[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248268

 
 

909

 
 

195051

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2008-4314Date: (C)2008-12-01   (M)2023-12-22


smbd in Samba 3.0.29 through 3.2.4 might allow remote attackers to read arbitrary memory and cause a denial of service via crafted (1) trans, (2) trans2, and (3) nttrans requests, related to a "cut&paste error" that causes an improper bounds check to be performed.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 8.5
Exploit Score: 10.0
Impact Score: 7.8
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: COMPLETE
Integrity: NONE
Availability: PARTIAL
  
Reference:
SECTRACK-1021287
SUNALERT-249087
BID-32494
SECUNIA-32813
SECUNIA-32919
SECUNIA-32951
SECUNIA-32968
SECUNIA-36281
OSVDB-50230
ADV-2008-3277
ADV-2009-0067
ADV-2009-2245
FEDORA-2008-10518
FEDORA-2008-10638
SSA:2008-333-01
SSRT080172
SUSE-SR:2008:027
USN-680-1
http://us1.samba.org/samba/ftp/patches/security/samba-3.0.32-CVE-2008-4314.patch
http://us1.samba.org/samba/security/CVE-2008-4314.html

CPE    10
cpe:/a:samba:samba:3.2.3
cpe:/a:samba:samba:3.2.4
cpe:/a:samba:samba:3.2.1
cpe:/a:samba:samba:3.2.2
...
CWE    1
CWE-200
OVAL    3
oval:org.secpod.oval:def:101349
oval:org.secpod.oval:def:101805
oval:org.secpod.oval:def:102120

© SecPod Technologies