7.5
CVE-2008-1105
- EPSS 69.09%
- Veröffentlicht 29.05.2008 16:32:00
- Zuletzt bearbeitet 16.06.2026 22:51:00
- Quelle PSIRT-CNA@flexerasoftware.com
- CVE-Watchlists
- Unerledigt
Heap-based buffer overflow in the receive_smb_raw function in util/sock.c in Samba 3.0.0 through 3.0.29 allows remote attackers to execute arbitrary code via a crafted SMB response.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Canonical ≫ Ubuntu Linux Version6.06
Canonical ≫ Ubuntu Linux Version7.04
Canonical ≫ Ubuntu Linux Version7.10
Canonical ≫ Ubuntu Linux Version8.04 SwEdition-
Debian ≫ Debian Linux Version4.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 69.09% | 0.993 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html
http://secunia.com/advisories/30802
http://support.apple.com/kb/HT2163
http://www.vupen.com/english/advisories/2008/1981/references
http://lists.vmware.com/pipermail/security-announce/2008/000023.html
http://secunia.com/advisories/31246
http://www.vupen.com/english/advisories/2008/2222/references
http://secunia.com/advisories/30736
http://secunia.com/advisories/30835
http://www.ubuntu.com/usn/usn-617-1
http://www.vupen.com/english/advisories/2008/1908
http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657
http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00000.html
http://secunia.com/advisories/30228
http://secunia.com/advisories/30385
http://secunia.com/advisories/30396
http://secunia.com/advisories/30442
http://secunia.com/advisories/30449
http://secunia.com/advisories/30478
http://secunia.com/advisories/30489
http://secunia.com/advisories/30543
http://secunia.com/advisories/31911
http://secunia.com/advisories/33696
http://secunia.com/secunia_research/2008-20/advisory/
http://security.gentoo.org/glsa/glsa-200805-23.xml
http://securitytracker.com/id?1020123
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.473951
http://sunsolve.sun.com/search/document.do?assetkey=1-26-249086-1
http://wiki.rpath.com/Advisories:rPSA-2008-0180
http://www.debian.org/security/2008/dsa-1590
http://www.mandriva.com/security/advisories?name=MDVSA-2008:108
http://www.redhat.com/support/errata/RHSA-2008-0288.html
http://www.redhat.com/support/errata/RHSA-2008-0289.html
http://www.redhat.com/support/errata/RHSA-2008-0290.html
http://www.samba.org/samba/security/CVE-2008-1105.html
http://www.securityfocus.com/archive/1/492683/100/0/threaded
http://www.securityfocus.com/archive/1/492737/100/0/threaded
http://www.securityfocus.com/archive/1/492903/100/0/threaded
http://www.securityfocus.com/bid/29404
http://www.securityfocus.com/bid/31255
http://www.ubuntu.com/usn/usn-617-2
http://www.vupen.com/english/advisories/2008/1681
http://www.vupen.com/english/advisories/2008/2639
http://www.xerox.com/downloads/usa/en/c/cert_XRX08_009.pdf
https://exchange.xforce.ibmcloud.com/vulnerabilities/42664
https://exchange.xforce.ibmcloud.com/vulnerabilities/45251
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10020
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5733
https://www.exploit-db.com/exploits/5712
https://www.redhat.com/archives/fedora-package-announce/2008-May/msg01006.html
https://www.redhat.com/archives/fedora-package-announce/2008-May/msg01030.html
https://www.redhat.com/archives/fedora-package-announce/2008-May/msg01082.html