Home

CVE-2015-5330

Description

ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles string lengths, which allows remote attackers to obtain sensitive information from daemon heap memory by sending crafted packets and then reading (1) an error message or (2) a database value.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
1.625

Associated Vulnerability

VulnerabilityOS Platform
SMB/CIFS file, print, and login server for Unix (USN-2855-1) samba_3.6.3-2ubuntu2.13_i386.debLinux
SMB/CIFS file, print, and login server for Unix (USN-2855-1) samba_3.6.3-2ubuntu2.13_amd64.debLinux
SMB/CIFS file, print, and login server for Unix (USN-2855-1) samba_4.1.13+dfsg-4ubuntu3.1_i386.debLinux
SMB/CIFS file, print, and login server for Unix (USN-2855-1) samba_4.1.13+dfsg-4ubuntu3.1_amd64.debLinux
SMB/CIFS file, print, and login server for Unix (USN-2855-1) samba_4.1.17+dfsg-4ubuntu2_i386.debLinux
SMB/CIFS file, print, and login server for Unix (USN-2855-1) samba_4.1.17+dfsg-4ubuntu3_i386.debLinux
SMB/CIFS file, print, and login server for Unix (USN-2855-1) samba_4.1.17+dfsg-4ubuntu2_amd64.debLinux
SMB/CIFS file, print, and login server for Unix (USN-2855-1) samba_4.1.17+dfsg-4ubuntu3_amd64.debLinux
SMB/CIFS file, print, and login server for Unix (USN-2855-1) samba_4.1.6+dfsg-1ubuntu2.14.04.11_i386.debLinux
SMB/CIFS file, print, and login server for Unix (USN-2855-1) samba_4.1.6+dfsg-1ubuntu2.14.04.11_amd64.debLinux
LDAP-like embedded database (USN-2856-1) libldb1_1.1.4-1ubuntu0.1_i386.debLinux
LDAP-like embedded database (USN-2856-1) libldb1_1.1.4-1ubuntu0.1_amd64.debLinux
LDAP-like embedded database (USN-2856-1) libldb1_1.1.18-1ubuntu0.1_i386.debLinux
LDAP-like embedded database (USN-2856-1) libldb1_1.1.18-1ubuntu0.1_amd64.debLinux
LDAP-like embedded database (USN-2856-1) libldb1_1.1.20-2_i386.debLinux
LDAP-like embedded database (USN-2856-1) libldb1_1.1.20-2_amd64.debLinux
samba regression update(DSA-3548-3) samba_4.2.10+dfsg-0+deb8u3_i386.debLinux
samba regression update(DSA-3548-3) samba_4.2.10+dfsg-0+deb8u3_amd64.debLinux
SUSE-SU-2016:0164-1(SUSE Linux Enterprise Server 11-SP3 ) ldapsmb-1.34b-64.1.x86_64.rpmLinux
SUSE-SU-2016:0164-1(SUSE Linux Enterprise Desktop 11-SP3 ) libldb1-3.6.3-64.1.x86_64.rpmLinux
SUSE-SU-2016:0164-1(SUSE Linux Enterprise Desktop 11-SP3 ) libldb1-32bit-3.6.3-64.1.x86_64.rpmLinux
SUSE-SU-2016:0164-1(SUSE Linux Enterprise Desktop 11-SP3 ) libsmbclient0-3.6.3-64.1.x86_64.rpmLinux
SUSE-SU-2016:0164-1(SUSE Linux Enterprise Desktop 11-SP3 ) libsmbclient0-32bit-3.6.3-64.1.x86_64.rpmLinux
SUSE-SU-2016:0164-1(SUSE Linux Enterprise Desktop 11-SP3 ) libtalloc2-3.6.3-64.1.x86_64.rpmLinux
SUSE-SU-2016:0164-1(SUSE Linux Enterprise Desktop 11-SP3 ) libtalloc2-32bit-3.6.3-64.1.x86_64.rpmLinux
SUSE-SU-2016:0164-1(SUSE Linux Enterprise Desktop 11-SP3 ) libtdb1-3.6.3-64.1.x86_64.rpmLinux
SUSE-SU-2016:0164-1(SUSE Linux Enterprise Desktop 11-SP3 ) libtdb1-32bit-3.6.3-64.1.x86_64.rpmLinux
SUSE-SU-2016:0164-1(SUSE Linux Enterprise Desktop 11-SP3 ) libtevent0-3.6.3-64.1.x86_64.rpmLinux
SUSE-SU-2016:0164-1(SUSE Linux Enterprise Desktop 11-SP3 ) libtevent0-32bit-3.6.3-64.1.x86_64.rpmLinux
SUSE-SU-2016:0164-1(SUSE Linux Enterprise Desktop 11-SP3 ) libwbclient0-3.6.3-64.1.x86_64.rpmLinux
SUSE-SU-2016:0164-1(SUSE Linux Enterprise Desktop 11-SP3 ) libwbclient0-32bit-3.6.3-64.1.x86_64.rpmLinux
SUSE-SU-2016:0164-1(SUSE Linux Enterprise Desktop 11-SP3 ) samba-3.6.3-64.1.x86_64.rpmLinux
SUSE-SU-2016:0164-1(SUSE Linux Enterprise Desktop 11-SP3 ) samba-32bit-3.6.3-64.1.x86_64.rpmLinux
SUSE-SU-2016:0164-1(SUSE Linux Enterprise Desktop 11-SP3 ) samba-client-3.6.3-64.1.x86_64.rpmLinux
SUSE-SU-2016:0164-1(SUSE Linux Enterprise Desktop 11-SP3 ) samba-client-32bit-3.6.3-64.1.x86_64.rpmLinux
SUSE-SU-2016:0164-1(SUSE Linux Enterprise Desktop 11-SP3 ) samba-doc-3.6.3-64.1.noarch.rpmLinux
SUSE-SU-2016:0164-1(SUSE Linux Enterprise Desktop 11-SP3 ) samba-krb-printing-3.6.3-64.1.x86_64.rpmLinux
SUSE-SU-2016:0164-1(SUSE Linux Enterprise Desktop 11-SP3 ) samba-winbind-3.6.3-64.1.x86_64.rpmLinux
SUSE-SU-2016:0164-1(SUSE Linux Enterprise Desktop 11-SP3 ) samba-winbind-32bit-3.6.3-64.1.x86_64.rpmLinux
Libsmbclient update (ELSA-2018-1860) libsmbclient-3.6.23-51.0.1.el6.x86_64.rpmLinux
Libsmbclient-devel update (ELSA-2018-1860) libsmbclient-devel-3.6.23-51.0.1.el6.x86_64.rpmLinux
Samba update (ELSA-2018-1860) samba-3.6.23-51.0.1.el6.x86_64.rpmLinux
Samba-client update (ELSA-2018-1860) samba-client-3.6.23-51.0.1.el6.x86_64.rpmLinux
Samba-common update (ELSA-2018-1860) samba-common-3.6.23-51.0.1.el6.x86_64.rpmLinux
Samba-doc update (ELSA-2018-1860) samba-doc-3.6.23-51.0.1.el6.x86_64.rpmLinux
Samba-domainjoin-gui update (ELSA-2018-1860) samba-domainjoin-gui-3.6.23-51.0.1.el6.x86_64.rpmLinux
Samba-glusterfs update (ELSA-2018-1860) samba-glusterfs-3.6.23-51.0.1.el6.x86_64.rpmLinux
Samba-swat update (ELSA-2018-1860) samba-swat-3.6.23-51.0.1.el6.x86_64.rpmLinux
Samba-winbind update (ELSA-2018-1860) samba-winbind-3.6.23-51.0.1.el6.x86_64.rpmLinux
Samba-winbind-clients update (ELSA-2018-1860) samba-winbind-clients-3.6.23-51.0.1.el6.x86_64.rpmLinux
Samba-winbind-devel update (ELSA-2018-1860) samba-winbind-devel-3.6.23-51.0.1.el6.x86_64.rpmLinux
Samba-winbind-krb5-locator update (ELSA-2018-1860) samba-winbind-krb5-locator-3.6.23-51.0.1.el6.x86_64.rpmLinux
Libsmbclient update (ELSA-2018-1860) libsmbclient-3.6.23-51.0.1.el6.i686.rpmLinux
Libsmbclient-devel update (ELSA-2018-1860) libsmbclient-devel-3.6.23-51.0.1.el6.i686.rpmLinux
Samba update (ELSA-2018-1860) samba-3.6.23-51.0.1.el6.i686.rpmLinux
Samba-client update (ELSA-2018-1860) samba-client-3.6.23-51.0.1.el6.i686.rpmLinux
Samba-common update (ELSA-2018-1860) samba-common-3.6.23-51.0.1.el6.i686.rpmLinux
Samba-doc update (ELSA-2018-1860) samba-doc-3.6.23-51.0.1.el6.i686.rpmLinux
Samba-domainjoin-gui update (ELSA-2018-1860) samba-domainjoin-gui-3.6.23-51.0.1.el6.i686.rpmLinux
Samba-swat update (ELSA-2018-1860) samba-swat-3.6.23-51.0.1.el6.i686.rpmLinux
Samba-winbind update (ELSA-2018-1860) samba-winbind-3.6.23-51.0.1.el6.i686.rpmLinux
Samba-winbind-clients update (ELSA-2018-1860) samba-winbind-clients-3.6.23-51.0.1.el6.i686.rpmLinux
Samba-winbind-devel update (ELSA-2018-1860) samba-winbind-devel-3.6.23-51.0.1.el6.i686.rpmLinux
Samba-winbind-krb5-locator update (ELSA-2018-1860) samba-winbind-krb5-locator-3.6.23-51.0.1.el6.i686.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234