Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-2830

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2014-2830
Last Modified 01 Apr 2015 10:54:15
Published 31 Mar 2015 10:59:02
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-2830

Summary

Stack-based buffer overflow in cifskey.c or cifscreds.c in cifs-utils before 6.4, as used in pam_cifscreds, allows remote attackers to have unspecified impact via unknown vectors.

Vulnerable Systems

Application

  • Debian Cifs-utils 6.3


References

MLIST - [samba-technical] 20140711 ANNOUNCE: cifs-utils release 6.4 ready for download

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=1086224

CONFIRM - https://bugzilla.novell.com/show_bug.cgi?id=870168

CONFIRM - https://bugs.mageia.org/show_bug.cgi?id=13386

MANDRIVA - MDVSA-2015:114

MLIST - [oss-security] 20140411 Re: pam_cifscreds stack overflow

CONFIRM - http://advisories.mageia.org/MGASA-2014-0242.html


Last Updated: 27 May 2016 11:08:16