{"vulnerability": "cve-2015-0240", "sightings": [{"uuid": "728cdd03-f169-428e-908c-0ee9764e6269", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-0240", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:42.000000Z"}, {"uuid": "7d319b33-b7c4-4db1-a564-4a24b399b50a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-0240", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:12:47.000000Z"}, {"uuid": "56e0faa0-110d-4c5f-8a6d-b8de59826fff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-0240", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:09:34.000000Z"}, {"uuid": "87451f84-190a-455a-b2dd-84a3271d8cc5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-0240", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:01:07.000000Z"}, {"uuid": "60d4b49f-8f26-498b-a3f6-c78207633ee7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-0240", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/smb/smb_uninit_cred.rb", "content": "", "creation_timestamp": "2018-05-29T15:50:33.000000Z"}, {"uuid": "10d6d3fe-0c08-42a2-9161-58248023ebe2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-0240", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15845", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2015-0240\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execute arbitrary code via crafted Netlogon packets that use the ServerPasswordSet RPC API, as demonstrated by packets reaching the _netr_ServerPasswordSet function in rpc_server/netlogon/srv_netlog_nt.c.\n\ud83d\udccf Published: 2015-02-24T01:00:00.000Z\n\ud83d\udccf Modified: 2025-05-09T20:03:27.070Z\n\ud83d\udd17 References:\n1. http://marc.info/?l=bugtraq&amp;m=143039217203031&amp;w=2\n2. http://rhn.redhat.com/errata/RHSA-2015-0257.html\n3. http://rhn.redhat.com/errata/RHSA-2015-0254.html\n4. https://securityblog.redhat.com/2015/02/23/samba-vulnerability-cve-2015-0240/\n5. http://advisories.mageia.org/MGASA-2015-0084.html\n6. http://www.slackware.com/security/viewer.php?l=slackware-security&amp;y=2015&amp;m=slackware-security.360345\n7. https://www.exploit-db.com/exploits/36741/\n8. http://rhn.redhat.com/errata/RHSA-2015-0250.html\n9. https://support.lenovo.com/product_security/samba_remote_vuln\n10. http://marc.info/?l=bugtraq&amp;m=143039217203031&amp;w=2\n11. http://www.ubuntu.com/usn/USN-2508-1\n12. http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html\n13. http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00035.html\n14. http://rhn.redhat.com/errata/RHSA-2015-0253.html\n15. https://www.samba.org/samba/security/CVE-2015-0240\n16. http://www.securityfocus.com/bid/72711\n17. http://rhn.redhat.com/errata/RHSA-2015-0249.html\n18. http://rhn.redhat.com/errata/RHSA-2015-0251.html\n19. http://security.gentoo.org/glsa/glsa-201502-15.xml\n20. http://www.debian.org/security/2015/dsa-3171\n21. http://www.securitytracker.com/id/1031783\n22. http://rhn.redhat.com/errata/RHSA-2015-0252.html\n23. https://bugzilla.redhat.com/show_bug.cgi?id=1191325\n24. http://www.mandriva.com/security/advisories?name=MDVSA-2015:082\n25. http://marc.info/?l=bugtraq&amp;m=142722696102151&amp;w=2\n26. http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.html\n27. https://support.lenovo.com/us/en/product_security/samba_remote_vuln\n28. http://www.mandriva.com/security/advisories?name=MDVSA-2015:081\n29. http://rhn.redhat.com/errata/RHSA-2015-0255.html\n30. https://access.redhat.com/articles/1346913\n31. http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html\n32. http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.html\n33. http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00031.html\n34. http://rhn.redhat.com/errata/RHSA-2015-0256.html\n35. http://marc.info/?l=bugtraq&amp;m=142722696102151&amp;w=2\n36. http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00030.html\n37. http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00028.html", "creation_timestamp": "2025-05-09T20:26:23.000000Z"}]}