7.5

CVE-2008-1105

Heap-based buffer overflow in the receive_smb_raw function in util/sock.c in Samba 3.0.0 through 3.0.29 allows remote attackers to execute arbitrary code via a crafted SMB response.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SambaSamba Version >= 3.0.0 <= 3.0.29
CanonicalUbuntu Linux Version6.06
CanonicalUbuntu Linux Version7.04
CanonicalUbuntu Linux Version7.10
CanonicalUbuntu Linux Version8.04 SwEdition-
DebianDebian Linux Version4.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 69.09% 0.993
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html
Third Party Advisory
Mailing List
http://secunia.com/advisories/30802
Third Party Advisory
http://support.apple.com/kb/HT2163
Third Party Advisory
http://www.vupen.com/english/advisories/2008/1981/references
Permissions Required
http://lists.vmware.com/pipermail/security-announce/2008/000023.html
Third Party Advisory
Mailing List
http://secunia.com/advisories/31246
Third Party Advisory
http://www.vupen.com/english/advisories/2008/2222/references
Permissions Required
http://secunia.com/advisories/30736
Third Party Advisory
http://secunia.com/advisories/30835
Third Party Advisory
http://www.ubuntu.com/usn/usn-617-1
Third Party Advisory
http://www.vupen.com/english/advisories/2008/1908
Permissions Required
http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657
Broken Link
http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00000.html
Third Party Advisory
Mailing List
http://secunia.com/advisories/30228
Third Party Advisory
http://secunia.com/advisories/30385
Third Party Advisory
http://secunia.com/advisories/30396
Third Party Advisory
http://secunia.com/advisories/30442
Third Party Advisory
http://secunia.com/advisories/30449
Third Party Advisory
http://secunia.com/advisories/30478
Third Party Advisory
http://secunia.com/advisories/30489
Third Party Advisory
http://secunia.com/advisories/30543
Third Party Advisory
http://secunia.com/advisories/31911
Third Party Advisory
http://secunia.com/advisories/33696
Third Party Advisory
http://secunia.com/secunia_research/2008-20/advisory/
Third Party Advisory
Vendor Advisory
http://security.gentoo.org/glsa/glsa-200805-23.xml
Third Party Advisory
http://securitytracker.com/id?1020123
Third Party Advisory
VDB Entry
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.473951
Third Party Advisory
Mailing List
http://sunsolve.sun.com/search/document.do?assetkey=1-26-249086-1
Broken Link
http://wiki.rpath.com/Advisories:rPSA-2008-0180
Broken Link
http://www.debian.org/security/2008/dsa-1590
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:108
Broken Link
http://www.redhat.com/support/errata/RHSA-2008-0288.html
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0289.html
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0290.html
Third Party Advisory
http://www.samba.org/samba/security/CVE-2008-1105.html
Vendor Advisory
http://www.securityfocus.com/archive/1/492683/100/0/threaded
Third Party Advisory
VDB Entry
http://www.securityfocus.com/archive/1/492737/100/0/threaded
Third Party Advisory
VDB Entry
http://www.securityfocus.com/archive/1/492903/100/0/threaded
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/29404
Patch
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/31255
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/usn-617-2
Third Party Advisory
http://www.vupen.com/english/advisories/2008/1681
Permissions Required
http://www.vupen.com/english/advisories/2008/2639
Permissions Required
http://www.xerox.com/downloads/usa/en/c/cert_XRX08_009.pdf
Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/42664
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/45251
VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10020
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5733
Third Party Advisory
https://www.exploit-db.com/exploits/5712
Third Party Advisory
VDB Entry
https://www.redhat.com/archives/fedora-package-announce/2008-May/msg01006.html
Third Party Advisory
https://www.redhat.com/archives/fedora-package-announce/2008-May/msg01030.html
Third Party Advisory
https://www.redhat.com/archives/fedora-package-announce/2008-May/msg01082.html
Third Party Advisory