Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2015-0240

The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execute arbitrary code via crafted Netlogon packets that use the ServerPasswordSet RPC API, as demonstrated by packets reaching the _netr_ServerPasswordSet function in rpc_server/netlogon/srv_netlog_nt.c.

  • Published: Feb 24, 2015
  • Updated: Apr 13, 2023
  • CVE: CVE-2015-0240
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 10
  • AV:N/AC:L/Au:N/C:C/I:C/A:C

CWEs:

Software From Fixed in
redhat / enterprise_linux 7.0 7.0.x
redhat / enterprise_linux 6.0 6.0.x
redhat / enterprise_linux 5 5.x
samba / samba 4.1.9 4.1.9.x
samba / samba 3.6.24 3.6.24.x
samba / samba 4.0.14 4.0.14.x
samba / samba 3.6.17 3.6.17.x
samba / samba 4.0.24 4.0.24.x
samba / samba 3.5.1 3.5.1.x
samba / samba 4.1.16 4.1.16.x
samba / samba 4.1.12 4.1.12.x
samba / samba 4.0.2 4.0.2.x
samba / samba 4.2.0-rc3 4.2.0-rc3.x
samba / samba 3.5.9 3.5.9.x
samba / samba 4.1.14 4.1.14.x
samba / samba 3.6.10 3.6.10.x
samba / samba 3.5.7 3.5.7.x
samba / samba 4.0.22 4.0.22.x
samba / samba 4.0.11 4.0.11.x
samba / samba 4.1.7 4.1.7.x
samba / samba 4.0.3 4.0.3.x
samba / samba 3.5.11 3.5.11.x
samba / samba 4.0.21 4.0.21.x
samba / samba 4.0.16 4.0.16.x
samba / samba 4.1.8 4.1.8.x
samba / samba 3.6.23 3.6.23.x
samba / samba 4.0.13 4.0.13.x
samba / samba 4.1.5 4.1.5.x
samba / samba 4.1.6 4.1.6.x
samba / samba 4.2.0-rc2 4.2.0-rc2.x
samba / samba 4.0.17 4.0.17.x
samba / samba 3.5.6 3.5.6.x
samba / samba 4.0.6 4.0.6.x
samba / samba 4.0.19 4.0.19.x
samba / samba 3.6.11 3.6.11.x
samba / samba 3.6.19 3.6.19.x
samba / samba 3.6.16 3.6.16.x
samba / samba 4.2.0-rc4 4.2.0-rc4.x
samba / samba 3.5.19 3.5.19.x
samba / samba 4.1.11 4.1.11.x
samba / samba 3.5.8 3.5.8.x
samba / samba 3.6.1 3.6.1.x
samba / samba 3.6.2 3.6.2.x
samba / samba 3.5.17 3.5.17.x
samba / samba 3.5.2 3.5.2.x
samba / samba 4.0.10 4.0.10.x
samba / samba 3.6.12 3.6.12.x
samba / samba 4.1.4 4.1.4.x
samba / samba 4.0.7 4.0.7.x
samba / samba 4.1.0 4.1.0.x
samba / samba 4.0.1 4.0.1.x
samba / samba 3.5.14 3.5.14.x
samba / samba 4.0.8 4.0.8.x
samba / samba 3.5.21 3.5.21.x
samba / samba 3.6.13 3.6.13.x
samba / samba 3.5.10 3.5.10.x
samba / samba 4.1.10 4.1.10.x
samba / samba 3.6.22 3.6.22.x
samba / samba 3.5.5 3.5.5.x
samba / samba 4.1.15 4.1.15.x
samba / samba 3.5.0 3.5.0.x
samba / samba 4.2.0-rc1 4.2.0-rc1.x
samba / samba 3.5.12 3.5.12.x
samba / samba 4.0.0 4.0.0.x
samba / samba 3.5.22 3.5.22.x
samba / samba 3.6.15 3.6.15.x
samba / samba 4.0.5 4.0.5.x
samba / samba 4.1.2 4.1.2.x
samba / samba 4.1.3 4.1.3.x
samba / samba 4.0.18 4.0.18.x
samba / samba 3.5.4 3.5.4.x
samba / samba 3.5.18 3.5.18.x
samba / samba 3.5.20 3.5.20.x
samba / samba 4.1.1 4.1.1.x
samba / samba 3.6.20 3.6.20.x
samba / samba 4.0.23 4.0.23.x
samba / samba 3.6.18 3.6.18.x
samba / samba 3.6.21 3.6.21.x
samba / samba 3.5.15 3.5.15.x
samba / samba 4.1.13 4.1.13.x
samba / samba 3.5.13 3.5.13.x
samba / samba 4.0.12 4.0.12.x
samba / samba 4.0.4 4.0.4.x
samba / samba 4.0.15 4.0.15.x
samba / samba 4.0.20 4.0.20.x
samba / samba 3.6.14 3.6.14.x
samba / samba 4.0.9 4.0.9.x
samba / samba 3.5.16 3.5.16.x
samba / samba 3.6.0 3.6.0.x
samba / samba 3.5.3 3.5.3.x
novell / suse_linux_enterprise_server 12 12.x
novell / suse_linux_enterprise_desktop 12 12.x
novell / suse_linux_enterprise_software_development_kit 12 12.x
canonical / ubuntu_linux 12.04 12.04.x
canonical / ubuntu_linux 14.10 14.10.x
canonical / ubuntu_linux 14.04 14.04.x