vulnerability
CentOS: (CVE-2015-5370) (Multiple Advisories): samba3x
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:N/I:P/A:N) | Apr 13, 2016 | Jul 6, 2016 | May 7, 2019 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Published
Apr 13, 2016
Added
Jul 6, 2016
Modified
May 7, 2019
Description
Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not properly implement the DCE-RPC layer, which allows remote attackers to perform protocol-downgrade attacks, cause a denial of service (application crash or CPU consumption), or possibly execute arbitrary code on a client system via unspecified vectors.
Solutions
centos-upgrade-ctdbcentos-upgrade-ctdb-develcentos-upgrade-ctdb-testscentos-upgrade-libsmbclientcentos-upgrade-libsmbclient-develcentos-upgrade-libwbclientcentos-upgrade-libwbclient-develcentos-upgrade-sambacentos-upgrade-samba-clientcentos-upgrade-samba-client-libscentos-upgrade-samba-commoncentos-upgrade-samba-common-libscentos-upgrade-samba-common-toolscentos-upgrade-samba-dccentos-upgrade-samba-dc-libscentos-upgrade-samba-develcentos-upgrade-samba-doccentos-upgrade-samba-domainjoin-guicentos-upgrade-samba-glusterfscentos-upgrade-samba-libscentos-upgrade-samba-pidlcentos-upgrade-samba-pythoncentos-upgrade-samba-swatcentos-upgrade-samba-testcentos-upgrade-samba-test-develcentos-upgrade-samba-test-libscentos-upgrade-samba-vfs-glusterfscentos-upgrade-samba-winbindcentos-upgrade-samba-winbind-clientscentos-upgrade-samba-winbind-develcentos-upgrade-samba-winbind-krb5-locatorcentos-upgrade-samba-winbind-modulescentos-upgrade-samba3xcentos-upgrade-samba3x-clientcentos-upgrade-samba3x-commoncentos-upgrade-samba3x-doccentos-upgrade-samba3x-domainjoin-guicentos-upgrade-samba3x-swatcentos-upgrade-samba3x-winbindcentos-upgrade-samba3x-winbind-devel
References
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.