JVN/CVE Demo: Cveinfos

CVE

Id: 31222
CVE No.: CVE-2008-1105
Status: Candidate
Description: Heap-based buffer overflow in the receive_smb_raw function in util/sock.c in Samba 3.0.0 through 3.0.29 allows remote attackers to execute arbitrary code via a crafted SMB response.
Phase: Assigned (20080229)
Votes: None (candidate not yet proposed)
Comments

Actions

Related CVE References

Id	CVE Id	CVE No.	Reference	Actions
333115	31222	CVE-2008-1105	BUGTRAQ:20080528 [SAMBA] CVE-2008-1105 - Boundary failure when parsing SMB responses	View
333116	31222	CVE-2008-1105	URL:http://www.securityfocus.com/archive/1/archive/1/492683/100/0/threaded	View
333117	31222	CVE-2008-1105	BUGTRAQ:20080602 rPSA-2008-0180-1 samba samba-client samba-server samba-swat	View
333118	31222	CVE-2008-1105	URL:http://www.securityfocus.com/archive/1/archive/1/492903/100/0/threaded	View
333119	31222	CVE-2008-1105	BUGTRAQ:20080529 Secunia Research: Samba "receive_smb_raw()" Buffer OverflowVulnerability	View
333120	31222	CVE-2008-1105	URL:http://www.securityfocus.com/archive/1/archive/1/492737/100/0/threaded	View
333121	31222	CVE-2008-1105	MILW0RM:5712	View
333122	31222	CVE-2008-1105	URL:http://www.milw0rm.com/exploits/5712	View
333123	31222	CVE-2008-1105	MLIST:[Security-announce] 20080728 VMSA-2008-00011 Updated ESX service console packages for Samba and vmnix	View
333124	31222	CVE-2008-1105	URL:http://lists.vmware.com/pipermail/security-announce/2008/000023.html	View
333125	31222	CVE-2008-1105	MISC:http://secunia.com/secunia_research/2008-20/advisory/	View
333126	31222	CVE-2008-1105	CONFIRM:http://support.apple.com/kb/HT2163	View
333127	31222	CVE-2008-1105	CONFIRM:http://www.samba.org/samba/security/CVE-2008-1105.html	View
333128	31222	CVE-2008-1105	CONFIRM:http://www.xerox.com/downloads/usa/en/c/cert_XRX08_009.pdf	View
333129	31222	CVE-2008-1105	CONFIRM:http://wiki.rpath.com/Advisories:rPSA-2008-0180	View
333130	31222	CVE-2008-1105	APPLE:APPLE-SA-2008-06-30	View
333131	31222	CVE-2008-1105	URL:http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html	View
333132	31222	CVE-2008-1105	DEBIAN:DSA-1590	View
333133	31222	CVE-2008-1105	URL:http://www.debian.org/security/2008/dsa-1590	View
333134	31222	CVE-2008-1105	FEDORA:FEDORA-2008-4679	View
333135	31222	CVE-2008-1105	URL:https://www.redhat.com/archives/fedora-package-announce/2008-May/msg01006.html	View
333136	31222	CVE-2008-1105	FEDORA:FEDORA-2008-4724	View
333137	31222	CVE-2008-1105	URL:https://www.redhat.com/archives/fedora-package-announce/2008-May/msg01030.html	View
333138	31222	CVE-2008-1105	FEDORA:FEDORA-2008-4797	View
333139	31222	CVE-2008-1105	URL:https://www.redhat.com/archives/fedora-package-announce/2008-May/msg01082.html	View
333140	31222	CVE-2008-1105	GENTOO:GLSA-200805-23	View
333141	31222	CVE-2008-1105	URL:http://security.gentoo.org/glsa/glsa-200805-23.xml	View
333142	31222	CVE-2008-1105	HP:HPSBUX02341	View
333143	31222	CVE-2008-1105	URL:http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657	View
333144	31222	CVE-2008-1105	HP:SSRT080075	View
333145	31222	CVE-2008-1105	URL:http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657	View
333146	31222	CVE-2008-1105	MANDRIVA:MDVSA-2008:108	View
333147	31222	CVE-2008-1105	URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:108	View
333148	31222	CVE-2008-1105	REDHAT:RHSA-2008:0288	View
333149	31222	CVE-2008-1105	URL:http://www.redhat.com/support/errata/RHSA-2008-0288.html	View
333150	31222	CVE-2008-1105	REDHAT:RHSA-2008:0289	View
333151	31222	CVE-2008-1105	URL:http://www.redhat.com/support/errata/RHSA-2008-0289.html	View
333152	31222	CVE-2008-1105	REDHAT:RHSA-2008:0290	View
333153	31222	CVE-2008-1105	URL:http://www.redhat.com/support/errata/RHSA-2008-0290.html	View
333154	31222	CVE-2008-1105	SLACKWARE:SSA:2008-149-01	View
333155	31222	CVE-2008-1105	URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.473951	View
333156	31222	CVE-2008-1105	SUNALERT:249086	View
333157	31222	CVE-2008-1105	URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-249086-1	View
333158	31222	CVE-2008-1105	SUSE:SUSE-SA:2008:026	View
333159	31222	CVE-2008-1105	URL:http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00000.html	View
333160	31222	CVE-2008-1105	UBUNTU:USN-617-1	View
333161	31222	CVE-2008-1105	URL:http://www.ubuntu.com/usn/usn-617-1	View
333162	31222	CVE-2008-1105	UBUNTU:USN-617-2	View
333163	31222	CVE-2008-1105	URL:http://www.ubuntu.com/usn/usn-617-2	View
333164	31222	CVE-2008-1105	BID:29404	View
333165	31222	CVE-2008-1105	URL:http://www.securityfocus.com/bid/29404	View
333166	31222	CVE-2008-1105	BID:31255	View
333167	31222	CVE-2008-1105	URL:http://www.securityfocus.com/bid/31255	View
333168	31222	CVE-2008-1105	OVAL:oval:org.mitre.oval:def:5733	View
333169	31222	CVE-2008-1105	URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5733	View
333170	31222	CVE-2008-1105	OVAL:oval:org.mitre.oval:def:10020	View
333171	31222	CVE-2008-1105	URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10020	View
333172	31222	CVE-2008-1105	SECUNIA:30449	View
333173	31222	CVE-2008-1105	URL:http://secunia.com/advisories/30449	View
333174	31222	CVE-2008-1105	SECUNIA:30478	View
333175	31222	CVE-2008-1105	URL:http://secunia.com/advisories/30478	View
333176	31222	CVE-2008-1105	SECUNIA:30442	View
333177	31222	CVE-2008-1105	URL:http://secunia.com/advisories/30442	View
333178	31222	CVE-2008-1105	VUPEN:ADV-2008-1681	View
333179	31222	CVE-2008-1105	URL:http://www.vupen.com/english/advisories/2008/1681	View
333180	31222	CVE-2008-1105	VUPEN:ADV-2008-1908	View
333181	31222	CVE-2008-1105	URL:http://www.vupen.com/english/advisories/2008/1908	View
333182	31222	CVE-2008-1105	VUPEN:ADV-2008-1981	View
333183	31222	CVE-2008-1105	URL:http://www.vupen.com/english/advisories/2008/1981/references	View
333184	31222	CVE-2008-1105	VUPEN:ADV-2008-2222	View
333185	31222	CVE-2008-1105	URL:http://www.vupen.com/english/advisories/2008/2222/references	View
333186	31222	CVE-2008-1105	VUPEN:ADV-2008-2639	View
333187	31222	CVE-2008-1105	URL:http://www.vupen.com/english/advisories/2008/2639	View
333188	31222	CVE-2008-1105	SECTRACK:1020123	View
333189	31222	CVE-2008-1105	URL:http://securitytracker.com/id?1020123	View
333190	31222	CVE-2008-1105	SECUNIA:30228	View
333191	31222	CVE-2008-1105	URL:http://secunia.com/advisories/30228	View
333192	31222	CVE-2008-1105	SECUNIA:30385	View
333193	31222	CVE-2008-1105	URL:http://secunia.com/advisories/30385	View
333194	31222	CVE-2008-1105	SECUNIA:30543	View
333195	31222	CVE-2008-1105	URL:http://secunia.com/advisories/30543	View
333196	31222	CVE-2008-1105	SECUNIA:30489	View
333197	31222	CVE-2008-1105	URL:http://secunia.com/advisories/30489	View
333198	31222	CVE-2008-1105	SECUNIA:30736	View
333199	31222	CVE-2008-1105	URL:http://secunia.com/advisories/30736	View
333200	31222	CVE-2008-1105	SECUNIA:30835	View
333201	31222	CVE-2008-1105	URL:http://secunia.com/advisories/30835	View
333202	31222	CVE-2008-1105	SECUNIA:30802	View
333203	31222	CVE-2008-1105	URL:http://secunia.com/advisories/30802	View
333204	31222	CVE-2008-1105	SECUNIA:31246	View
333205	31222	CVE-2008-1105	URL:http://secunia.com/advisories/31246	View
333206	31222	CVE-2008-1105	SECUNIA:31911	View
333207	31222	CVE-2008-1105	URL:http://secunia.com/advisories/31911	View
333208	31222	CVE-2008-1105	SECUNIA:30396	View
333209	31222	CVE-2008-1105	URL:http://secunia.com/advisories/30396	View
333210	31222	CVE-2008-1105	SECUNIA:33696	View
333211	31222	CVE-2008-1105	URL:http://secunia.com/advisories/33696	View
333212	31222	CVE-2008-1105	XF:xerox-controller-samba-code-execution(45251)	View
333213	31222	CVE-2008-1105	URL:http://xforce.iss.net/xforce/xfdb/45251	View
333214	31222	CVE-2008-1105	XF:samba-receivesmbraw-bo(42664)	View

Related JVN

Id	JVN No.	Title	Summary	CVE No.	CVE Id	CVSS_v2	CVSS_v3	JVN URL	Actions
46117	JVNDB-2008-001427	Evolution の iCalendar 添付ファイルの処理に関するヒープベースのバッファオーバーフローの脆弱性	Evolution には、iCalendar 添付ファイルの DESCRIPTION プロパティの処理に不備があり、ヒープベースのバッファオーバーフローの脆弱性が存在します。	CVE-2008-1109	31222	9.3		http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001427.html	View

Message	Memory use
Component initialization	1.39 MB
Controller action start	1.49 MB
Controller render start	2.42 MB
View render complete	2.99 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	3.42
Event: Controller.initialize	0.02
Event: Controller.startup	0.07
Controller action	453.24
Event: Controller.beforeRender	5.29
» Processing toolbar data	5.20
Rendering View	28.57
» Event: View.beforeRender	0.02
» Rendering APP/View/Cveinfos/view.ctp	27.20
» Event: View.afterRender	0.02
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	0.85
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	0.16
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/cveinfos/view/31222
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/cveinfos/view/31222
Remote Port	25745
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.115
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.3.195.237
Http Via	1.1 squid-proxy-5b5d847c96-t569n (squid/6.10)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Suspectharddos	1
Suspectdos	1
X Dostranslated Ip	216.73.216.115
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.115
Unique Id	aIaQ4ce_Jy4m7kH1l6nA6QAAAAI
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Suspectharddos	1
Redirect Suspectdos	1
Redirect X Dostranslated Ip	216.73.216.115
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.115
Redirect Unique Id	aIaQ4ce_Jy4m7kH1l6nA6QAAAAI
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect Suspectharddos	1
Redirect Redirect Suspectdos	1
Redirect Redirect X Dostranslated Ip	216.73.216.115
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.115
Redirect Redirect Unique Id	aIaQ4ce_Jy4m7kH1l6nA6QAAAAI
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1753649377.397
Request Time	1753649377

CVE

Actions

Related CVE References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files