Vulnerability Description
All versions of Samba from 3.5.0 to 4.2.0rc4 are vulnerable to an unexpected code execution vulnerability in the smbd file server daemon.
Exposure & Impact
A malicious client could send packets that may set up the stack in such a way that the freeing of memory in a subsequent anonymous netlogon packet could allow execution of arbitrary code. This code would execute with root privileges. CVE-2015-0240 CVSS – 7.9
Remediation & Mitigation
VERT suggests that users install patches that are being released by the various distributions today.
Detection
The February 25th ASPL package will include coverage for CVE-2015-0240 on RHEL, CentOS, Ubuntu, Debian, and OEL.
References
https://securityblog.redhat.com/2015/02/23/samba-vulnerability-cve-2015-0240/ https://www.samba.org/samba/security/CVE-2015-0240 https://access.redhat.com/security/cve/CVE-2015-0240
