Main Vulnerability Database Exploits ID:3683 - Exploit for Input validation error in Samba - CVE-2015-0240

ID:3683 - Exploit for Input validation error in Samba - CVE-2015-0240

Published: August 4, 2020

Vulnerability identifier: #VU33830

Vulnerability risk: High

CVE-ID: CVE-2015-0240

CWE-ID: CWE-20

Exploitation vector: Remote access

Vulnerable software:
Samba

Link to public exploit:

https://www.rapid7.com/db/modules/auxiliary/scanner/smb/smb_uninit_cred

Vulnerability description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execute arbitrary code via crafted Netlogon packets that use the ServerPasswordSet RPC API, as demonstrated by packets reaching the _netr_ServerPasswordSet function in rpc_server/netlogon/srv_netlog_nt.c.

Remediation

Install update from vendor's website.

ID:3683 - Exploit for Input validation error in Samba - CVE-2015-0240

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human