vulnerability

Samba CVE-2015-5370: Multiple errors in DCE-RPC code.

Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Published
Apr 12, 2016
Added
Apr 12, 2016
Modified
Mar 27, 2026

Description

Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not properly implement the DCE-RPC layer, which allows remote attackers to perform protocol-downgrade attacks, cause a denial of service (application crash or CPU consumption), or possibly execute arbitrary code on a client system via unspecified vectors.

Solutions

samba-upgrade-4_2_11samba-upgrade-4_3_8samba-upgrade-4_4_2
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.