{"id":"USN-2855-1","summary":"samba vulnerabilities","details":"Thilo Uttendorfer discovered that the Samba LDAP server incorrectly handled\ncertain packets. A remote attacker could use this issue to cause the LDAP\nserver to stop responding, resulting in a denial of service. This issue\nonly affected Ubuntu 14.04 LTS, Ubuntu 15.04 and Ubuntu 15.10.\n(CVE-2015-3223)\n\nJan Kasprzak discovered that Samba incorrectly handled certain symlinks. A\nremote attacker could use this issue to access files outside the exported\nshare path. (CVE-2015-5252)\n\nStefan Metzmacher discovered that Samba did not enforce signing when\ncreating encrypted connections. If a remote attacker were able to perform a\nmachine-in-the-middle attack, this flaw could be exploited to view sensitive\ninformation. (CVE-2015-5296)\n\nIt was discovered that Samba incorrectly performed access control when\nusing the VFS shadow_copy2 module. A remote attacker could use this issue\nto access snapshots, contrary to intended permissions. (CVE-2015-5299)\n\nDouglas Bagnall discovered that Samba incorrectly handled certain string\nlengths. A remote attacker could use this issue to possibly access\nsensitive information. (CVE-2015-5330)\n\nIt was discovered that the Samba LDAP server incorrectly handled certain\npackets. A remote attacker could use this issue to cause the LDAP server to\nstop responding, resulting in a denial of service. This issue only affected\nUbuntu 14.04 LTS, Ubuntu 15.04 and Ubuntu 15.10. (CVE-2015-7540)\n\nAndrew Bartlett discovered that Samba incorrectly checked administrative\nprivileges during creation of machine accounts. A remote attacker could\npossibly use this issue to bypass intended access restrictions in certain\nenvironments. This issue only affected Ubuntu 14.04 LTS, Ubuntu 15.04 and\nUbuntu 15.10. (CVE-2015-8467)\n","modified":"2026-02-10T04:40:56Z","published":"2016-01-05T18:39:22Z","related":["UBUNTU-CVE-2015-3223","UBUNTU-CVE-2015-5252","UBUNTU-CVE-2015-5296","UBUNTU-CVE-2015-5299","UBUNTU-CVE-2015-5330","UBUNTU-CVE-2015-7540","UBUNTU-CVE-2015-8467"],"upstream":["CVE-2015-3223","CVE-2015-5252","CVE-2015-5296","CVE-2015-5299","CVE-2015-5330","CVE-2015-7540","CVE-2015-8467","UBUNTU-CVE-2015-3223","UBUNTU-CVE-2015-5252","UBUNTU-CVE-2015-5296","UBUNTU-CVE-2015-5299","UBUNTU-CVE-2015-5330","UBUNTU-CVE-2015-7540","UBUNTU-CVE-2015-8467"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-2855-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-3223"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-5252"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-5296"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-5299"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-5330"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-7540"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-8467"}],"affected":[{"package":{"name":"samba","ecosystem":"Ubuntu:14.04:LTS","purl":"pkg:deb/ubuntu/samba@2:4.1.6+dfsg-1ubuntu2.14.04.11?arch=source&distro=trusty"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:4.1.6+dfsg-1ubuntu2.14.04.11"}]}],"versions":["2:3.6.18-1ubuntu3","2:4.0.10+dfsg-4ubuntu2","2:4.0.13+dfsg-1ubuntu1","2:4.1.3+dfsg-2ubuntu2","2:4.1.3+dfsg-2ubuntu3","2:4.1.3+dfsg-2ubuntu4","2:4.1.3+dfsg-2ubuntu5","2:4.1.6+dfsg-1ubuntu1","2:4.1.6+dfsg-1ubuntu2","2:4.1.6+dfsg-1ubuntu2.14.04.1","2:4.1.6+dfsg-1ubuntu2.14.04.2","2:4.1.6+dfsg-1ubuntu2.14.04.3","2:4.1.6+dfsg-1ubuntu2.14.04.4","2:4.1.6+dfsg-1ubuntu2.14.04.5","2:4.1.6+dfsg-1ubuntu2.14.04.7","2:4.1.6+dfsg-1ubuntu2.14.04.8","2:4.1.6+dfsg-1ubuntu2.14.04.9"],"ecosystem_specific":{"binaries":[{"binary_name":"libnss-winbind","binary_version":"2:4.1.6+dfsg-1ubuntu2.14.04.11"},{"binary_name":"libpam-smbpass","binary_version":"2:4.1.6+dfsg-1ubuntu2.14.04.11"},{"binary_name":"libpam-winbind","binary_version":"2:4.1.6+dfsg-1ubuntu2.14.04.11"},{"binary_name":"libparse-pidl-perl","binary_version":"2:4.1.6+dfsg-1ubuntu2.14.04.11"},{"binary_name":"libsmbclient","binary_version":"2:4.1.6+dfsg-1ubuntu2.14.04.11"},{"binary_name":"libsmbclient-dev","binary_version":"2:4.1.6+dfsg-1ubuntu2.14.04.11"},{"binary_name":"libsmbsharemodes-dev","binary_version":"2:4.1.6+dfsg-1ubuntu2.14.04.11"},{"binary_name":"libsmbsharemodes0","binary_version":"2:4.1.6+dfsg-1ubuntu2.14.04.11"},{"binary_name":"libwbclient-dev","binary_version":"2:4.1.6+dfsg-1ubuntu2.14.04.11"},{"binary_name":"libwbclient0","binary_version":"2:4.1.6+dfsg-1ubuntu2.14.04.11"},{"binary_name":"python-samba","binary_version":"2:4.1.6+dfsg-1ubuntu2.14.04.11"},{"binary_name":"registry-tools","binary_version":"2:4.1.6+dfsg-1ubuntu2.14.04.11"},{"binary_name":"samba","binary_version":"2:4.1.6+dfsg-1ubuntu2.14.04.11"},{"binary_name":"samba-common","binary_version":"2:4.1.6+dfsg-1ubuntu2.14.04.11"},{"binary_name":"samba-common-bin","binary_version":"2:4.1.6+dfsg-1ubuntu2.14.04.11"},{"binary_name":"samba-dev","binary_version":"2:4.1.6+dfsg-1ubuntu2.14.04.11"},{"binary_name":"samba-dsdb-modules","binary_version":"2:4.1.6+dfsg-1ubuntu2.14.04.11"},{"binary_name":"samba-libs","binary_version":"2:4.1.6+dfsg-1ubuntu2.14.04.11"},{"binary_name":"samba-testsuite","binary_version":"2:4.1.6+dfsg-1ubuntu2.14.04.11"},{"binary_name":"samba-vfs-modules","binary_version":"2:4.1.6+dfsg-1ubuntu2.14.04.11"},{"binary_name":"smbclient","binary_version":"2:4.1.6+dfsg-1ubuntu2.14.04.11"},{"binary_name":"winbind","binary_version":"2:4.1.6+dfsg-1ubuntu2.14.04.11"}],"availability":"No subscription required"},"database_specific":{"cves_map":{"cves":[{"id":"CVE-2015-3223","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2015-5252","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N"},{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2015-5296","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N"},{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2015-5299","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2015-5330","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2015-7540","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2015-8467","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]}],"ecosystem":"Ubuntu:14.04:LTS"},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-2855-1.json"}}],"schema_version":"1.7.3"}