Launchpad CVE tracker

CVE 2015-5370

Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not properly implement the DCE-RPC layer, which allows remote attackers to perform protocol-downgrade attacks, cause a denial of service (application crash or CPU consumption), or possibly execute arbitrary code on a client system via unspecified vectors.

Related bugs and status

CVE-2015-5370 (Candidate) is related to these bugs:

Bug #1566348: Patch the Badlock bug in the initial release of Ubuntu 16.04

Summary				In	Importance	Status
	1566348	Patch the Badlock bug in the initial release of Ubuntu 16.04		samba (Ubuntu)	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: https://www.samba.org/...
UBUNTU: USN-2950-5
CONFIRM: https://h20566.www2.hp...
CONFIRM: http://www.oracle.com/...
CONFIRM: https://www.samba.org/...
REDHAT: RHSA-2016:0611
REDHAT: RHSA-2016:0613
REDHAT: RHSA-2016:0614
REDHAT: RHSA-2016:0618
REDHAT: RHSA-2016:0619
REDHAT: RHSA-2016:0620
REDHAT: RHSA-2016:0624
REDHAT: RHSA-2016:0612
UBUNTU: USN-2950-3
UBUNTU: USN-2950-4
MISC: http://badlock.org/
CONFIRM: https://bto.bluecoat.c...
CONFIRM: https://www.samba.org/...
DEBIAN: DSA-3548
FEDORA: FEDORA-2016-383fce04e2
FEDORA: FEDORA-2016-48b3761baa
FEDORA: FEDORA-2016-be53260726
SUSE: SUSE-SU-2016:1022
SUSE: SUSE-SU-2016:1023
SUSE: SUSE-SU-2016:1024
SUSE: SUSE-SU-2016:1028
SUSE: openSUSE-SU-2016:1025
SUSE: openSUSE-SU-2016:1064
SUSE: openSUSE-SU-2016:1106
SUSE: openSUSE-SU-2016:1107
UBUNTU: USN-2950-1
UBUNTU: USN-2950-2
SECTRACK: 1035533
SLACKWARE: SSA:2016-106-02

Launchpad.net

CVE 2015-5370

Related bugs and status

Related bugs

References