7.5

CVE-2015-7540

EPSS 11.85%
Published 29.12.2015 22:59:05
Last modified 12.04.2025 10:46:40
Source secalert@redhat.com
Teams watchlist Login
Open Login

The LDAP server in the AD domain controller in Samba 4.x before 4.1.22 does not check return values to ensure successful ASN.1 memory allocation, which allows remote attackers to cause a denial of service (memory consumption and daemon crash) via crafted packets.

Affected products Warnungen 0 Metrics 3 CWE 0 References 17

Data is provided by the National Vulnerability Database (NVD)

Samba ≫ Samba Version >= 4.0.0 < 4.1.22

Canonical ≫ Ubuntu Linux Version12.04 SwEdition-

Canonical ≫ Ubuntu Linux Version14.04 SwEditionesm

Canonical ≫ Ubuntu Linux Version15.04

Canonical ≫ Ubuntu Linux Version15.10

Debian ≫ Debian Linux Version7.0

Debian ≫ Debian Linux Version8.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	11.85%	0.935

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

Third Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174076.html

Third Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174391.html

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00033.html

Third Party Advisory

Mailing List

http://www.debian.org/security/2016/dsa-3433

Third Party Advisory

http://www.ubuntu.com/usn/USN-2855-1

Third Party Advisory

http://www.ubuntu.com/usn/USN-2855-2

Third Party Advisory

https://security.gentoo.org/glsa/201612-47

Third Party Advisory

http://www.securityfocus.com/bid/79736

Third Party Advisory

VDB Entry

http://www.securitytracker.com/id/1034492

Third Party Advisory

VDB Entry

https://bugzilla.redhat.com/show_bug.cgi?id=1288451

Third Party Advisory

Issue Tracking

https://git.samba.org/?p=samba.git%3Ba=commit%3Bh=530d50a1abdcdf4d1775652d4c456c1274d83d8d

https://git.samba.org/?p=samba.git%3Ba=commit%3Bh=9d989c9dd7a5b92d0c5d65287935471b83b6e884

https://www.samba.org/samba/security/CVE-2015-7540.html

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2015-7540

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2015-7540

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2015-7540

EUVD