oval:org.mitre.oval:def:28955

Definition Id: oval:org.mitre.oval:def:28955

Oval ID:	oval:org.mitre.oval:def:28955
Title:	CIFS Server (Samba) Vulnerability on HPUX
Description:	The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execute arbitrary code via crafted Netlogon packets that use the ServerPasswordSet RPC API, as demonstrated by packets reaching the _netr_ServerPasswordSet function in rpc_server/netlogon/srv_netlog_nt.c.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2015-0240	Version:	6
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX03320 HP-UX B.11.31 AND filesets test CIFS-Development.CIFS-PRG version is less than A.03.02.04 AND CIFS-Server.CIFS-ADMIN version is less than A.03.02.04 AND CIFS-Server.CIFS-DOC version is less than A.03.02.04 AND CIFS-Server.CIFS-LIB version is less than A.03.02.04 AND CIFS-Server.CIFS-RUN version is less than A.03.02.04 AND CIFS-Server.CIFS-UTIL version is less than A.03.02.04 OR Criteria meets HP Security Bulletin HPSBUX03320 HP-UX B.11.23 AND filesets tests CIFS-Development.CIFS-PRG version is less than A.03.02.05 AND CIFS-Server.CIFS-ADMIN version is less than A.03.02.05 AND CIFS-Server.CIFS-DOC version is less than A.03.02.05 AND CIFS-Server.CIFS-LIB version is less than A.03.02.05 AND CIFS-Server.CIFS-RUN version is less than A.03.02.05 AND CIFS-Server.CIFS-UTIL version is less than A.03.02.05

Copyright Security-Database 2006-2024 - Powered by themself ;) in 0.0289s

Facebook rss twitter linkedin mail