CVE-2015-0240

Severity

Theme

CVE-2015-0240

high

New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execute arbitrary code via crafted Netlogon packets that use the ServerPasswordSet RPC API, as demonstrated by packets reaching the _netr_ServerPasswordSet function in rpc_server/netlogon/srv_netlog_nt.c.

ID	Name	Product	Family	Severity
146265	RHEL 6 : Storage Server (RHSA-2015:0257)	Nessus	Red Hat Local Security Checks	critical
90609	openSUSE Security Update : samba (openSUSE-2016-490) (Badlock)	Nessus	SuSE Local Security Checks	high
90558	openSUSE Security Update : samba (openSUSE-2016-462) (Badlock)	Nessus	SuSE Local Security Checks	high
83687	SUSE SLED12 / SLES12 Security Update : samba (SUSE-SU-2015:0353-1)	Nessus	SuSE Local Security Checks	critical
8753	Samba 3.5.x / 3.6.x < 3.6.25 / 4.0.x < 4.0.25 / 4.1.x < 4.1.17 / 4.2.x < 4.2rc5 TALLOC_FREE() RCE	Nessus Network Monitor	Samba	critical
82336	Mandriva Linux Security Advisory : samba4 (MDVSA-2015:083)	Nessus	Mandriva Local Security Checks	critical
82335	Mandriva Linux Security Advisory : samba (MDVSA-2015:082)	Nessus	Mandriva Local Security Checks	critical
82334	Mandriva Linux Security Advisory : samba (MDVSA-2015:081)	Nessus	Mandriva Local Security Checks	critical
82139	Debian DLA-156-1 : samba security update	Nessus	Debian Local Security Checks	critical
81653	Slackware 14.1 / current : samba (SSA:2015-064-01)	Nessus	Slackware Local Security Checks	critical
81561	openSUSE Security Update : samba (openSUSE-2015-179)	Nessus	SuSE Local Security Checks	critical
81536	GLSA-201502-15 : Samba: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	critical
81508	SuSE 11.3 Security Update : Samba (SAT Patch Number 10321)	Nessus	SuSE Local Security Checks	critical
81485	Samba 3.5.x < 3.5.22 / 3.6.x < 3.6.25 / 4.0.x < 4.0.25 / 4.1.x < 4.1.17 TALLOC_FREE() RCE	Nessus	Misc.	critical
81483	Ubuntu 12.04 LTS / 14.04 LTS / 14.10 : samba vulnerability (USN-2508-1)	Nessus	Ubuntu Local Security Checks	critical
81479	Scientific Linux Security Update : samba on SL7.x x86_64 (20150223)	Nessus	Scientific Linux Local Security Checks	critical
81478	Scientific Linux Security Update : samba on SL6.x, SL7.x i386/x86_64 (20150223)	Nessus	Scientific Linux Local Security Checks	critical
81477	Scientific Linux Security Update : samba on SL5.x i386 (20150223)	Nessus	Scientific Linux Local Security Checks	critical
81476	Scientific Linux Security Update : samba4 on SL6.x i386/x86_64 (20150223)	Nessus	Scientific Linux Local Security Checks	critical
81475	RHEL 6 : Storage Server (RHSA-2015:0256)	Nessus	Red Hat Local Security Checks	critical
81474	RHEL 6 : samba4 (RHSA-2015:0255)	Nessus	Red Hat Local Security Checks	critical
81473	RHEL 6 : samba (RHSA-2015:0254)	Nessus	Red Hat Local Security Checks	critical
81472	RHEL 5 : samba3x (RHSA-2015:0253)	Nessus	Red Hat Local Security Checks	critical
81471	RHEL 7 : samba (RHSA-2015:0252)	Nessus	Red Hat Local Security Checks	critical
81470	RHEL 6 : samba (RHSA-2015:0251)	Nessus	Red Hat Local Security Checks	critical
81469	RHEL 6 : samba4 (RHSA-2015:0250)	Nessus	Red Hat Local Security Checks	critical
81468	RHEL 5 : samba3x (RHSA-2015:0249)	Nessus	Red Hat Local Security Checks	critical
81467	Oracle Linux 7 : samba (ELSA-2015-0252)	Nessus	Oracle Linux Local Security Checks	critical
81466	Oracle Linux 6 : samba (ELSA-2015-0251)	Nessus	Oracle Linux Local Security Checks	critical
81465	Oracle Linux 6 : samba4 (ELSA-2015-0250)	Nessus	Oracle Linux Local Security Checks	critical
81464	Oracle Linux 5 : samba3x (ELSA-2015-0249)	Nessus	Oracle Linux Local Security Checks	critical
81463	FreeBSD : samba -- Unexpected code execution in smbd (996c219c-bbb1-11e4-88ae-d050992ecde8)	Nessus	FreeBSD Local Security Checks	critical
81450	Debian DSA-3171-1 : samba - security update	Nessus	Debian Local Security Checks	critical
81443	CentOS 7 : samba (CESA-2015:0252)	Nessus	CentOS Local Security Checks	critical
81442	CentOS 6 : samba (CESA-2015:0251)	Nessus	CentOS Local Security Checks	critical
81441	CentOS 6 : samba4 (CESA-2015:0250)	Nessus	CentOS Local Security Checks	critical
81440	CentOS 5 : samba3x (CESA-2015:0249)	Nessus	CentOS Local Security Checks	critical

CVE-2015-0240

high

New! CVE Severity Now Using CVSS v3

Description

References

Details

Risk Information

CVSS v2

Vulnerable Software

Configuration 1

Configuration 2

Configuration 3

Configuration 4

Tenable Plugins

critical

high

high

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical