mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 01:02:25 +00:00
425 lines
15 KiB
JSON
425 lines
15 KiB
JSON
{
|
|
"id": "CVE-2014-0244",
|
|
"sourceIdentifier": "secalert@redhat.com",
|
|
"published": "2014-06-23T14:55:05.277",
|
|
"lastModified": "2018-10-09T19:41:59.263",
|
|
"vulnStatus": "Modified",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "The sys_recvfrom function in nmbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed UDP packet."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "La funci\u00f3n sys_recvfrom en nmbd en Samba 3.6.x anterior a 3.6.24, 4.0.x anterior a 4.0.19 y 4.1.x anterior a 4.1.9 permite a atacantes remotos causar una denegaci\u00f3n de servicio (bucle infinito y consumo de CPU) a trav\u00e9s de un paquete UDP malformado."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
|
|
"accessVector": "ADJACENT_NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "PARTIAL",
|
|
"baseScore": 3.3
|
|
},
|
|
"baseSeverity": "LOW",
|
|
"exploitabilityScore": 6.5,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-20"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:4.1.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6CB9C10B-284E-48CD-A524-1A6BF828AED9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:4.1.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F70DD815-1DAA-4025-8C97-32C7D06D8AB0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:4.1.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8A37DA6E-6EB7-429B-ACE0-2B1220BD62C0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:4.1.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3CA25E8C-9EFA-4A01-A2F0-CD63A39EDD08"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:4.1.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "41C33F47-0F28-4AE2-A895-82B5E0F4496D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:4.1.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F6EEFF35-E903-4651-A4B4-D92FF26A7509"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:4.1.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B44BD172-80FA-4260-BAFB-251A95E8C7B4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:4.1.7:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F09116D2-F168-4305-9A1D-88A1D42739A0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:4.1.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "558E0B71-F79E-47B5-90CC-9C165BB15507"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:4.0.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0DEEFFF7-DF7C-4641-81A9-1CD64DC29DEC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:4.0.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2855B3F6-49B6-4D25-BEAC-4D1797D1E100"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:4.0.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6C1F1993-70A2-4104-85AF-3BECB330AB24"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:4.0.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E955458C-8F5C-4D55-9F78-9E1CB4416F10"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:4.0.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "866FF7AC-19EA-49E7-B423-9FF57839B580"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:4.0.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2A1A64C7-B039-4724-B06C-EAC898EB3B73"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:4.0.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C572E25A-4B44-426D-B637-292A08766D7F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:4.0.7:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6D96D806-ED52-4010-9F5F-F84E33C245D2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:4.0.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "643FC7D2-FC39-43FA-99E6-805553FE1DCB"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:4.0.9:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E2B95519-0C9D-473C-912D-E350106DC4CD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:4.0.10:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "DC603E1A-7882-45F0-9E8D-157F191C0FD3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:4.0.11:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E4F9321C-B442-4081-8E4A-62BAD95239A1"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:4.0.12:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "012A397B-004D-489C-B06D-C0D67E26B1CE"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:4.0.13:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "392E0C61-7718-4DBC-8F02-6F3C2CBE1783"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:4.0.14:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D893CD1C-31D7-4F7F-BD0B-BEF75DCB2DAA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:4.0.15:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "324AE9D7-C41F-493E-A1AD-FCD869D29D51"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:4.0.16:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "68519B1F-F315-4BBD-A4A3-4E1956D81E85"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:4.0.17:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "EF745E93-A92E-4AD7-8D42-36E9387C6915"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:4.0.18:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "30E4B760-417E-45D1-9CE1-AEBC8936BDA6"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:3.6.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "66999F57-FF99-419F-BB12-35DC79FCE945"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:3.6.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5BD1356E-3B43-4C5B-9969-902440918EE9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:3.6.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7A7F3209-B376-490B-A761-2CCB6CEE209A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:3.6.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "406C2297-B58D-4623-9E7A-2C438ABBAC93"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:3.6.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B6AF0DD4-08D4-4726-8A12-E979FF3322B0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:3.6.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F98DE75F-84AD-42EE-B9DA-8AFF22D2BF3C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:3.6.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E3DAE05B-9086-4702-9586-77B34399E1EC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:3.6.7:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "DA544013-8FAC-4452-9D38-081C514E2981"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:3.6.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "21DE15C9-3308-4DE0-8048-9B06AF4D7343"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:3.6.9:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "62CB4968-F331-4653-8B9F-75BA4BB7A6D7"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:3.6.10:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3470D075-CCF2-42A1-A8C9-E375FC05FF47"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:3.6.11:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "EDA72F88-6799-4E6C-B73C-C92616B04661"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:3.6.12:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "EF17CB71-6E46-4A1E-9EAB-7D2E182D56C0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:3.6.13:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7E7FA486-73CE-4226-86C6-DA8383C5578F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:3.6.14:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B17D2B72-19E2-4DE6-B1E3-F1823E2690BE"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:3.6.15:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "FAC6922A-03CD-484A-BF40-F8F937428062"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:3.6.16:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8470C251-2874-4047-A759-F8D5C6D5C755"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:3.6.17:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "332308A1-4BA4-4BC7-8B4B-7463CF98B664"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:3.6.18:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "DE7DEA84-27E5-4CF0-AC2A-B128BB5AE199"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:3.6.19:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "455B73D1-E8F1-478C-8CEB-79E4B5F33A78"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:3.6.20:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1AC49023-CAD6-4875-BF94-EEC290E8A5A4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:3.6.21:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C42BFAF8-5822-4782-B60D-BCB131834419"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:3.6.22:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "BB1FD9EF-A863-48C6-8471-AB1D80B3C1E2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:samba:samba:3.6.23:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C4B8A690-81D0-40C4-9301-CF1992C2DA0E"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://advisories.mageia.org/MGASA-2014-0279.html",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://linux.oracle.com/errata/ELSA-2014-0866.html",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136864.html",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134717.html",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://rhn.redhat.com/errata/RHSA-2014-0866.html",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/59407",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/59433",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/61218",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://security.gentoo.org/glsa/glsa-201502-15.xml",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:136",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:082",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.samba.org/samba/security/CVE-2014-0244",
|
|
"source": "secalert@redhat.com",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/archive/1/532757/100/0/threaded",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/68148",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.securitytracker.com/id/1030455",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_samba1",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1097815",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05115993",
|
|
"source": "secalert@redhat.com"
|
|
}
|
|
]
|
|
} |