Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2015-0250

Опубликовано: 23 фев. 2015
Источник: oracle-oval
Платформа: Oracle Linux 6

Описание

ELSA-2015-0250: samba4 security update (CRITICAL)

[4.0.0-66.rc4]

  • related: #1191387 - Update patchset for CVE-2015-0240.

[4.0.0-65.rc4]

  • resolves: #1191387 - CVE-2015-0240: RCE in netlogon.

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

samba4

4.0.0-66.el6_6.rc4

samba4-client

4.0.0-66.el6_6.rc4

samba4-common

4.0.0-66.el6_6.rc4

samba4-dc

4.0.0-66.el6_6.rc4

samba4-dc-libs

4.0.0-66.el6_6.rc4

samba4-devel

4.0.0-66.el6_6.rc4

samba4-libs

4.0.0-66.el6_6.rc4

samba4-pidl

4.0.0-66.el6_6.rc4

samba4-python

4.0.0-66.el6_6.rc4

samba4-swat

4.0.0-66.el6_6.rc4

samba4-test

4.0.0-66.el6_6.rc4

samba4-winbind

4.0.0-66.el6_6.rc4

samba4-winbind-clients

4.0.0-66.el6_6.rc4

samba4-winbind-krb5-locator

4.0.0-66.el6_6.rc4

Oracle Linux i686

samba4

4.0.0-66.el6_6.rc4

samba4-client

4.0.0-66.el6_6.rc4

samba4-common

4.0.0-66.el6_6.rc4

samba4-dc

4.0.0-66.el6_6.rc4

samba4-dc-libs

4.0.0-66.el6_6.rc4

samba4-devel

4.0.0-66.el6_6.rc4

samba4-libs

4.0.0-66.el6_6.rc4

samba4-pidl

4.0.0-66.el6_6.rc4

samba4-python

4.0.0-66.el6_6.rc4

samba4-swat

4.0.0-66.el6_6.rc4

samba4-test

4.0.0-66.el6_6.rc4

samba4-winbind

4.0.0-66.el6_6.rc4

samba4-winbind-clients

4.0.0-66.el6_6.rc4

samba4-winbind-krb5-locator

4.0.0-66.el6_6.rc4

Связанные CVE

CVE-2015-0240

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2015-0240

ubuntu
больше 10 лет назад

The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execute arbitrary code via crafted Netlogon packets that use the ServerPasswordSet RPC API, as demonstrated by packets reaching the _netr_ServerPasswordSet function in rpc_server/netlogon/srv_netlog_nt.c.

redhat логотип

CVE-2015-0240

redhat
больше 10 лет назад

The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execute arbitrary code via crafted Netlogon packets that use the ServerPasswordSet RPC API, as demonstrated by packets reaching the _netr_ServerPasswordSet function in rpc_server/netlogon/srv_netlog_nt.c.

nvd логотип

CVE-2015-0240

nvd
больше 10 лет назад

The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execute arbitrary code via crafted Netlogon packets that use the ServerPasswordSet RPC API, as demonstrated by packets reaching the _netr_ServerPasswordSet function in rpc_server/netlogon/srv_netlog_nt.c.

debian логотип

CVE-2015-0240

debian
больше 10 лет назад

The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x be ...

suse-cvrf логотип

SUSE-SU-2015:0371-1

suse-cvrf
больше 10 лет назад

Security update for Samba