CVE-2008-1105 : Heap-based buffer overflow in the receive_smb_raw function in util/sock.c in Samba 3.0.0 through 3.0.29 allows remote at

Heap-based buffer overflow in the receive_smb_raw function in util/sock.c in Samba 3.0.0 through 3.0.29 allows remote attackers to execute arbitrary code via a crafted SMB response.

Published 2008-05-29 16:32:00

Updated 2022-08-29 20:12:03

Source Flexera Software LLC

View at NVD, CVE.org

Vulnerability category: OverflowExecute code

Threat overview for CVE-2008-1105

Top countries where our scanners detected CVE-2008-1105

Top open port discovered on systems with this issue 5555

IPs affected by CVE-2008-1105 83

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2008-1105!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2008-1105

Probability of exploitation activity in the next 30 days: 97.02%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 100 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2008-1105

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.5	HIGH	AV:N/AC:L/Au:N/C:P/I:P/A:P	10.0	6.4	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

CWE ids for CVE-2008-1105

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2008-1105

https://exchange.xforce.ibmcloud.com/vulnerabilities/45251

VDB Entry
http://lists.vmware.com/pipermail/security-announce/2008/000023.html

Mailing List;Third Party Advisory

CVEs referencing this url
http://www.debian.org/security/2008/dsa-1590

Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0289.html

Third Party Advisory
http://securitytracker.com/id?1020123

Third Party Advisory;VDB Entry
http://www.securityfocus.com/archive/1/492903/100/0/threaded

Third Party Advisory;VDB Entry
https://www.redhat.com/archives/fedora-package-announce/2008-May/msg01006.html

Third Party Advisory
http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657

Broken Link

CVEs referencing this url
http://www.vupen.com/english/advisories/2008/1908

Permissions Required

CVEs referencing this url
http://www.vupen.com/english/advisories/2008/2639

Permissions Required
http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00000.html

Mailing List;Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0290.html

Third Party Advisory
http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html

Mailing List;Third Party Advisory

CVEs referencing this url
http://www.securityfocus.com/bid/31255

Third Party Advisory;VDB Entry
http://www.vupen.com/english/advisories/2008/1981/references

Webmail: access your OVH emails on ovhcloud.com | OVHcloud
Permissions Required

CVEs referencing this url
http://sunsolve.sun.com/search/document.do?assetkey=1-26-249086-1

Broken Link
http://support.apple.com/kb/HT2163

About the security content of Security Update 2008-004 and Mac OS X 10.5.4 - Apple Support
Third Party Advisory

CVEs referencing this url
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10020

Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:108

Broken Link
https://www.redhat.com/archives/fedora-package-announce/2008-May/msg01030.html

Third Party Advisory
https://www.exploit-db.com/exploits/5712

Third Party Advisory;VDB Entry
http://www.vupen.com/english/advisories/2008/1681

Permissions Required
http://www.securityfocus.com/archive/1/492737/100/0/threaded

Third Party Advisory;VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5733

Third Party Advisory
http://wiki.rpath.com/Advisories:rPSA-2008-0180

Broken Link
http://security.gentoo.org/glsa/glsa-200805-23.xml

Third Party Advisory
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.473951

Mailing List;Third Party Advisory
http://www.xerox.com/downloads/usa/en/c/cert_XRX08_009.pdf

Broken Link
http://www.ubuntu.com/usn/usn-617-1

Third Party Advisory

CVEs referencing this url
http://www.samba.org/samba/security/CVE-2008-1105.html

Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2008-0288.html

Third Party Advisory
http://www.securityfocus.com/archive/1/492683/100/0/threaded

Third Party Advisory;VDB Entry
https://www.redhat.com/archives/fedora-package-announce/2008-May/msg01082.html

Third Party Advisory
http://www.vupen.com/english/advisories/2008/2222/references

Permissions Required

CVEs referencing this url
https://exchange.xforce.ibmcloud.com/vulnerabilities/42664

VDB Entry
http://www.securityfocus.com/bid/29404

Patch;Third Party Advisory;VDB Entry
http://www.ubuntu.com/usn/usn-617-2

Third Party Advisory

Products affected by CVE-2008-1105

Debian » Debian Linux » Version: 4.0
cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
Matching versions
Samba » Samba
Versions from including (>=) 3.0.0 and up to, including, (<=) 3.0.29
cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 6.06
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 7.04
cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 7.10
cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 8.04
cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*
Matching versions