Stack-Based Buffer Overflow in cifs-utils Affecting Remote Authentication
CVE-2014-2830

Currently unrated

Key Information:

Vendor: Debian
Status: Cifs-utils
Vendor: CVE Published:; 31 March 2015

Summary

A vulnerability exists in cifs-utils prior to version 6.4, specifically in the cifskey.c and cifscreds.c files. This flaw allows remote attackers to exploit an unbounded stack-based buffer overflow, leading to potential unauthorized actions via unknown vectors. Users are advised to update their cifs-utils packages to mitigate risks associated with this vulnerability.

References

https://lists.samba.org/archive/samba-technical/2014-July...

mailing-listx_refsource_MLIST

https://bugs.mageia.org/show_bug.cgi?id=13386

x_refsource_CONFIRM

http://www.mandriva.com/security/advisories?name=MDVSA-20...

vendor-advisoryx_refsource_MANDRIVA

Timeline

Vulnerability published
Mar 31, 2015
Vulnerability Reserved
Apr 10, 2014