Vulnerability Details : CVE-2014-3493
The push_ascii function in smbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote authenticated users to cause a denial of service (memory corruption and daemon crash) via an attempt to read a Unicode pathname without specifying use of Unicode, leading to a character-set conversion failure that triggers an invalid pointer dereference.
Vulnerability category: OverflowMemory CorruptionDenial of service
Products affected by CVE-2014-3493
- cpe:2.3:a:samba:samba:3.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.6.4:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.6.20:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.6.14:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.6.13:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.6.12:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.6.7:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.6.6:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.6.18:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.6.17:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.6.5:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.6.16:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.6.15:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.6.9:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.6.8:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.6.19:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.6.11:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.6.10:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.6.21:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.6.22:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.6.23:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2014-3493
2.70%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 90 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2014-3493
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
2.7
|
LOW | AV:A/AC:L/Au:S/C:N/I:N/A:P |
5.1
|
2.9
|
NIST |
CWE ids for CVE-2014-3493
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-3493
-
http://www.securityfocus.com/archive/1/532757/100/0/threaded
SecurityFocus
-
http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136864.html
503 Backend fetch failed
-
http://rhn.redhat.com/errata/RHSA-2014-0866.html
RHSA-2014:0866 - Security Advisory - Red Hat Customer Portal
-
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_samba1
Multiple vulnerabilities in Samba | Oracle Third Party Vulnerability Resolution Blog
-
https://bugzilla.redhat.com/show_bug.cgi?id=1108748
1108748 – (CVE-2014-3493) CVE-2014-3493 samba: smbd unicode path names denial of service
-
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05115993
HPSBUX03574 rev.1 - HPE HP-UX CIFS-Server (Samba), Remote Access Restriction Bypass, Authentication bypass, Denial of Service (DoS), Unauthorized Access to Files, Access Restriction Bypass, Unauthoriz
-
http://www.securityfocus.com/bid/68150
Samba CVE-2014-3493 Memory Corruption Vulnerability
-
http://www.mandriva.com/security/advisories?name=MDVSA-2015:082
mandriva.com
-
http://secunia.com/advisories/61218
Sign in
-
http://security.gentoo.org/glsa/glsa-201502-15.xml
Samba: Multiple vulnerabilities (GLSA 201502-15) — Gentoo security
-
http://secunia.com/advisories/59407
Sign in
-
http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134717.html
[SECURITY] Fedora 20 Update: samba-4.1.9-3.fc20
-
http://secunia.com/advisories/59433
Sign in
-
http://linux.oracle.com/errata/ELSA-2014-0866.html
linux.oracle.com | ELSA-2014-0866
-
http://www.securitytracker.com/id/1030455
Samba smbd and nmbd Processing Flaws Let Remote Users Deny Service - SecurityTracker
-
http://www.samba.org/samba/security/CVE-2014-3493
Samba - Security Announcement ArchiveVendor Advisory
-
http://advisories.mageia.org/MGASA-2014-0279.html
Mageia Advisory: MGASA-2014-0279 - Updated samba packages fix multiple vulnerabilities
-
http://www.mandriva.com/security/advisories?name=MDVSA-2014:136
mandriva.com
Jump to