Professional OVAL Repository
[Eng]
[Rus]
[Sign-In]
OVAL
Search
Categories
RedCheck
About
OVAL Definitions
OVAL Items
FSTEC Data Bank Information Security Threats
NKCKI
EOL (End Of Life)
Linux Security Advisories
Mozilla Foundation Security Advisory
IBM
VMware
Cisco
Check Point Software Technologies
Apache
Solaris
FreeBSD
Development
GitHub Enterprise
Google Chrome Security Advisories
Oracle Security Advisories
Adobe Security Advisories
OpenSSL Security Advisories
Microsoft
CVE
CWE
CPE
Latest Updates
OS ROSA
ALT Linux
Astra Linux
RED OS
DSA (Debian Security Advisory) Patсh Statistics
DSA (Debian Security Advisory) Patсh Feed
DSA (Debian Security Advisory) Vulnerability Feed
DLA (Debian Security Advisory) Patсh Statistics
DLA (Debian Security Advisory) Patсh Feed
DLA (Debian Security Advisory) Vulnerability Feed
ALT Linux (Security Bulletins) Patсh Statistics
ALT Linux (Security Bulletins) Patсh Feed
ALT Linux (Security Bulletins) Vulnerability Feed
RED OS (Security Bulletins) Patсh Statistics
RED OS (Security Bulletins) Patсh Feed
RED OS (Security Bulletins) Vulnerability Feed
USN (Ubuntu Security Notice) Patсh Statistics
USN (Ubuntu Security Notice) Patсh Feed
USN (Ubuntu Security Notice) Vulnerability Feed
RHSA (RedHat Security Advisory) Patсh Statistics
RHSA (RedHat Security Advisory) Patсh Feed
RHSA (RedHat Security Advisory) Vulnerability Feed
ELSA (Oracle Linux Security Advisory) Patсh Statistics
ELSA (Oracle Linux Security Advisory) Patсh Feed
ELSA (Oracle Linux Security Advisory) Vulnerability Feed
SUSE (SUSE Security Advisories) Patсh Statistics
SUSE (SUSE Security Advisories) Patсh Feed
SUSE (SUSE Security Advisories) Vulnerability Feed
openSUSE (openSUSE Security Advisories) Patсh Statistics
openSUSE (openSUSE Security Advisories) Patсh Feed
openSUSE (openSUSE Security Advisories) Vulnerability Feed
Amazon Linux AMI (Security Bulletins) Patсh Statistics
Amazon Linux AMI (Security Bulletins) Patсh Feed
Amazon Linux AMI (Security Bulletins) Vulnerability Feed
Mageia Linux (Security Bulletins) Patсh Statistics
Mageia Linux (Security Bulletins) Patсh Feed
Mageia Linux (Security Bulletins) Vulnerability Feed
OS ROSA SX COBALT 1.0
OS ROSA DX COBALT 1.0
ROSA 7.3 (Security Advisories) Patсh Statistics
ROSA 7.3 (Security Advisories) Patсh Feed
ROSA 7.3 (Security Advisories) Vulnerability Feed
ALT Linux SPT 6.0
ALT Linux SPT 7.0
ALT 8 SP
ALT 9
Astra Linux SE 1.5
Astra Linux SE 1.6
Astra Linux SE 1.7
Astra Linux SE 1.8
RED OS Murom 7.1
RED OS Murom 7.2
IBM DB2
VMware Vulnerabilities Advisory (VMSA)
VMware vCenter Patch Advisories
VMware ESXi Patch Advisories
VMware NSX Patches
VMware NSX Vulnerabilities
VMware Photon OS 1.0 Patches
VMware Photon OS 1.0 Vulnerabilities
VMware Photon OS 2.0 Patches
VMware Photon OS 2.0 Vulnerabilities
Cisco ASA
Cisco IOS/NX-OS Advisory
Cisco NX-OS Vulnerabilities
Check Point Gaia
Apache Tomcat Advisories
Apache Tomcat Server
Apache HTTP Server
Python
Node.js
RubyGems
Qt
Microsoft Security Bulletin
Microsoft Knowledge Base Article
Microsoft SharePoint
Microsoft SharePoint Foundation 2013
Microsoft SharePoint Server 2013
Microsoft SharePoint Server 2016
About OVALdb
User manual
Pricing
Contact us
OVAL Definitions
>
OVAL Definition Details
Id
oval:ru.altx-soft.nix:def:81121
[Eng]
Version
5
Class
vulnerability
ALTXid
251955
Language
Russian
Severity
Critical
Title
openSUSE -- уязвимость в samba (CVE-2008-1105)
Description
В продукте samba обнаружена уязвимость CVE-2008-1105.
Family
unix
Platform
openSUSE 10.2
openSUSE 10.3
Product
samba
Reference
FSTEC: BDU:2015-09629
FSTEC: BDU:2015-09629
Id:
BDU:2015-09629
Reference:
https://bdu.fstec.ru/vul/2015-09629
FSTEC: BDU:2015-08384
FSTEC: BDU:2015-08384
Id:
BDU:2015-08384
Reference:
https://bdu.fstec.ru/vul/2015-08384
FSTEC: BDU:2015-08383
FSTEC: BDU:2015-08383
Id:
BDU:2015-08383
Reference:
https://bdu.fstec.ru/vul/2015-08383
FSTEC: BDU:2015-08382
FSTEC: BDU:2015-08382
Id:
BDU:2015-08382
Reference:
https://bdu.fstec.ru/vul/2015-08382
FSTEC: BDU:2015-08381
FSTEC: BDU:2015-08381
Id:
BDU:2015-08381
Reference:
https://bdu.fstec.ru/vul/2015-08381
FSTEC: BDU:2015-08380
FSTEC: BDU:2015-08380
Id:
BDU:2015-08380
Reference:
https://bdu.fstec.ru/vul/2015-08380
FSTEC: BDU:2015-08379
FSTEC: BDU:2015-08379
Id:
BDU:2015-08379
Reference:
https://bdu.fstec.ru/vul/2015-08379
FSTEC: BDU:2015-08378
FSTEC: BDU:2015-08378
Id:
BDU:2015-08378
Reference:
https://bdu.fstec.ru/vul/2015-08378
FSTEC: BDU:2015-08377
FSTEC: BDU:2015-08377
Id:
BDU:2015-08377
Reference:
https://bdu.fstec.ru/vul/2015-08377
FSTEC: BDU:2015-07590
FSTEC: BDU:2015-07590
Id:
BDU:2015-07590
Reference:
https://bdu.fstec.ru/vul/2015-07590
FSTEC: BDU:2015-07589
FSTEC: BDU:2015-07589
Id:
BDU:2015-07589
Reference:
https://bdu.fstec.ru/vul/2015-07589
FSTEC: BDU:2015-07582
FSTEC: BDU:2015-07582
Id:
BDU:2015-07582
Reference:
https://bdu.fstec.ru/vul/2015-07582
FSTEC: BDU:2015-07581
FSTEC: BDU:2015-07581
Id:
BDU:2015-07581
Reference:
https://bdu.fstec.ru/vul/2015-07581
FSTEC: BDU:2015-07577
FSTEC: BDU:2015-07577
Id:
BDU:2015-07577
Reference:
https://bdu.fstec.ru/vul/2015-07577
FSTEC: BDU:2015-07576
FSTEC: BDU:2015-07576
Id:
BDU:2015-07576
Reference:
https://bdu.fstec.ru/vul/2015-07576
FSTEC: BDU:2015-07555
FSTEC: BDU:2015-07555
Id:
BDU:2015-07555
Reference:
https://bdu.fstec.ru/vul/2015-07555
FSTEC: BDU:2015-07554
FSTEC: BDU:2015-07554
Id:
BDU:2015-07554
Reference:
https://bdu.fstec.ru/vul/2015-07554
EXPLOIT-DB: 5712
EXPLOIT-DB: 5712
Id:
5712
Reference:
https://www.exploit-db.com/exploits/5712
FSTEC: BDU:2015-04218
FSTEC: BDU:2015-04218
Id:
BDU:2015-04218
Reference:
http://www.bdu.fstec.ru/vul/2015-04218
FSTEC: BDU:2015-04217
FSTEC: BDU:2015-04217
Id:
BDU:2015-04217
Reference:
http://www.bdu.fstec.ru/vul/2015-04217
FSTEC: BDU:2015-04216
FSTEC: BDU:2015-04216
Id:
BDU:2015-04216
Reference:
http://www.bdu.fstec.ru/vul/2015-04216
FSTEC: BDU:2015-04215
FSTEC: BDU:2015-04215
Id:
BDU:2015-04215
Reference:
http://www.bdu.fstec.ru/vul/2015-04215
FSTEC: BDU:2015-04214
FSTEC: BDU:2015-04214
Id:
BDU:2015-04214
Reference:
http://www.bdu.fstec.ru/vul/2015-04214
FSTEC: BDU:2015-04213
FSTEC: BDU:2015-04213
Id:
BDU:2015-04213
Reference:
http://www.bdu.fstec.ru/vul/2015-04213
FSTEC: BDU:2015-04212
FSTEC: BDU:2015-04212
Id:
BDU:2015-04212
Reference:
http://www.bdu.fstec.ru/vul/2015-04212
FSTEC: BDU:2015-04211
FSTEC: BDU:2015-04211
Id:
BDU:2015-04211
Reference:
http://www.bdu.fstec.ru/vul/2015-04211
FSTEC: BDU:2015-04210
FSTEC: BDU:2015-04210
Id:
BDU:2015-04210
Reference:
http://www.bdu.fstec.ru/vul/2015-04210
FSTEC: BDU:2015-04209
FSTEC: BDU:2015-04209
Id:
BDU:2015-04209
Reference:
http://www.bdu.fstec.ru/vul/2015-04209
FSTEC: BDU:2015-04208
FSTEC: BDU:2015-04208
Id:
BDU:2015-04208
Reference:
http://www.bdu.fstec.ru/vul/2015-04208
FSTEC: BDU:2015-04207
FSTEC: BDU:2015-04207
Id:
BDU:2015-04207
Reference:
http://www.bdu.fstec.ru/vul/2015-04207
FSTEC: BDU:2015-04206
FSTEC: BDU:2015-04206
Id:
BDU:2015-04206
Reference:
http://www.bdu.fstec.ru/vul/2015-04206
FSTEC: BDU:2015-04205
FSTEC: BDU:2015-04205
Id:
BDU:2015-04205
Reference:
http://www.bdu.fstec.ru/vul/2015-04205
FSTEC: BDU:2015-04204
FSTEC: BDU:2015-04204
Id:
BDU:2015-04204
Reference:
http://www.bdu.fstec.ru/vul/2015-04204
FSTEC: BDU:2015-04203
FSTEC: BDU:2015-04203
Id:
BDU:2015-04203
Reference:
http://www.bdu.fstec.ru/vul/2015-04203
FSTEC: BDU:2015-04202
FSTEC: BDU:2015-04202
Id:
BDU:2015-04202
Reference:
http://www.bdu.fstec.ru/vul/2015-04202
FSTEC: BDU:2015-04201
FSTEC: BDU:2015-04201
Id:
BDU:2015-04201
Reference:
http://www.bdu.fstec.ru/vul/2015-04201
FSTEC: BDU:2015-04200
FSTEC: BDU:2015-04200
Id:
BDU:2015-04200
Reference:
http://www.bdu.fstec.ru/vul/2015-04200
FSTEC: BDU:2015-04199
FSTEC: BDU:2015-04199
Id:
BDU:2015-04199
Reference:
http://www.bdu.fstec.ru/vul/2015-04199
CVE: CVE-2008-1105
CVE: CVE-2008-1105
Id:
CVE-2008-1105
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1105
Comment
: Heap-based buffer overflow in the receive_smb_raw function in util/sock.c in Samba 3.0.0 through 3.0.29 allows remote attackers to execute arbitrary code via a crafted SMB response.
CVSSv2 Score:
7.5
Access vector:
NETWORK
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
PARTIAL
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
CWE:
119 (Improper Restriction of Operations within the Bounds of a Memory Buffer)
References:
http://secunia.com/secunia_research/2008-20/advisory/ (MISC)
http://www.samba.org/samba/security/CVE-2008-1105.html (CONFIRM)
29404 (BID)
1020123 (SECTRACK)
30228 (SECUNIA)
30385 (SECUNIA)
SUSE-SA:2008:026 (SUSE)
30543 (SECUNIA)
30489 (SECUNIA)
30736 (SECUNIA)
http://support.apple.com/kb/HT2163 (CONFIRM)
31246 (SECUNIA)
[Security-announce] 20080728 VMSA-2008-00011 Updated ESX service console packages for Samba and vmnix (MLIST)
HPSBUX02341 (HP)
USN-617-2 (UBUNTU)
30835 (SECUNIA)
30802 (SECUNIA)
APPLE-SA-2008-06-30 (APPLE)
USN-617-1 (UBUNTU)
http://www.xerox.com/downloads/usa/en/c/cert_XRX08_009.pdf (CONFIRM)
31911 (SECUNIA)
31255 (BID)
30396 (SECUNIA)
249086 (SUNALERT)
33696 (SECUNIA)
30478 (SECUNIA)
FEDORA-2008-4679 (FEDORA)
FEDORA-2008-4797 (FEDORA)
30449 (SECUNIA)
DSA-1590 (DEBIAN)
http://wiki.rpath.com/Advisories:rPSA-2008-0180 (CONFIRM)
FEDORA-2008-4724 (FEDORA)
SSA:2008-149-01 (SLACKWARE)
RHSA-2008:0289 (REDHAT)
RHSA-2008:0290 (REDHAT)
MDVSA-2008:108 (MANDRIVA)
RHSA-2008:0288 (REDHAT)
30442 (SECUNIA)
GLSA-200805-23 (GENTOO)
ADV-2008-2222 (VUPEN)
ADV-2008-1981 (VUPEN)
ADV-2008-1908 (VUPEN)
ADV-2008-2639 (VUPEN)
ADV-2008-1681 (VUPEN)
xerox-controller-samba-code-execution(45251) (XF)
samba-receivesmbraw-bo(42664) (XF)
5712 (EXPLOIT-DB)
oval:org.mitre.oval:def:5733 (OVAL)
oval:org.mitre.oval:def:10020 (OVAL)
20080602 rPSA-2008-0180-1 samba samba-client samba-server samba-swat (BUGTRAQ)
20080529 Secunia Research: Samba "receive_smb_raw()" Buffer OverflowVulnerability (BUGTRAQ)
20080528 [SAMBA] CVE-2008-1105 - Boundary failure when parsing SMB responses (BUGTRAQ)
VENDOR: SUSE-SA:2008:026
VENDOR: SUSE-SA:2008:026
Id:
SUSE-SA:2008:026
Reference:
http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00000.html
Content available only for registered users!
ovaldb@altx-soft.com