Описание
A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 2:4.7.6+dfsg~ubuntu-0ubuntu2.2 |
| devel | released | 2:4.8.4+dfsg-2ubuntu1 |
| esm-infra-legacy/trusty | not-affected | 2:4.3.11+dfsg-0ubuntu0.14.04.16 |
| esm-infra/bionic | not-affected | 2:4.7.6+dfsg~ubuntu-0ubuntu2.2 |
| esm-infra/xenial | not-affected | 2:4.3.11+dfsg-0ubuntu0.16.04.15 |
| precise/esm | not-affected | |
| trusty | released | 2:4.3.11+dfsg-0ubuntu0.14.04.16 |
| trusty/esm | not-affected | 2:4.3.11+dfsg-0ubuntu0.14.04.16 |
| upstream | released | 4.6.16,4.7.9,4.8.4 |
| xenial | released | 2:4.3.11+dfsg-0ubuntu0.16.04.15 |
Показывать по
EPSS
6.5 Medium
CVSS2
4.3 Medium
CVSS3
Связанные уязвимости
A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.
A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.
A heap-buffer overflow was found in the way samba clients processed ex ...
EPSS
6.5 Medium
CVSS2
4.3 Medium
CVSS3