CVE-2017-15275

Опубликовано: 21 нояб. 2017

Источник: redhat

CVSS3: 4.3

Описание

Samba before 4.7.3 might allow remote attackers to obtain sensitive information by leveraging failure of the server to clear allocated heap memory.

A memory disclosure flaw was found in samba. An attacker could retrieve parts of server memory, which could contain potentially sensitive data, by sending specially-crafted requests to the samba server.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 5	samba	Will not fix
Red Hat Enterprise Linux 6	samba	Will not fix
Red Hat Enterprise Linux 6	samba4	Fixed	RHSA-2017:3278	29.11.2017
Red Hat Enterprise Linux 7	samba	Fixed	RHSA-2017:3260	27.11.2017
Red Hat Gluster Storage 3.3 for RHEL 6	samba	Fixed	RHSA-2017:3261	27.11.2017
Red Hat Gluster Storage 3.3 for RHEL 7	samba	Fixed	RHSA-2017:3261	27.11.2017

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

https://bugzilla.redhat.com/show_bug.cgi?id=1512465samba: Server heap-memory disclosure

4.3 Medium

CVSS3

Связанные уязвимости

CVE-2017-15275

CVSS3: 7.5

ubuntu

больше 7 лет назад

Samba before 4.7.3 might allow remote attackers to obtain sensitive information by leveraging failure of the server to clear allocated heap memory.

CVE-2017-15275

CVSS3: 7.5

nvd

больше 7 лет назад

Samba before 4.7.3 might allow remote attackers to obtain sensitive information by leveraging failure of the server to clear allocated heap memory.

CVE-2017-15275

CVSS3: 7.5

msrc

9 месяцев назад

Описание отсутствует

CVE-2017-15275

CVSS3: 7.5

debian

больше 7 лет назад

Samba before 4.7.3 might allow remote attackers to obtain sensitive in ...

SUSE-SU-2018:0018-1

suse-cvrf

больше 7 лет назад

Security update for samba

4.3 Medium

CVSS3