CVE-2015-5370

MEDIUM5.9EPSS 21.1%

samba - security update

發布日:2016/4/25修改日:2026/4/28

描述

Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not properly implement the DCE-RPC layer, which allows remote attackers to perform protocol-downgrade attacks, cause a denial of service (application crash or CPU consumption), or possibly execute arbitrary code on a client system via unspecified vectors.

受影響套件(2)

Debian/sambafrom 0, < 2:4.3.7+dfsg-1
Debian/sambafrom 0, < 2:3.6.6-6+deb7u9

CVSS 分數

來源	版本	嚴重程度	向量
osv	CVSS 3.1	MEDIUM5.9	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2015-5370