Lucene search

PRIOn knowledge basePRION:CVE-2015-0240

HistoryFeb 24, 2015 - 1:59 a.m.

Null pointer dereference

2015-02-2401:59:00

PRIOn knowledge base

www.prio-n.com

8.1 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.974 High

EPSS

Percentile

99.9%

JSON

The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execute arbitrary code via crafted Netlogon packets that use the ServerPasswordSet RPC API, as demonstrated by packets reaching the _netr_ServerPasswordSet function in rpc_server/netlogon/srv_netlog_nt.c.

CPENameOperatorVersion
ubuntu_linuxeq12.04
ubuntu_linuxeq14.10
ubuntu_linuxeq14.04
suse_linux_enterprise_desktopeq12
suse_linux_enterprise_servereq12
suse_linux_enterprise_software_development_kiteq12
enterprise_linuxeq7.0
enterprise_linuxeq6.0
enterprise_linuxeq5
sambaeq4.1.9

Name	Operator	Version
ubuntu_linux	eq	12.04
ubuntu_linux	eq	14.10
ubuntu_linux	eq	14.04
suse_linux_enterprise_desktop	eq	12
suse_linux_enterprise_server	eq	12
suse_linux_enterprise_software_development_kit	eq	12
enterprise_linux	eq	7.0
enterprise_linux	eq	6.0
enterprise_linux	eq	5
samba	eq	4.1.9

Rows per page:

1-10 of 961

References

advisories.mageia.org/MGASA-2015-0084.html

lists.opensuse.org/opensuse-security-announce/2015-02/msg00028.html

lists.opensuse.org/opensuse-security-announce/2015-02/msg00030.html

lists.opensuse.org/opensuse-security-announce/2015-02/msg00031.html

lists.opensuse.org/opensuse-security-announce/2015-02/msg00035.html

lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html

lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.html

lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.html

rhn.redhat.com/errata/RHSA-2015-0249.html

rhn.redhat.com/errata/RHSA-2015-0250.html

rhn.redhat.com/errata/RHSA-2015-0251.html

rhn.redhat.com/errata/RHSA-2015-0252.html

rhn.redhat.com/errata/RHSA-2015-0253.html

rhn.redhat.com/errata/RHSA-2015-0254.html

rhn.redhat.com/errata/RHSA-2015-0255.html

rhn.redhat.com/errata/RHSA-2015-0256.html

rhn.redhat.com/errata/RHSA-2015-0257.html

security.gentoo.org/glsa/glsa-201502-15.xml

www.debian.org/security/2015/dsa-3171

www.mandriva.com/security/advisories?name=MDVSA-2015:081

www.mandriva.com/security/advisories?name=MDVSA-2015:082

www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html

www.securityfocus.com/bid/72711

www.securitytracker.com/id/1031783

www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.360345

www.ubuntu.com/usn/USN-2508-1

access.redhat.com/articles/1346913

bugzilla.redhat.com/show_bug.cgi?id=1191325

marc.info/?l=bugtraq&m=142722696102151&w=2

marc.info/?l=bugtraq&m=143039217203031&w=2

securityblog.redhat.com/2015/02/23/samba-vulnerability-cve-2015-0240/

support.lenovo.com/product_security/samba_remote_vuln

support.lenovo.com/us/en/product_security/samba_remote_vuln

www.exploit-db.com/exploits/36741/

www.samba.org/samba/security/CVE-2015-0240

8.1 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.974 High

EPSS

Percentile

99.9%

JSON

Null pointer dereference

References

Related