21 and 4.1.x before 4.1.11 allows remote attackers to execute arbitrary code via unspecified vectors that modify heap memory, involving a sizeof operation on an incorrect variable in the unstrcpy macro in string_wrappers.h.

CPENameOperatorVersion
ubuntu_linuxeq14.04
enterprise_linuxeq7.0
enterprise_linuxeq6.0
sambaeq4.1.9
sambaeq4.1.7
sambaeq4.1.8
sambaeq4.1.5
sambaeq4.1.6
sambaeq4.1.4
sambaeq4.1.0

Rows per page:

1-10 of 351

References

lists.opensuse.org/opensuse-updates/2014-08/msg00027.html

secunia.com/advisories/59583

secunia.com/advisories/59610

secunia.com/advisories/59976

www.securityfocus.com/bid/69021

www.securitytracker.com/id/1030663

www.ubuntu.com/usn/USN-2305-1

bugzilla.redhat.com/show_bug.cgi?id=1126010

exchange.xforce.ibmcloud.com/vulnerabilities/95081

git.samba.org/?p=samba.git%3Ba=commitdiff%3Bh=e6a848630da3ba958c442438ea131c99fa088605

git.samba.org/?p=samba.git%3Ba=commitdiff%3Bh=fb1d325d96dfe9bc2e9c4ec46ad4c55e8f18f4a2

lists.fedoraproject.org/pipermail/package-announce/2014-August/136280.html

lists.fedoraproject.org/pipermail/package-announce/2014-August/136864.html

www.samba.org/samba/security/CVE-2014-3560

8.1 High

AI Score

Confidence

Low

7.9 High

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:M/Au:N/C:C/I:C/A:C

0.934 High

EPSS

Percentile

99.0%

Related for PRION:CVE-2014-3560

nessus14 altlinux3 securityvulns2 oraclelinux2 cvelist1 openvas13 centos2 veracode1 ubuntucve1 debiancve1 samba1 checkpoint_advisories1 redhat2 freebsd1 threatpost1 ubuntu1 slackware1 cve1 fedora3