CVE-2015-0240 Information

Feb 14, 2021 cve

Description

The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25 4.0.x before 4.0.25 4.1.x before 4.1.17 and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer which allows remote attackers to execute arbitrary code via crafted Netlogon packets that use the ServerPasswordSet RPC API as demonstrated by packets reaching the _netr_ServerPasswordSet function in rpc_server/netlogon/srv_netlog_nt.c.

Reference

http://advisories.mageia.org/MGASA-2015-0084.html http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00028.html http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00030.html http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00031.html http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00035.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.html http://marc.info/?l=bugtraq&m=142722696102151&w=2 http://marc.info/?l=bugtraq&m=143039217203031&w=2 http://rhn.redhat.com/errata/RHSA-2015-0249.html http://rhn.redhat.com/errata/RHSA-2015-0250.html http://rhn.redhat.com/errata/RHSA-2015-0251.html http://rhn.redhat.com/errata/RHSA-2015-0252.html http://rhn.redhat.com/errata/RHSA-2015-0253.html http://rhn.redhat.com/errata/RHSA-2015-0254.html http://rhn.redhat.com/errata/RHSA-2015-0255.html http://rhn.redhat.com/errata/RHSA-2015-0256.html http://rhn.redhat.com/errata/RHSA-2015-0257.html http://security.gentoo.org/glsa/glsa-201502-15.xml http://www.debian.org/security/2015/dsa-3171 http://www.mandriva.com/security/advisories?name=MDVSA-2015:081 http://www.mandriva.com/security/advisories?name=MDVSA-2015:082 http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html http://www.securityfocus.com/bid/72711 http://www.securitytracker.com/id/1031783 http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.360345 http://www.ubuntu.com/usn/USN-2508-1 https://access.redhat.com/articles/1346913 https://bugzilla.redhat.com/show_bug.cgi?id=1191325 https://securityblog.redhat.com/2015/02/23/samba-vulnerability-cve-2015-0240/ https://support.lenovo.com/product_security/samba_remote_vuln https://support.lenovo.com/us/en/product_security/samba_remote_vuln https://www.exploit-db.com/exploits/36741/ https://www.samba.org/samba/security/CVE-2015-0240

Share on: