CVE-2015-5330

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2015-5330

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2015-5330.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2015-5330

Downstream

DEBIAN-CVE-2015-5330

DSA-3433-1

RHSA-2016:0006

RHSA-2016:0009

RHSA-2016:0010

RHSA-2016:0014

RHSA-2016:0015

RHSA-2016:0016

SUSE-SU-2015:2304-1

SUSE-SU-2015:2305-1

SUSE-SU-2016:0032-1

SUSE-SU-2016:0164-1

UBUNTU-CVE-2015-5330

USN-2855-1

USN-2856-1

openSUSE-SU-2024:10069-1

openSUSE-SU-2024:10074-1

Related

Published

2015-12-29T22:59:04Z

Modified

2025-08-09T19:01:27Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles string lengths, which allows remote attackers to obtain sensitive information from daemon heap memory by sending crafted packets and then reading (1) an error message or (2) a database value.

References

Affected packages