mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
243 lines
8.4 KiB
JSON
243 lines
8.4 KiB
JSON
{
|
|
"CVE_data_meta" : {
|
|
"ASSIGNER" : "cve@mitre.org",
|
|
"ID" : "CVE-2015-0240",
|
|
"STATE" : "PUBLIC"
|
|
},
|
|
"affects" : {
|
|
"vendor" : {
|
|
"vendor_data" : [
|
|
{
|
|
"product" : {
|
|
"product_data" : [
|
|
{
|
|
"product_name" : "n/a",
|
|
"version" : {
|
|
"version_data" : [
|
|
{
|
|
"version_value" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format" : "MITRE",
|
|
"data_type" : "CVE",
|
|
"data_version" : "4.0",
|
|
"description" : {
|
|
"description_data" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execute arbitrary code via crafted Netlogon packets that use the ServerPasswordSet RPC API, as demonstrated by packets reaching the _netr_ServerPasswordSet function in rpc_server/netlogon/srv_netlog_nt.c."
|
|
}
|
|
]
|
|
},
|
|
"problemtype" : {
|
|
"problemtype_data" : [
|
|
{
|
|
"description" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references" : {
|
|
"reference_data" : [
|
|
{
|
|
"name" : "36741",
|
|
"refsource" : "EXPLOIT-DB",
|
|
"url" : "https://www.exploit-db.com/exploits/36741/"
|
|
},
|
|
{
|
|
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1191325",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1191325"
|
|
},
|
|
{
|
|
"name" : "https://securityblog.redhat.com/2015/02/23/samba-vulnerability-cve-2015-0240/",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "https://securityblog.redhat.com/2015/02/23/samba-vulnerability-cve-2015-0240/"
|
|
},
|
|
{
|
|
"name" : "https://www.samba.org/samba/security/CVE-2015-0240",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "https://www.samba.org/samba/security/CVE-2015-0240"
|
|
},
|
|
{
|
|
"name" : "https://access.redhat.com/articles/1346913",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "https://access.redhat.com/articles/1346913"
|
|
},
|
|
{
|
|
"name" : "http://advisories.mageia.org/MGASA-2015-0084.html",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://advisories.mageia.org/MGASA-2015-0084.html"
|
|
},
|
|
{
|
|
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
|
|
},
|
|
{
|
|
"name" : "https://support.lenovo.com/product_security/samba_remote_vuln",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "https://support.lenovo.com/product_security/samba_remote_vuln"
|
|
},
|
|
{
|
|
"name" : "https://support.lenovo.com/us/en/product_security/samba_remote_vuln",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "https://support.lenovo.com/us/en/product_security/samba_remote_vuln"
|
|
},
|
|
{
|
|
"name" : "DSA-3171",
|
|
"refsource" : "DEBIAN",
|
|
"url" : "http://www.debian.org/security/2015/dsa-3171"
|
|
},
|
|
{
|
|
"name" : "GLSA-201502-15",
|
|
"refsource" : "GENTOO",
|
|
"url" : "http://security.gentoo.org/glsa/glsa-201502-15.xml"
|
|
},
|
|
{
|
|
"name" : "HPSBGN03288",
|
|
"refsource" : "HP",
|
|
"url" : "http://marc.info/?l=bugtraq&m=142722696102151&w=2"
|
|
},
|
|
{
|
|
"name" : "SSRT101979",
|
|
"refsource" : "HP",
|
|
"url" : "http://marc.info/?l=bugtraq&m=142722696102151&w=2"
|
|
},
|
|
{
|
|
"name" : "HPSBUX03320",
|
|
"refsource" : "HP",
|
|
"url" : "http://marc.info/?l=bugtraq&m=143039217203031&w=2"
|
|
},
|
|
{
|
|
"name" : "SSRT101952",
|
|
"refsource" : "HP",
|
|
"url" : "http://marc.info/?l=bugtraq&m=143039217203031&w=2"
|
|
},
|
|
{
|
|
"name" : "MDVSA-2015:081",
|
|
"refsource" : "MANDRIVA",
|
|
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:081"
|
|
},
|
|
{
|
|
"name" : "MDVSA-2015:082",
|
|
"refsource" : "MANDRIVA",
|
|
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:082"
|
|
},
|
|
{
|
|
"name" : "RHSA-2015:0249",
|
|
"refsource" : "REDHAT",
|
|
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0249.html"
|
|
},
|
|
{
|
|
"name" : "RHSA-2015:0250",
|
|
"refsource" : "REDHAT",
|
|
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0250.html"
|
|
},
|
|
{
|
|
"name" : "RHSA-2015:0251",
|
|
"refsource" : "REDHAT",
|
|
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0251.html"
|
|
},
|
|
{
|
|
"name" : "RHSA-2015:0252",
|
|
"refsource" : "REDHAT",
|
|
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0252.html"
|
|
},
|
|
{
|
|
"name" : "RHSA-2015:0253",
|
|
"refsource" : "REDHAT",
|
|
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0253.html"
|
|
},
|
|
{
|
|
"name" : "RHSA-2015:0254",
|
|
"refsource" : "REDHAT",
|
|
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0254.html"
|
|
},
|
|
{
|
|
"name" : "RHSA-2015:0255",
|
|
"refsource" : "REDHAT",
|
|
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0255.html"
|
|
},
|
|
{
|
|
"name" : "RHSA-2015:0256",
|
|
"refsource" : "REDHAT",
|
|
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0256.html"
|
|
},
|
|
{
|
|
"name" : "RHSA-2015:0257",
|
|
"refsource" : "REDHAT",
|
|
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0257.html"
|
|
},
|
|
{
|
|
"name" : "SSA:2015-064-01",
|
|
"refsource" : "SLACKWARE",
|
|
"url" : "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.360345"
|
|
},
|
|
{
|
|
"name" : "SUSE-SU-2015:0353",
|
|
"refsource" : "SUSE",
|
|
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00028.html"
|
|
},
|
|
{
|
|
"name" : "SUSE-SU-2015:0371",
|
|
"refsource" : "SUSE",
|
|
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00030.html"
|
|
},
|
|
{
|
|
"name" : "SUSE-SU-2015:0386",
|
|
"refsource" : "SUSE",
|
|
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00035.html"
|
|
},
|
|
{
|
|
"name" : "openSUSE-SU-2015:0375",
|
|
"refsource" : "SUSE",
|
|
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00031.html"
|
|
},
|
|
{
|
|
"name" : "openSUSE-SU-2016:1064",
|
|
"refsource" : "SUSE",
|
|
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html"
|
|
},
|
|
{
|
|
"name" : "openSUSE-SU-2016:1106",
|
|
"refsource" : "SUSE",
|
|
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.html"
|
|
},
|
|
{
|
|
"name" : "openSUSE-SU-2016:1107",
|
|
"refsource" : "SUSE",
|
|
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.html"
|
|
},
|
|
{
|
|
"name" : "USN-2508-1",
|
|
"refsource" : "UBUNTU",
|
|
"url" : "http://www.ubuntu.com/usn/USN-2508-1"
|
|
},
|
|
{
|
|
"name" : "72711",
|
|
"refsource" : "BID",
|
|
"url" : "http://www.securityfocus.com/bid/72711"
|
|
},
|
|
{
|
|
"name" : "1031783",
|
|
"refsource" : "SECTRACK",
|
|
"url" : "http://www.securitytracker.com/id/1031783"
|
|
}
|
|
]
|
|
}
|
|
}
|