what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

CVE-2015-0240

Status Candidate

Overview

The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execute arbitrary code via crafted Netlogon packets that use the ServerPasswordSet RPC API, as demonstrated by packets reaching the _netr_ServerPasswordSet function in rpc_server/netlogon/srv_netlog_nt.c.

Related Files

HP Security Bulletin HPSBUX03320 SSRT101952 1
Posted Apr 30, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX03320 SSRT101952 1 - Potential security vulnerabilities have been identified with HP-UX CIFS-Server (Samba). The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS), execution of arbitrary code, or unauthorized access. Revision 1 of this advisory.

tags | advisory, denial of service, arbitrary, vulnerability
systems | hpux
advisories | CVE-2015-0240
SHA-256 | e973ffb6dafb6ca7009b2cd65cdfaa080bc145cae7286e26749ee0040f2ca8fc
Mandriva Linux Security Advisory 2015-082
Posted Mar 30, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-082 - In Samba before 3.6.23, the SAMR server neglects to ensure that attempted password changes will update the bad password count, and does not set the lockout flags. This would allow a user unlimited attempts against the password by simply calling ChangePasswordUser2 repeatedly. This is available without any other authentication. Information leak vulnerability in the VFS code, allowing an authenticated user to retrieve eight bytes of uninitialized memory when shadow copy is enabled. Samba versions before 3.6.24, 4.0.19, and 4.1.9 are vulnerable to a denial of service on the nmbd NetBIOS name services daemon. A malformed packet can cause the nmbd server to loop the CPU and prevent any further NetBIOS ame service. Samba versions before 3.6.24, 4.0.19, and 4.1.9 are affected by a denial of service crash involving overwriting memory on an authenticated connection to the smbd file server. An uninitialized pointer use flaw was found in the Samba daemon (smbd). A malicious Samba client could send specially crafted netlogon packets that, when processed by smbd, could potentially lead to arbitrary code execution with the privileges of the user running smbd (by default, the root user).

tags | advisory, denial of service, arbitrary, root, code execution
systems | linux, mandriva
advisories | CVE-2013-4496, CVE-2014-0178, CVE-2014-0244, CVE-2014-3493, CVE-2015-0240
SHA-256 | a746da07e0936d2f90ff3113f5c91d8a56d359101e9fd3c4b400291184eac8c7
Mandriva Linux Security Advisory 2015-083
Posted Mar 30, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-083 - Samba 4.0.x before 4.0.24, 4.1.x before 4.1.16, and 4.2.x before 4.2rc4, when an Active Directory Domain Controller is configured, allows remote authenticated users to set the LDB userAccountControl UF_SERVER_TRUST_ACCOUNT bit, and consequently gain privileges, by leveraging delegation of authority for user-account or computer-account creation. An uninitialized pointer use flaw was found in the Samba daemon (smbd). A malicious Samba client could send specially crafted netlogon packets that, when processed by smbd, could potentially lead to arbitrary code execution with the privileges of the user running smbd (by default, the root user). The updated packages provides a solution for these security issues.

tags | advisory, remote, arbitrary, root, code execution
systems | linux, mandriva
advisories | CVE-2014-8143, CVE-2015-0240
SHA-256 | b6781691dfb29aa5e6e3e339abaa996f02a7b1e269ae9c8c690e09e7e8f9ed2a
Mandriva Linux Security Advisory 2015-081
Posted Mar 30, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-081 - An uninitialized pointer use flaw was found in the Samba daemon (smbd). A malicious Samba client could send specially crafted netlogon packets that, when processed by smbd, could potentially lead to arbitrary code execution with the privileges of the user running smbd (by default, the root user).

tags | advisory, arbitrary, root, code execution
systems | linux, mandriva
advisories | CVE-2015-0240
SHA-256 | fa2365b1ed1e17c66739c446a1c933e66dcd0dca5792983245ef2a8408c4c002
HP Security Bulletin HPSBGN03288 1
Posted Mar 25, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03288 1 - A potential security vulnerability has been identified with HP Server Automation. This vulnerability could be exploited remotely to allow execution of arbitrary code. Revision 1 of this advisory.

tags | advisory, arbitrary
advisories | CVE-2015-0240
SHA-256 | d6a1647519e8e6318998d9bf72dbd53af0d42837ee32a610e3accf6ae3e02c08
Slackware Security Advisory - samba Updates
Posted Mar 9, 2015
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New samba packages are available for Slackware 14.1 and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2015-0240
SHA-256 | 395f5f75150584b529e443ac6c4239929607552fcf310a6961ec6a0cb5f4515e
Gentoo Linux Security Advisory 201502-15
Posted Feb 26, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201502-15 - Multiple vulnerabilities have been found in Samba, the worst of which allowing a context-dependent attacker to bypass intended file restrictions, cause a Denial of Service or execute arbitrary code. Versions less than 3.6.25 are affected.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2012-6150, CVE-2013-4124, CVE-2013-4408, CVE-2013-4475, CVE-2013-4476, CVE-2013-4496, CVE-2014-0178, CVE-2014-0239, CVE-2014-0244, CVE-2014-3493, CVE-2015-0240
SHA-256 | 606c956ce8f163cd743c45062fd6201fce247d72cbe7bc650aed2d2440e1861b
Red Hat Security Advisory 2015-0257-01
Posted Feb 24, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0257-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. An uninitialized pointer use flaw was found in the Samba daemon. A malicious Samba client could send specially crafted netlogon packets that, when processed by smbd, could potentially lead to arbitrary code execution with the privileges of the user running smbd.

tags | advisory, arbitrary, code execution, protocol
systems | linux, redhat
advisories | CVE-2015-0240
SHA-256 | 8d76cd4b796bce158991cd0e1051183c70804b81ce9d0272e76292fb6fc1201a
Ubuntu Security Notice USN-2508-1
Posted Feb 24, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2508-1 - Richard van Eeden discovered that the Samba smbd file services incorrectly handled memory. A remote attacker could use this issue to possibly execute arbitrary code with root privileges.

tags | advisory, remote, arbitrary, root
systems | linux, ubuntu
advisories | CVE-2015-0240
SHA-256 | 8f0eb27d03b4e301f5738acc1808a68c1d0bbee2df8f1929bbc908fecacc20be
Debian Security Advisory 3171-1
Posted Feb 24, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3171-1 - Richard van Eeden of Microsoft Vulnerability Research discovered that Samba, a SMB/CIFS file, print, and login server for Unix, contains a flaw in the netlogon server code which allows remote code execution with root privileges from an unauthenticated connection.

tags | advisory, remote, root, code execution
systems | linux, unix, debian
advisories | CVE-2015-0240
SHA-256 | 3a3f953fda09a742df9d1191a2a8a008bfb65321af16ac862f950df2fe6b22a1
Red Hat Security Advisory 2015-0250-01
Posted Feb 23, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0250-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. An uninitialized pointer use flaw was found in the Samba daemon. A malicious Samba client could send specially crafted netlogon packets that, when processed by smbd, could potentially lead to arbitrary code execution with the privileges of the user running smbd.

tags | advisory, arbitrary, code execution, protocol
systems | linux, redhat
advisories | CVE-2015-0240
SHA-256 | 223f087cb4c18b5e0df4bbb85c9e8c9802320e9a7503f9196e17bcd0c3f87e1a
Red Hat Security Advisory 2015-0254-01
Posted Feb 23, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0254-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. An uninitialized pointer use flaw was found in the Samba daemon. A malicious Samba client could send specially crafted netlogon packets that, when processed by smbd, could potentially lead to arbitrary code execution with the privileges of the user running smbd.

tags | advisory, arbitrary, code execution, protocol
systems | linux, redhat
advisories | CVE-2015-0240
SHA-256 | 396be548967c22bd3cfcf184d1b4b49564094a2ab6b42daf22a9788fe15649e8
Red Hat Security Advisory 2015-0252-01
Posted Feb 23, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0252-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. An uninitialized pointer use flaw was found in the Samba daemon. A malicious Samba client could send specially crafted netlogon packets that, when processed by smbd, could potentially lead to arbitrary code execution with the privileges of the user running smbd.

tags | advisory, arbitrary, code execution, protocol
systems | linux, redhat
advisories | CVE-2015-0240
SHA-256 | 90e5160b394e909032d08c8d71259155a8f664cabf465508cf1381d7bc647339
Red Hat Security Advisory 2015-0251-01
Posted Feb 23, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0251-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. An uninitialized pointer use flaw was found in the Samba daemon. A malicious Samba client could send specially crafted netlogon packets that, when processed by smbd, could potentially lead to arbitrary code execution with the privileges of the user running smbd.

tags | advisory, arbitrary, code execution, protocol
systems | linux, redhat
advisories | CVE-2015-0240
SHA-256 | 3e27df70935a97c29c3bc1050f9042e807f4ffc3f4197c8673145842ae07c09e
Red Hat Security Advisory 2015-0249-01
Posted Feb 23, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0249-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. An uninitialized pointer use flaw was found in the Samba daemon. A malicious Samba client could send specially crafted netlogon packets that, when processed by smbd, could potentially lead to arbitrary code execution with the privileges of the user running smbd.

tags | advisory, arbitrary, code execution, protocol
systems | linux, redhat
advisories | CVE-2015-0240
SHA-256 | 053bc1510a3be04466b10bbd8804b882a6add648db0c66bcfbe4dd30016cdbfe
Red Hat Security Advisory 2015-0252-01
Posted Feb 23, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0252-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. An uninitialized pointer use flaw was found in the Samba daemon. A malicious Samba client could send specially crafted netlogon packets that, when processed by smbd, could potentially lead to arbitrary code execution with the privileges of the user running smbd.

tags | advisory, arbitrary, code execution, protocol
systems | linux, redhat
advisories | CVE-2015-0240
SHA-256 | e44b9c545254680c21421cab45a6331b3e099d99facf78667d0a998df43b7c4a
Red Hat Security Advisory 2015-0256-01
Posted Feb 23, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0256-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. An uninitialized pointer use flaw was found in the Samba daemon. A malicious Samba client could send specially crafted netlogon packets that, when processed by smbd, could potentially lead to arbitrary code execution with the privileges of the user running smbd.

tags | advisory, arbitrary, code execution, protocol
systems | linux, redhat
advisories | CVE-2015-0240
SHA-256 | ec46e600dcabda559a0e3ba2be776e8ee6d00d84b7580e9b7a7b574ae8035edf
Red Hat Security Advisory 2015-0255-01
Posted Feb 23, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0255-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. An uninitialized pointer use flaw was found in the Samba daemon. A malicious Samba client could send specially crafted netlogon packets that, when processed by smbd, could potentially lead to arbitrary code execution with the privileges of the user running smbd.

tags | advisory, arbitrary, code execution, protocol
systems | linux, redhat
advisories | CVE-2015-0240
SHA-256 | d09ca20340cf3e1cfb11f15e9cd087fa31ba7037c053a37f8a76ceebc3b53f29
Page 1 of 1
Back1Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close