CVE-2015-0240 Samba 3.5.x and 3.6.x before 3.6.25,4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 vulnerability (4037595)

Chat now with support

Return

Title

CVE-2015-0240 Samba 3.5.x and 3.6.x before 3.6.25,4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 vulnerability
Description

The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execute arbitrary code via crafted Netlogon packets that use the ServerPasswordSet RPC API, as demonstrated by packets reaching the _netr_ServerPasswordSet function in rpc_server/netlogon/srv_netlog_nt.c.
All versions of Samba from 3.5.0 to 4.2.0rc4 are vulnerable. The Samba project (https://www.samba.org/samba/history/) versions 4.2.0rc5, 4.1.17, 4.0.25 and 3.6.25 to address the issue and also made code patches ( https://www.samba.org/samba/history/security.html) available.

Sign In Required

You need to be signed in and under a current maintenance contract to view premium knowledge articles.