Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2015-0240
Description:The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execute arbitrary code via crafted Netlogon packets that use the ServerPasswordSet RPC API, as demonstrated by packets reaching the _netr_ServerPasswordSet function in rpc_server/netlogon/srv_netlog_nt.c.
Test IDs: 1.3.6.1.4.1.25623.1.0.871319   1.3.6.1.4.1.25623.1.0.882119   1.3.6.1.4.1.25623.1.0.842101   1.3.6.1.4.1.25623.1.0.871318   1.3.6.1.4.1.25623.1.0.871316   1.3.6.1.4.1.25623.1.0.882120   1.3.6.1.4.1.25623.1.0.703171   1.3.6.1.4.1.25623.1.0.869042   1.3.6.1.4.1.25623.1.0.882123   1.3.6.1.4.1.25623.1.0.871315   1.3.6.1.4.1.25623.1.0.882121   1.3.6.1.4.1.25623.1.0.105231   1.3.6.1.4.1.25623.1.0.123183   1.3.6.1.4.1.25623.1.0.123182   1.3.6.1.4.1.25623.1.0.123184   1.3.6.1.4.1.25623.1.0.123181   1.3.6.1.4.1.25623.1.0.850777   1.3.6.1.4.1.25623.1.0.851034   1.3.6.1.4.1.25623.1.0.850934   1.3.6.1.4.1.25623.1.1.4.2015.0353.1   1.3.6.1.4.1.25623.1.1.4.2015.0386.1   1.3.6.1.4.1.25623.1.1.4.2015.0371.1  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2015-0240
BugTraq ID: 72711
http://www.securityfocus.com/bid/72711
Debian Security Information: DSA-3171 (Google Search)
http://www.debian.org/security/2015/dsa-3171
https://www.exploit-db.com/exploits/36741/
http://security.gentoo.org/glsa/glsa-201502-15.xml
HPdes Security Advisory: HPSBGN03288
http://marc.info/?l=bugtraq&m=142722696102151&w=2
HPdes Security Advisory: HPSBUX03320
http://marc.info/?l=bugtraq&m=143039217203031&w=2
HPdes Security Advisory: SSRT101952
http://marc.info/?l=bugtraq&m=143039217203031&w=2
HPdes Security Advisory: SSRT101979
http://marc.info/?l=bugtraq&m=142722696102151&w=2
http://www.mandriva.com/security/advisories?name=MDVSA-2015:081
http://www.mandriva.com/security/advisories?name=MDVSA-2015:082
RedHat Security Advisories: RHSA-2015:0249
http://rhn.redhat.com/errata/RHSA-2015-0249.html
RedHat Security Advisories: RHSA-2015:0250
http://rhn.redhat.com/errata/RHSA-2015-0250.html
RedHat Security Advisories: RHSA-2015:0251
http://rhn.redhat.com/errata/RHSA-2015-0251.html
RedHat Security Advisories: RHSA-2015:0252
http://rhn.redhat.com/errata/RHSA-2015-0252.html
RedHat Security Advisories: RHSA-2015:0253
http://rhn.redhat.com/errata/RHSA-2015-0253.html
RedHat Security Advisories: RHSA-2015:0254
http://rhn.redhat.com/errata/RHSA-2015-0254.html
RedHat Security Advisories: RHSA-2015:0255
http://rhn.redhat.com/errata/RHSA-2015-0255.html
RedHat Security Advisories: RHSA-2015:0256
http://rhn.redhat.com/errata/RHSA-2015-0256.html
RedHat Security Advisories: RHSA-2015:0257
http://rhn.redhat.com/errata/RHSA-2015-0257.html
http://www.securitytracker.com/id/1031783
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.360345
SuSE Security Announcement: SUSE-SU-2015:0353 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00028.html
SuSE Security Announcement: SUSE-SU-2015:0371 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00030.html
SuSE Security Announcement: SUSE-SU-2015:0386 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00035.html
SuSE Security Announcement: openSUSE-SU-2015:0375 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00031.html
SuSE Security Announcement: openSUSE-SU-2016:1064 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html
SuSE Security Announcement: openSUSE-SU-2016:1106 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.html
SuSE Security Announcement: openSUSE-SU-2016:1107 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.html
http://www.ubuntu.com/usn/USN-2508-1




© 1998-2021 E-Soft Inc. All rights reserved.