CVE - CVE-2015-0240

CVE-ID
CVE-2015-0240	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execute arbitrary code via crafted Netlogon packets that use the ServerPasswordSet RPC API, as demonstrated by packets reaching the _netr_ServerPasswordSet function in rpc_server/netlogon/srv_netlog_nt.c.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:1031783 URL:http://www.securitytracker.com/id/1031783 MISC:36741 URL:https://www.exploit-db.com/exploits/36741/ MISC:72711 URL:http://www.securityfocus.com/bid/72711 MISC:DSA-3171 URL:http://www.debian.org/security/2015/dsa-3171 MISC:GLSA-201502-15 URL:http://security.gentoo.org/glsa/glsa-201502-15.xml MISC:HPSBGN03288 URL:http://marc.info/?l=bugtraq&m=142722696102151&w=2 MISC:HPSBUX03320 URL:http://marc.info/?l=bugtraq&m=143039217203031&w=2 MISC:MDVSA-2015:081 URL:~~http://www.mandriva.com/security/advisories?name=MDVSA-2015:081~~ (Obsolete source) MISC:MDVSA-2015:082 URL:~~http://www.mandriva.com/security/advisories?name=MDVSA-2015:082~~ (Obsolete source) MISC:RHSA-2015:0249 URL:http://rhn.redhat.com/errata/RHSA-2015-0249.html MISC:RHSA-2015:0250 URL:http://rhn.redhat.com/errata/RHSA-2015-0250.html MISC:RHSA-2015:0251 URL:http://rhn.redhat.com/errata/RHSA-2015-0251.html MISC:RHSA-2015:0252 URL:http://rhn.redhat.com/errata/RHSA-2015-0252.html MISC:RHSA-2015:0253 URL:http://rhn.redhat.com/errata/RHSA-2015-0253.html MISC:RHSA-2015:0254 URL:http://rhn.redhat.com/errata/RHSA-2015-0254.html MISC:RHSA-2015:0255 URL:http://rhn.redhat.com/errata/RHSA-2015-0255.html MISC:RHSA-2015:0256 URL:http://rhn.redhat.com/errata/RHSA-2015-0256.html MISC:RHSA-2015:0257 URL:http://rhn.redhat.com/errata/RHSA-2015-0257.html MISC:SSA:2015-064-01 URL:http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.360345 MISC:SSRT101952 URL:http://marc.info/?l=bugtraq&m=143039217203031&w=2 MISC:SSRT101979 URL:http://marc.info/?l=bugtraq&m=142722696102151&w=2 MISC:SUSE-SU-2015:0353 URL:http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00028.html MISC:SUSE-SU-2015:0371 URL:http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00030.html MISC:SUSE-SU-2015:0386 URL:http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00035.html MISC:USN-2508-1 URL:http://www.ubuntu.com/usn/USN-2508-1 MISC:http://advisories.mageia.org/MGASA-2015-0084.html URL:http://advisories.mageia.org/MGASA-2015-0084.html MISC:http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html URL:http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html MISC:https://access.redhat.com/articles/1346913 URL:https://access.redhat.com/articles/1346913 MISC:https://bugzilla.redhat.com/show_bug.cgi?id=1191325 URL:https://bugzilla.redhat.com/show_bug.cgi?id=1191325 MISC:https://securityblog.redhat.com/2015/02/23/samba-vulnerability-cve-2015-0240/ URL:https://securityblog.redhat.com/2015/02/23/samba-vulnerability-cve-2015-0240/ MISC:https://support.lenovo.com/product_security/samba_remote_vuln URL:https://support.lenovo.com/product_security/samba_remote_vuln MISC:https://support.lenovo.com/us/en/product_security/samba_remote_vuln URL:https://support.lenovo.com/us/en/product_security/samba_remote_vuln MISC:https://www.samba.org/samba/security/CVE-2015-0240 URL:https://www.samba.org/samba/security/CVE-2015-0240 MISC:openSUSE-SU-2015:0375 URL:http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00031.html MISC:openSUSE-SU-2016:1064 URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html MISC:openSUSE-SU-2016:1106 URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.html MISC:openSUSE-SU-2016:1107 URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.html
Assigning CNA
Red Hat, Inc.
Date Record Created
20141118	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20141118)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)