Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM36774F82D059697E5F4F730AB1B75D2A4B250C21EA93DFEC2C0F294E60D5BD1F
HistoryJun 18, 2018 - 12:08 a.m.

Security Bulletin: Samba vulnerability issue on IBM SONAS (CVE-2014-3493)

2018-06-1800:08:33
www.ibm.com
12

0.027 Low

EPSS

Percentile

90.5%

JSON

Summary

A fix is available for IBM SONAS, for the security issue that an attacker could crash applications by exploiting a vulnerability in Samba

Vulnerability Details

CVEID:
CVE-2014-3493

DESCRIPTION:
Samba is used in IBM SONAS to enable file management and authentication services for Microsoft Windows environments.

IBM SONAS includes a version of Samba that is vulnerable to a denial of service. A remote authenticated attacker could exploit this vulnerability to cause the application to crash.

CVSS Base Score: 4
CVSS Vector: (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/93928 for the current score

Affected Products and Versions

IBM SONAS
The product is affected when running a code releases 1.3.0.0 to 1.4.3.3

Remediation/Fixes

A fix for these issues is in version 1.4.3.4 of IBM SONAS. Customers running an affected version of IBM SONAS should upgrade to 1.4.3.4 or a later version, so that the fix gets applied.

Workarounds and Mitigations

Workaround(s) :
Avoid use of authentication servers which are not protected behind a firewall. This vulnerability can be exploited only by someone who is authenticated.

Mitigation(s) : None

Related

veracode 1
nvd 1
debiancve 1
ubuntucve 1
ibm 1
cvelist 1
cve 1
prion 1
samba 1
nessus 26
redhat 3
openvas 22
freebsd 1
oraclelinux 4
altlinux 3
centos 3
mageia 1
debian 1
osv 1
ubuntu 1
securityvulns 2
slackware 1
fedora 5
gentoo 1
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:03:12
nvd
nvd
CVE-2014-3493
2014-06-23 14:55:05
debiancve
debiancve
CVE-2014-3493
2014-06-23 14:55:05
ubuntucve
ubuntucve
CVE-2014-3493
2014-06-23 00:00:00
ibm
ibm
Security Bulletin: Samba vulnerability issue on IBM Storwize V7000 Unified (CVE-2014-3493)
2018-06-18 00:08:28
cvelist
cvelist
CVE-2014-3493
2014-06-23 14:00:00
cve
cve
CVE-2014-3493
2014-06-23 14:55:05
prion
prion
Memory corruption
2014-06-23 14:55:00
samba
samba
Denial of service - Server crash/memory corruption
2014-06-23 00:00:00
nessus
nessus
FreeBSD : samba -- multiple vulnerabilities (6ad309d9-fb03-11e3-bebd-000c2980a9f3)
2014-06-24 00:00:00
Oracle Solaris Third-Party Patch Update : samba (multiple_vulnerabilities_in_samba1)
2015-01-19 00:00:00
Scientific Linux Security Update : samba and samba3x on SL5.x, SL6.x i386/srpm/x86_64 (20140709)
2014-07-10 00:00:00
redhat
redhat
(RHSA-2014:0866) Moderate: samba and samba3x security update
2014-07-09 00:00:00
(RHSA-2014:0867) Moderate: samba security update
2014-07-09 00:00:00
(RHSA-2014:1009) Important: samba4 security update
2014-08-05 00:00:00
openvas
openvas
CentOS Update for libsmbclient CESA-2014:0866 centos6
2014-07-15 00:00:00
Oracle: Security Advisory (ELSA-2014-0866)
2015-10-06 00:00:00
CentOS Update for samba3x CESA-2014:0866 centos5
2014-07-15 00:00:00
freebsd
freebsd
samba -- multiple vulnerabilities
2014-06-23 00:00:00
oraclelinux
oraclelinux
samba and samba3x security update
2014-07-09 00:00:00
samba security update
2014-07-23 00:00:00
samba4 security update
2014-08-05 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package samba-DC version 4.1.9-alt1
2014-06-24 00:00:00
Security fix for the ALT Linux 10 package samba version 4.1.9-alt1
2014-06-24 00:00:00
Security fix for the ALT Linux 8 package samba version 4.1.9-alt1
2014-06-24 00:00:00
centos
centos
libsmbclient, samba, samba3x security update
2014-07-09 18:04:17
libsmbclient, libwbclient, samba security update
2014-07-09 19:41:16
samba4 security update
2014-08-05 19:48:16
mageia
mageia
Updated samba packages fix multiple vulnerabilities
2014-07-04 21:57:20
debian
debian
[SECURITY] [DSA 2966-1] samba security update
2014-06-23 09:38:29
osv
osv
samba - security update
2014-06-23 00:00:00
ubuntu
ubuntu
Samba vulnerabilities
2014-06-26 00:00:00
securityvulns
securityvulns
[slackware-security] samba (SSA:2014-175-04)
2014-06-26 00:00:00
Samba multiple security vulnerabilities
2014-06-26 00:00:00
slackware
slackware
[slackware-security] samba
2014-06-24 23:47:25
fedora
fedora
[SECURITY] Fedora 20 Update: samba-4.1.9-3.fc20
2014-06-26 01:52:55
[SECURITY] Fedora 20 Update: samba-4.1.9-4.fc20
2014-08-07 15:23:51
[SECURITY] Fedora 19 Update: samba-4.0.19-1.fc19
2014-07-09 02:27:14
gentoo
gentoo
Samba: Multiple vulnerabilities
2015-02-25 00:00:00

0.027 Low

EPSS

Percentile

90.5%

JSON
Related for 36774F82D059697E5F4F730AB1B75D2A4B250C21EA93DFEC2C0F294E60D5BD1F
veracode1nvd1debiancve1ubuntucve1ibm1cvelist1cve1prion1samba1nessus26redhat3openvas22freebsd1oraclelinux4altlinux3centos3mageia1debian1osv1ubuntu1securityvulns2slackware1fedora5gentoo1