Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4314

Overview

Vulnerability Score 8.5 8.5
CVE Id CVE-2008-4314
Last Modified 07 Mar 2011 10:12:15
Published 01 Dec 2008 10:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-4314

Summary

smbd in Samba 3.0.29 through 3.2.4 might allow remote attackers to read arbitrary memory and cause a denial of service via crafted (1) trans, (2) trans2, and (3) nttrans requests, related to a "cut&paste error" that causes an improper bounds check to be performed.

Vulnerable Systems

Application

  • Samba 3.0.29

  • Samba 3.0.30

  • Samba 3.0.31

  • Samba 3.0.32

  • Samba 3.0.33

  • Samba 3.2.0

  • Samba 3.2.1

  • Samba 3.2.2

  • Samba 3.2.3

  • Samba 3.2.4


References

VUPEN - ADV-2009-2245

VUPEN - ADV-2009-0067

VUPEN - ADV-2008-3277

UBUNTU - USN-680-1

SECTRACK - 1021287

BID - 32494

FEDORA - FEDORA-2008-10638

FEDORA - FEDORA-2008-10518

CONFIRM - http://us1.samba.org/samba/security/CVE-2008-4314.html

CONFIRM - http://us1.samba.org/samba/ftp/patches/security/samba-3.0.32-CVE-2008-4314.patch

SUNALERT - 249087

SLACKWARE - SSA:2008-333-01

SECUNIA - 36281

SECUNIA - 32968

SECUNIA - 32951

SECUNIA - 32919

SECUNIA - 32813

OSVDB - 50230

HP - SSRT080172

SUSE - SUSE-SR:2008:027

HP - HPSBTU02454

Related Patches

Novell SUSE 2008:5819 cifs-mount security update for SLE 10 i586


Last Updated: 27 May 2016 10:49:56