admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2015/0xxx/CVE-2015-0240.json

426 lines
19 KiB
JSON
Raw Normal View History

- Populated repo from CVE List.
2017-10-16 12:31:07 -04:00
{
"-Synchronized-Data."
2023-02-02 20:01:59 +00:00
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
"CVE_data_meta": {
"ID": "CVE-2015-0240",
"-Synchronized-Data."
2023-02-02 20:01:59 +00:00
"ASSIGNER": "secalert@redhat.com",
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
"STATE": "PUBLIC"
},
"-Synchronized-Data."
2023-02-02 20:01:59 +00:00
"description": {
"description_data": [
{
"lang": "eng",
"value": "An uninitialized pointer use flaw was found in the Samba daemon (smbd). A malicious Samba client could send specially crafted netlogon packets that, when processed by smbd, could potentially lead to arbitrary code execution with the privileges of the user running smbd (by default, the root user)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"cweId": "CWE-119"
}
]
}
]
},
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
"affects": {
"vendor": {
"vendor_data": [
{
"-Synchronized-Data."
2023-02-02 20:01:59 +00:00
"vendor_name": "Red Hat",
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
"product": {
"product_data": [
{
"-Synchronized-Data."
2023-02-02 20:01:59 +00:00
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:3.6.23-9.el5_11",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5.6 Long Life",
"version": {
"version_data": [
{
"version_value": "0:3.5.4-0.70.el5_6.4",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5.9 Extended Update Support",
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
"version": {
"version_data": [
{
"-Synchronized-Data."
2023-02-02 20:01:59 +00:00
"version_value": "0:3.6.6-0.131.el5_9",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:4.0.0-66.el6_6.rc4",
"version_affected": "!"
},
{
"version_value": "0:3.6.23-14.el6_6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6.2 Advanced Update Support",
"version": {
"version_data": [
{
"version_value": "0:3.5.10-119.el6_2",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6.4 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "0:3.6.9-151.el6_4.3",
"version_affected": "!"
},
{
"version_value": "0:4.0.0-57.el6_4.rc4",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6.5 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "0:3.6.9-171.el6_5",
"version_affected": "!"
},
{
"version_value": "0:4.0.0-65.el6_5.rc4",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:4.1.1-38.el7_0",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Storage 2.1",
"version": {
"version_data": [
{
"version_value": "0:3.6.9-167.10.3.el6rhs",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Storage 3 for RHEL 6",
"version": {
"version_data": [
{
"version_value": "0:3.6.509-169.6.el6rhs",
"version_affected": "!"
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
}
]
}
}
]
"-Synchronized-Data."
2023-02-02 20:01:59 +00:00
}
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
}
- Populated repo from CVE List.
2017-10-16 12:31:07 -04:00
]
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
}
},
"references": {
"reference_data": [
{
"-Synchronized-Data."
2023-02-02 20:01:59 +00:00
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html",
"refsource": "MISC",
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.html"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.html"
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
},
{
"-Synchronized-Data."
2023-02-02 20:01:59 +00:00
"url": "http://security.gentoo.org/glsa/glsa-201502-15.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-201502-15.xml"
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
},
{
"-Synchronized-Data."
2023-02-02 20:01:59 +00:00
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:082",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:082"
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
},
{
"-Synchronized-Data."
2023-02-02 20:01:59 +00:00
"url": "http://advisories.mageia.org/MGASA-2015-0084.html",
"refsource": "MISC",
"name": "http://advisories.mageia.org/MGASA-2015-0084.html"
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
},
{
"-Synchronized-Data."
2023-02-02 20:01:59 +00:00
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00028.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00028.html"
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
},
{
"-Synchronized-Data."
2023-02-02 20:01:59 +00:00
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00030.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00030.html"
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
},
{
"-Synchronized-Data."
2023-02-02 20:01:59 +00:00
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00031.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00031.html"
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
},
{
"-Synchronized-Data."
2023-02-02 20:01:59 +00:00
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00035.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00035.html"
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
},
{
"-Synchronized-Data."
2023-02-02 20:01:59 +00:00
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html"
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
},
{
"-Synchronized-Data."
2023-02-02 20:01:59 +00:00
"url": "http://marc.info/?l=bugtraq&m=142722696102151&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=bugtraq&m=142722696102151&w=2"
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
},
{
"-Synchronized-Data."
2023-02-02 20:01:59 +00:00
"url": "http://marc.info/?l=bugtraq&m=143039217203031&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=bugtraq&m=143039217203031&w=2"
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
},
{
"-Synchronized-Data."
2023-02-02 20:01:59 +00:00
"url": "http://rhn.redhat.com/errata/RHSA-2015-0249.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-0249.html"
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
},
{
"-Synchronized-Data."
2023-02-02 20:01:59 +00:00
"url": "http://rhn.redhat.com/errata/RHSA-2015-0250.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-0250.html"
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
},
{
"-Synchronized-Data."
2023-02-02 20:01:59 +00:00
"url": "http://rhn.redhat.com/errata/RHSA-2015-0251.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-0251.html"
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
},
{
"-Synchronized-Data."
2023-02-02 20:01:59 +00:00
"url": "http://rhn.redhat.com/errata/RHSA-2015-0252.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-0252.html"
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
},
{
"-Synchronized-Data."
2023-02-02 20:01:59 +00:00
"url": "http://rhn.redhat.com/errata/RHSA-2015-0253.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-0253.html"
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
},
{
"-Synchronized-Data."
2023-02-02 20:01:59 +00:00
"url": "http://rhn.redhat.com/errata/RHSA-2015-0254.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-0254.html"
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
},
{
"-Synchronized-Data."
2023-02-02 20:01:59 +00:00
"url": "http://rhn.redhat.com/errata/RHSA-2015-0255.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-0255.html"
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
},
{
"-Synchronized-Data."
2023-02-02 20:01:59 +00:00
"url": "http://rhn.redhat.com/errata/RHSA-2015-0256.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-0256.html"
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
},
{
"-Synchronized-Data."
2023-02-02 20:01:59 +00:00
"url": "http://rhn.redhat.com/errata/RHSA-2015-0257.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-0257.html"
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
},
{
"-Synchronized-Data."
2023-02-02 20:01:59 +00:00
"url": "http://www.debian.org/security/2015/dsa-3171",
"refsource": "MISC",
"name": "http://www.debian.org/security/2015/dsa-3171"
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
},
{
"-Synchronized-Data."
2023-02-02 20:01:59 +00:00
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:081",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:081"
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
},
{
"-Synchronized-Data."
2023-02-02 20:01:59 +00:00
"url": "http://www.securityfocus.com/bid/72711",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/72711"
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
},
{
"-Synchronized-Data."
2023-02-02 20:01:59 +00:00
"url": "http://www.securitytracker.com/id/1031783",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1031783"
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
},
{
"-Synchronized-Data."
2023-02-02 20:01:59 +00:00
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.360345",
"refsource": "MISC",
"name": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.360345"
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
},
{
"-Synchronized-Data."
2023-02-02 20:01:59 +00:00
"url": "http://www.ubuntu.com/usn/USN-2508-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2508-1"
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
},
{
"-Synchronized-Data."
2023-02-02 20:01:59 +00:00
"url": "https://access.redhat.com/articles/1346913",
"refsource": "MISC",
"name": "https://access.redhat.com/articles/1346913"
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
},
{
"-Synchronized-Data."
2023-02-02 20:01:59 +00:00
"url": "https://access.redhat.com/errata/RHSA-2015:0249",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:0249"
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
},
{
"-Synchronized-Data."
2023-02-02 20:01:59 +00:00
"url": "https://access.redhat.com/errata/RHSA-2015:0250",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:0250"
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
},
{
"-Synchronized-Data."
2023-02-02 20:01:59 +00:00
"url": "https://access.redhat.com/errata/RHSA-2015:0251",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:0251"
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
},
{
"-Synchronized-Data."
2023-02-02 20:01:59 +00:00
"url": "https://access.redhat.com/errata/RHSA-2015:0252",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:0252"
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
},
{
"-Synchronized-Data."
2023-02-02 20:01:59 +00:00
"url": "https://access.redhat.com/errata/RHSA-2015:0253",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:0253"
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
},
{
"-Synchronized-Data."
2023-02-02 20:01:59 +00:00
"url": "https://access.redhat.com/errata/RHSA-2015:0254",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:0254"
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
},
{
"-Synchronized-Data."
2023-02-02 20:01:59 +00:00
"url": "https://access.redhat.com/errata/RHSA-2015:0255",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:0255"
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
},
{
"-Synchronized-Data."
2023-02-02 20:01:59 +00:00
"url": "https://access.redhat.com/errata/RHSA-2015:0256",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:0256"
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
},
{
"-Synchronized-Data."
2023-02-02 20:01:59 +00:00
"url": "https://access.redhat.com/errata/RHSA-2015:0257",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:0257"
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
},
{
"-Synchronized-Data."
2023-02-02 20:01:59 +00:00
"url": "https://access.redhat.com/security/cve/CVE-2015-0240",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-0240"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1191325",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1191325"
},
{
"url": "https://securityblog.redhat.com/2015/02/23/samba-vulnerability-cve-2015-0240/",
"refsource": "MISC",
"name": "https://securityblog.redhat.com/2015/02/23/samba-vulnerability-cve-2015-0240/"
},
{
"url": "https://support.lenovo.com/product_security/samba_remote_vuln",
"refsource": "MISC",
"name": "https://support.lenovo.com/product_security/samba_remote_vuln"
},
{
"url": "https://support.lenovo.com/us/en/product_security/samba_remote_vuln",
"refsource": "MISC",
"name": "https://support.lenovo.com/us/en/product_security/samba_remote_vuln"
},
{
"url": "https://www.exploit-db.com/exploits/36741/",
"refsource": "MISC",
"name": "https://www.exploit-db.com/exploits/36741/"
},
{
"url": "https://www.samba.org/samba/security/CVE-2015-0240",
"refsource": "MISC",
"name": "https://www.samba.org/samba/security/CVE-2015-0240"
}
]
},
"work_around": [
{
"lang": "en",
"value": "On Samba versions 4.0.0 and above, add the line:\n\nrpc_server:netlogon=disabled\n\nto the [global] section of your smb.conf. For Samba versions 3.6.x and\nearlier, this workaround is not available."
}
],
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.9,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
"-Synchronized-Data."
2019-03-18 05:53:14 +00:00
}
]
}
}
Reference in New Issue Copy Permalink