Samba before 4.7.3 might allow remote attackers to obtain sensitive information by leveraging failure of the server to clear allocated heap memory.
References
Link | Resource |
---|---|
https://www.samba.org/samba/security/CVE-2017-15275.html | Vendor Advisory |
https://www.debian.org/security/2017/dsa-4043 | Third Party Advisory |
http://www.ubuntu.com/usn/USN-3486-2 | Third Party Advisory |
http://www.ubuntu.com/usn/USN-3486-1 | Third Party Advisory |
http://www.securityfocus.com/bid/101908 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1039855 | Third Party Advisory VDB Entry |
https://access.redhat.com/errata/RHSA-2017:3278 | Third Party Advisory |
https://access.redhat.com/errata/RHSA-2017:3261 | Third Party Advisory |
https://access.redhat.com/errata/RHSA-2017:3260 | Third Party Advisory |
https://www.synology.com/support/security/Synology_SA_17_72_Samba | Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2017/11/msg00029.html | Mailing List Third Party Advisory |
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03817en_us | Third Party Advisory |
https://security.gentoo.org/glsa/201805-07 | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Information
Published : 2017-11-27 14:29
Updated : 2022-08-29 13:43
NVD link : CVE-2017-15275
Mitre link : CVE-2017-15275
JSON object : View
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Products Affected
redhat
- enterprise_linux_desktop
- enterprise_linux_workstation
- enterprise_linux_server
canonical
- ubuntu_linux
samba
- samba
debian
- debian_linux