Notifications for a CVE
Stay informed of any changes for a specific CVE.
CVE Descriptions
Samba 3.6.6 through 3.6.23, 4.0.x before 4.0.18, and 4.1.x before 4.1.8, when a certain vfs shadow copy configuration is enabled, does not properly initialize the SRV_SNAPSHOT_ARRAY response field, which allows remote authenticated users to obtain potentially sensitive information from process memory via a (1) FSCTL_GET_SHADOW_COPY_DATA or (2) FSCTL_SRV_ENUMERATE_SNAPSHOTS request.
CVE Informations
Related Weaknesses
| Weakness Name | Source | |
|---|---|---|
| Improper Initialization The product does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used. |
Metrics
| Metrics | Score | Severity | CVSS Vector | Source |
|---|---|---|---|---|
| V2 | 3.5 | AV:N/AC:M/Au:S/C:P/I:N/A:N | [email protected] |
EPSS
EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.
EPSS Score
The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.
EPSS Percentile
The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.
Products Mentioned
Configuraton 0
Samba>>Samba >> Version From (including) 3.6.6 To (excluding) 3.6.25
- Samba>>Samba >> Version 3.6.6 (Open CPE detail)
- Samba>>Samba >> Version 3.6.7 (Open CPE detail)
- Samba>>Samba >> Version 3.6.8 (Open CPE detail)
- Samba>>Samba >> Version 3.6.9 (Open CPE detail)
- Samba>>Samba >> Version 3.6.10 (Open CPE detail)
- Samba>>Samba >> Version 3.6.11 (Open CPE detail)
- Samba>>Samba >> Version 3.6.12 (Open CPE detail)
- Samba>>Samba >> Version 3.6.13 (Open CPE detail)
- Samba>>Samba >> Version 3.6.14 (Open CPE detail)
- Samba>>Samba >> Version 3.6.15 (Open CPE detail)
- Samba>>Samba >> Version 3.6.16 (Open CPE detail)
- Samba>>Samba >> Version 3.6.17 (Open CPE detail)
- Samba>>Samba >> Version 3.6.18 (Open CPE detail)
- Samba>>Samba >> Version 3.6.19 (Open CPE detail)
- Samba>>Samba >> Version 3.6.20 (Open CPE detail)
- Samba>>Samba >> Version 3.6.21 (Open CPE detail)
- Samba>>Samba >> Version 3.6.22 (Open CPE detail)
- Samba>>Samba >> Version 3.6.23 (Open CPE detail)
- Samba>>Samba >> Version 3.6.24 (Open CPE detail)
Samba>>Samba >> Version From (including) 4.0.0 To (excluding) 4.0.18
- Samba>>Samba >> Version 4.0.0 (Open CPE detail)
- Samba>>Samba >> Version 4.0.1 (Open CPE detail)
- Samba>>Samba >> Version 4.0.2 (Open CPE detail)
- Samba>>Samba >> Version 4.0.3 (Open CPE detail)
- Samba>>Samba >> Version 4.0.4 (Open CPE detail)
- Samba>>Samba >> Version 4.0.5 (Open CPE detail)
- Samba>>Samba >> Version 4.0.6 (Open CPE detail)
- Samba>>Samba >> Version 4.0.7 (Open CPE detail)
- Samba>>Samba >> Version 4.0.8 (Open CPE detail)
- Samba>>Samba >> Version 4.0.9 (Open CPE detail)
- Samba>>Samba >> Version 4.0.10 (Open CPE detail)
- Samba>>Samba >> Version 4.0.11 (Open CPE detail)
- Samba>>Samba >> Version 4.0.12 (Open CPE detail)
- Samba>>Samba >> Version 4.0.13 (Open CPE detail)
- Samba>>Samba >> Version 4.0.14 (Open CPE detail)
- Samba>>Samba >> Version 4.0.15 (Open CPE detail)
- Samba>>Samba >> Version 4.0.16 (Open CPE detail)
- Samba>>Samba >> Version 4.0.17 (Open CPE detail)
Samba>>Samba >> Version From (including) 4.1.0 To (excluding) 4.1.8
- Samba>>Samba >> Version 4.1.0 (Open CPE detail)
- Samba>>Samba >> Version 4.1.1 (Open CPE detail)
- Samba>>Samba >> Version 4.1.2 (Open CPE detail)
- Samba>>Samba >> Version 4.1.3 (Open CPE detail)
- Samba>>Samba >> Version 4.1.4 (Open CPE detail)
- Samba>>Samba >> Version 4.1.5 (Open CPE detail)
- Samba>>Samba >> Version 4.1.6 (Open CPE detail)
- Samba>>Samba >> Version 4.1.7 (Open CPE detail)
Configuraton 0
Samba>>Samba >> Version 4.1.0
- Samba>>Samba >> Version 4.1.0 (Open CPE detail)
Samba>>Samba >> Version 4.1.1
- Samba>>Samba >> Version 4.1.1 (Open CPE detail)
Samba>>Samba >> Version 4.1.2
- Samba>>Samba >> Version 4.1.2 (Open CPE detail)
Samba>>Samba >> Version 4.1.3
- Samba>>Samba >> Version 4.1.3 (Open CPE detail)
Samba>>Samba >> Version 4.1.4
- Samba>>Samba >> Version 4.1.4 (Open CPE detail)
Samba>>Samba >> Version 4.1.5
- Samba>>Samba >> Version 4.1.5 (Open CPE detail)
Samba>>Samba >> Version 4.1.6
- Samba>>Samba >> Version 4.1.6 (Open CPE detail)
Samba>>Samba >> Version 4.1.7
- Samba>>Samba >> Version 4.1.7 (Open CPE detail)
Configuraton 0
Samba>>Samba >> Version 3.6.6
- Samba>>Samba >> Version 3.6.6 (Open CPE detail)
Samba>>Samba >> Version 3.6.7
- Samba>>Samba >> Version 3.6.7 (Open CPE detail)
Samba>>Samba >> Version 3.6.8
- Samba>>Samba >> Version 3.6.8 (Open CPE detail)
Samba>>Samba >> Version 3.6.9
- Samba>>Samba >> Version 3.6.9 (Open CPE detail)
Samba>>Samba >> Version 3.6.10
- Samba>>Samba >> Version 3.6.10 (Open CPE detail)
Samba>>Samba >> Version 3.6.11
- Samba>>Samba >> Version 3.6.11 (Open CPE detail)
Samba>>Samba >> Version 3.6.12
- Samba>>Samba >> Version 3.6.12 (Open CPE detail)
Samba>>Samba >> Version 3.6.13
- Samba>>Samba >> Version 3.6.13 (Open CPE detail)
Samba>>Samba >> Version 3.6.14
- Samba>>Samba >> Version 3.6.14 (Open CPE detail)
Samba>>Samba >> Version 3.6.15
- Samba>>Samba >> Version 3.6.15 (Open CPE detail)
Samba>>Samba >> Version 3.6.16
- Samba>>Samba >> Version 3.6.16 (Open CPE detail)
Samba>>Samba >> Version 3.6.17
- Samba>>Samba >> Version 3.6.17 (Open CPE detail)
Samba>>Samba >> Version 3.6.18
- Samba>>Samba >> Version 3.6.18 (Open CPE detail)
Samba>>Samba >> Version 3.6.19
- Samba>>Samba >> Version 3.6.19 (Open CPE detail)
Samba>>Samba >> Version 3.6.20
- Samba>>Samba >> Version 3.6.20 (Open CPE detail)
Samba>>Samba >> Version 3.6.21
- Samba>>Samba >> Version 3.6.21 (Open CPE detail)
Samba>>Samba >> Version 3.6.22
- Samba>>Samba >> Version 3.6.22 (Open CPE detail)
Samba>>Samba >> Version 3.6.23
- Samba>>Samba >> Version 3.6.23 (Open CPE detail)
References
http://www.mandriva.com/security/advisories?name=MDVSA-2014:136
Tags : vendor-advisory, x_refsource_MANDRIVA
Tags : vendor-advisory, x_refsource_MANDRIVA
http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136864.html
Tags : vendor-advisory, x_refsource_FEDORA
Tags : vendor-advisory, x_refsource_FEDORA
http://www.securityfocus.com/archive/1/532757/100/0/threaded
Tags : mailing-list, x_refsource_BUGTRAQ
Tags : mailing-list, x_refsource_BUGTRAQ
http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134717.html
Tags : vendor-advisory, x_refsource_FEDORA
Tags : vendor-advisory, x_refsource_FEDORA
http://www.mandriva.com/security/advisories?name=MDVSA-2015:082
Tags : vendor-advisory, x_refsource_MANDRIVA
Tags : vendor-advisory, x_refsource_MANDRIVA
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05115993
Tags : x_refsource_CONFIRM
Tags : x_refsource_CONFIRM
2025©
tesweb SA
