Threat Level: green Handler on Duty: Jan Kopriva

SANS ISC: Samba vulnerability - Remote Code Execution - (CVE-2015-0240) - SANS Internet Storm Center SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Samba vulnerability - Remote Code Execution - (CVE-2015-0240)

The Red Hat security team has released an advisory on a Samba vulnerability effecting Samba version 3.5.0 through 4.2.0rc4. "It can be exploited by a malicious Samba client, by sending specially-crafted packets to the Samba server. No authentication is required to exploit this flaw. It can result in remotely controlled execution of arbitrary code as root." [1]

A patch [2] has been released by the Samba team to address the vulnerability.



Chris Mohan --- Internet Storm Center Handler on Duty


105 Posts
ISC Handler
Feb 26th 2015

Sign Up for Free or Log In to start participating in the conversation!