Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.105231
Category:General
Title:Samba 'TALLOC_FREE()' Function Remote Code Execution Vulnerability
Summary:Samba 'TALLOC_FREE()' Function Remote Code Execution Vulnerability
Description:Summary:
Samba 'TALLOC_FREE()' Function Remote Code Execution Vulnerability

Vulnerability Insight:
The Netlogon server implementation in smbd performs a free operation on an
uninitialized stack pointer, which allows remote attackers to execute arbitrary code via crafted Netlogon packets
that use the ServerPasswordSet RPC API, as demonstrated by packets reaching the _netr_ServerPasswordSet function
in rpc_server/netlogon/srv_netlog_nt.c.

Vulnerability Impact:
An attacker can exploit this issue to execute arbitrary code with root
privileges. Failed exploit attempts will cause a denial-of-service condition

Affected Software/OS:
Samba 3.5.x and 3.6.x before 3.6.25,
4.0.x before 4.0.25,
4.1.x before 4.1.17,
and 4.2.x before 4.2.0rc5

Solution:
Updates are available. Please see the references or vendor advisory for more information.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: BugTraq ID: 72711
Common Vulnerability Exposure (CVE) ID: CVE-2015-0240
http://www.securityfocus.com/bid/72711
Debian Security Information: DSA-3171 (Google Search)
http://www.debian.org/security/2015/dsa-3171
https://www.exploit-db.com/exploits/36741/
http://security.gentoo.org/glsa/glsa-201502-15.xml
HPdes Security Advisory: HPSBGN03288
http://marc.info/?l=bugtraq&m=142722696102151&w=2
HPdes Security Advisory: HPSBUX03320
http://marc.info/?l=bugtraq&m=143039217203031&w=2
HPdes Security Advisory: SSRT101952
HPdes Security Advisory: SSRT101979
http://www.mandriva.com/security/advisories?name=MDVSA-2015:081
http://www.mandriva.com/security/advisories?name=MDVSA-2015:082
RedHat Security Advisories: RHSA-2015:0249
http://rhn.redhat.com/errata/RHSA-2015-0249.html
RedHat Security Advisories: RHSA-2015:0250
http://rhn.redhat.com/errata/RHSA-2015-0250.html
RedHat Security Advisories: RHSA-2015:0251
http://rhn.redhat.com/errata/RHSA-2015-0251.html
RedHat Security Advisories: RHSA-2015:0252
http://rhn.redhat.com/errata/RHSA-2015-0252.html
RedHat Security Advisories: RHSA-2015:0253
http://rhn.redhat.com/errata/RHSA-2015-0253.html
RedHat Security Advisories: RHSA-2015:0254
http://rhn.redhat.com/errata/RHSA-2015-0254.html
RedHat Security Advisories: RHSA-2015:0255
http://rhn.redhat.com/errata/RHSA-2015-0255.html
RedHat Security Advisories: RHSA-2015:0256
http://rhn.redhat.com/errata/RHSA-2015-0256.html
RedHat Security Advisories: RHSA-2015:0257
http://rhn.redhat.com/errata/RHSA-2015-0257.html
http://www.securitytracker.com/id/1031783
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.360345
SuSE Security Announcement: SUSE-SU-2015:0353 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00028.html
SuSE Security Announcement: SUSE-SU-2015:0371 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00030.html
SuSE Security Announcement: SUSE-SU-2015:0386 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00035.html
SuSE Security Announcement: openSUSE-SU-2015:0375 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00031.html
SuSE Security Announcement: openSUSE-SU-2016:1064 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html
SuSE Security Announcement: openSUSE-SU-2016:1106 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.html
SuSE Security Announcement: openSUSE-SU-2016:1107 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.html
http://www.ubuntu.com/usn/USN-2508-1
CopyrightThis script is Copyright (C) 2015 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2022 E-Soft Inc. All rights reserved.