3.5

CVE-2014-0178

Samba 3.6.6 through 3.6.23, 4.0.x before 4.0.18, and 4.1.x before 4.1.8, when a certain vfs shadow copy configuration is enabled, does not properly initialize the SRV_SNAPSHOT_ARRAY response field, which allows remote authenticated users to obtain potentially sensitive information from process memory via a (1) FSCTL_GET_SHADOW_COPY_DATA or (2) FSCTL_SRV_ENUMERATE_SNAPSHOTS request.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SambaSamba Version >= 3.6.6 < 3.6.25
SambaSamba Version >= 4.0.0 < 4.0.18
SambaSamba Version >= 4.1.0 < 4.1.8
SambaSamba Version4.1.0
SambaSamba Version4.1.1
SambaSamba Version4.1.2
SambaSamba Version4.1.3
SambaSamba Version4.1.4
SambaSamba Version4.1.5
SambaSamba Version4.1.6
SambaSamba Version4.1.7
SambaSamba Version3.6.6
SambaSamba Version3.6.7
SambaSamba Version3.6.8
SambaSamba Version3.6.9
SambaSamba Version3.6.10
SambaSamba Version3.6.11
SambaSamba Version3.6.12
SambaSamba Version3.6.13
SambaSamba Version3.6.14
SambaSamba Version3.6.15
SambaSamba Version3.6.16
SambaSamba Version3.6.17
SambaSamba Version3.6.18
SambaSamba Version3.6.19
SambaSamba Version3.6.20
SambaSamba Version3.6.21
SambaSamba Version3.6.22
SambaSamba Version3.6.23
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 4.47% 0.902
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 3.5 6.8 2.9
AV:N/AC:M/Au:S/C:P/I:N/A:N
CWE-665 Improper Initialization

The product does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used.

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05115993
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136864.html
Third Party Advisory
Mailing List
http://security.gentoo.org/glsa/glsa-201502-15.xml
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134717.html
Third Party Advisory
Mailing List
http://www.mandriva.com/security/advisories?name=MDVSA-2015:082
Broken Link
http://advisories.mageia.org/MGASA-2014-0279.html
Third Party Advisory
http://secunia.com/advisories/59378
Third Party Advisory
http://secunia.com/advisories/59407
Third Party Advisory
http://secunia.com/advisories/59579
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2014:136
Third Party Advisory
http://www.samba.org/samba/security/CVE-2014-0178
Vendor Advisory
http://www.securityfocus.com/archive/1/532757/100/0/threaded
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/67686
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1030308
Third Party Advisory
VDB Entry