VulnerableCode Vulnerability Details

Search for vulnerabilities

System	Score	Found at
generic_textual	MODERATE	http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html
rhas	Critical	https://access.redhat.com/errata/RHSA-2008:0288
rhas	Critical	https://access.redhat.com/errata/RHSA-2008:0289
rhas	Critical	https://access.redhat.com/errata/RHSA-2008:0290
epss	0.8952	https://api.first.org/data/v1/epss?cve=CVE-2008-1105
epss	0.9044	https://api.first.org/data/v1/epss?cve=CVE-2008-1105
epss	0.9044	https://api.first.org/data/v1/epss?cve=CVE-2008-1105
epss	0.9044	https://api.first.org/data/v1/epss?cve=CVE-2008-1105
epss	0.9044	https://api.first.org/data/v1/epss?cve=CVE-2008-1105
epss	0.9044	https://api.first.org/data/v1/epss?cve=CVE-2008-1105
epss	0.9044	https://api.first.org/data/v1/epss?cve=CVE-2008-1105
epss	0.9044	https://api.first.org/data/v1/epss?cve=CVE-2008-1105
epss	0.9044	https://api.first.org/data/v1/epss?cve=CVE-2008-1105
epss	0.9044	https://api.first.org/data/v1/epss?cve=CVE-2008-1105
epss	0.9044	https://api.first.org/data/v1/epss?cve=CVE-2008-1105
epss	0.9044	https://api.first.org/data/v1/epss?cve=CVE-2008-1105
epss	0.9044	https://api.first.org/data/v1/epss?cve=CVE-2008-1105
epss	0.9044	https://api.first.org/data/v1/epss?cve=CVE-2008-1105
epss	0.9044	https://api.first.org/data/v1/epss?cve=CVE-2008-1105
epss	0.9044	https://api.first.org/data/v1/epss?cve=CVE-2008-1105
epss	0.9044	https://api.first.org/data/v1/epss?cve=CVE-2008-1105
epss	0.91259	https://api.first.org/data/v1/epss?cve=CVE-2008-1105
epss	0.91259	https://api.first.org/data/v1/epss?cve=CVE-2008-1105
epss	0.91259	https://api.first.org/data/v1/epss?cve=CVE-2008-1105
epss	0.91259	https://api.first.org/data/v1/epss?cve=CVE-2008-1105
epss	0.91259	https://api.first.org/data/v1/epss?cve=CVE-2008-1105
epss	0.91259	https://api.first.org/data/v1/epss?cve=CVE-2008-1105
epss	0.91259	https://api.first.org/data/v1/epss?cve=CVE-2008-1105
epss	0.91259	https://api.first.org/data/v1/epss?cve=CVE-2008-1105
epss	0.91259	https://api.first.org/data/v1/epss?cve=CVE-2008-1105
epss	0.95988	https://api.first.org/data/v1/epss?cve=CVE-2008-1105
epss	0.95988	https://api.first.org/data/v1/epss?cve=CVE-2008-1105
epss	0.95988	https://api.first.org/data/v1/epss?cve=CVE-2008-1105
epss	0.95988	https://api.first.org/data/v1/epss?cve=CVE-2008-1105
epss	0.96881	https://api.first.org/data/v1/epss?cve=CVE-2008-1105
epss	0.96881	https://api.first.org/data/v1/epss?cve=CVE-2008-1105
epss	0.96881	https://api.first.org/data/v1/epss?cve=CVE-2008-1105
epss	0.96881	https://api.first.org/data/v1/epss?cve=CVE-2008-1105
epss	0.96881	https://api.first.org/data/v1/epss?cve=CVE-2008-1105
epss	0.96881	https://api.first.org/data/v1/epss?cve=CVE-2008-1105
epss	0.96881	https://api.first.org/data/v1/epss?cve=CVE-2008-1105
epss	0.96881	https://api.first.org/data/v1/epss?cve=CVE-2008-1105
epss	0.96881	https://api.first.org/data/v1/epss?cve=CVE-2008-1105
epss	0.96881	https://api.first.org/data/v1/epss?cve=CVE-2008-1105
rhbs	urgent	https://bugzilla.redhat.com/show_bug.cgi?id=446724
generic_textual	MODERATE	http://secunia.com/advisories/30802
cvssv2	7.5	https://nvd.nist.gov/vuln/detail/CVE-2008-1105
generic_textual	MODERATE	http://support.apple.com/kb/HT2163
generic_textual	MODERATE	http://www.vupen.com/english/advisories/2008/1981/references

System

Score

Found at

generic_textual

MODERATE

http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html

rhas

Critical

https://access.redhat.com/errata/RHSA-2008:0288

rhas

Critical

https://access.redhat.com/errata/RHSA-2008:0289

rhas

Critical

https://access.redhat.com/errata/RHSA-2008:0290

epss

0.8952

https://api.first.org/data/v1/epss?cve=CVE-2008-1105

epss

0.9044

https://api.first.org/data/v1/epss?cve=CVE-2008-1105

epss

0.9044

https://api.first.org/data/v1/epss?cve=CVE-2008-1105

epss

0.9044

https://api.first.org/data/v1/epss?cve=CVE-2008-1105

epss

0.9044

https://api.first.org/data/v1/epss?cve=CVE-2008-1105

epss

0.9044

https://api.first.org/data/v1/epss?cve=CVE-2008-1105

epss

0.9044

https://api.first.org/data/v1/epss?cve=CVE-2008-1105

epss

0.9044

https://api.first.org/data/v1/epss?cve=CVE-2008-1105

epss

0.9044

https://api.first.org/data/v1/epss?cve=CVE-2008-1105

epss

0.9044

https://api.first.org/data/v1/epss?cve=CVE-2008-1105

epss

0.9044

https://api.first.org/data/v1/epss?cve=CVE-2008-1105

epss

0.9044

https://api.first.org/data/v1/epss?cve=CVE-2008-1105

epss

0.9044

https://api.first.org/data/v1/epss?cve=CVE-2008-1105

epss

0.9044

https://api.first.org/data/v1/epss?cve=CVE-2008-1105

epss

0.9044

https://api.first.org/data/v1/epss?cve=CVE-2008-1105

epss

0.9044

https://api.first.org/data/v1/epss?cve=CVE-2008-1105

epss

0.9044

https://api.first.org/data/v1/epss?cve=CVE-2008-1105

epss

0.91259

https://api.first.org/data/v1/epss?cve=CVE-2008-1105

epss

0.91259

https://api.first.org/data/v1/epss?cve=CVE-2008-1105

epss

0.91259

https://api.first.org/data/v1/epss?cve=CVE-2008-1105

epss

0.91259

https://api.first.org/data/v1/epss?cve=CVE-2008-1105

epss

0.91259

https://api.first.org/data/v1/epss?cve=CVE-2008-1105

epss

0.91259

https://api.first.org/data/v1/epss?cve=CVE-2008-1105

epss

0.91259

https://api.first.org/data/v1/epss?cve=CVE-2008-1105

epss

0.91259

https://api.first.org/data/v1/epss?cve=CVE-2008-1105

epss

0.91259

https://api.first.org/data/v1/epss?cve=CVE-2008-1105

epss

0.95988

https://api.first.org/data/v1/epss?cve=CVE-2008-1105

epss

0.95988

https://api.first.org/data/v1/epss?cve=CVE-2008-1105

epss

0.95988

https://api.first.org/data/v1/epss?cve=CVE-2008-1105

epss

0.95988

https://api.first.org/data/v1/epss?cve=CVE-2008-1105

epss

0.96881

https://api.first.org/data/v1/epss?cve=CVE-2008-1105

epss

0.96881

https://api.first.org/data/v1/epss?cve=CVE-2008-1105

epss

0.96881

https://api.first.org/data/v1/epss?cve=CVE-2008-1105

epss

0.96881

https://api.first.org/data/v1/epss?cve=CVE-2008-1105

epss

0.96881

https://api.first.org/data/v1/epss?cve=CVE-2008-1105

epss

0.96881

https://api.first.org/data/v1/epss?cve=CVE-2008-1105

epss

0.96881

https://api.first.org/data/v1/epss?cve=CVE-2008-1105

epss

0.96881

https://api.first.org/data/v1/epss?cve=CVE-2008-1105

epss

0.96881

https://api.first.org/data/v1/epss?cve=CVE-2008-1105

epss

0.96881

https://api.first.org/data/v1/epss?cve=CVE-2008-1105

rhbs

urgent

https://bugzilla.redhat.com/show_bug.cgi?id=446724

generic_textual

MODERATE

http://secunia.com/advisories/30802

cvssv2

7.5

https://nvd.nist.gov/vuln/detail/CVE-2008-1105

generic_textual

MODERATE

http://support.apple.com/kb/HT2163

generic_textual

MODERATE

http://www.vupen.com/english/advisories/2008/1981/references

Reference id

Reference type

URL

http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html

http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00000.html

http://lists.vmware.com/pipermail/security-announce/2008/000023.html

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1105.json

https://api.first.org/data/v1/epss?cve=CVE-2008-1105

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1105

http://secunia.com/advisories/30228

http://secunia.com/advisories/30385

http://secunia.com/advisories/30396

http://secunia.com/advisories/30442

http://secunia.com/advisories/30449

http://secunia.com/advisories/30478

http://secunia.com/advisories/30489

http://secunia.com/advisories/30543

http://secunia.com/advisories/30736

http://secunia.com/advisories/30802

http://secunia.com/advisories/30835

http://secunia.com/advisories/31246

http://secunia.com/advisories/31911

http://secunia.com/advisories/33696

http://secunia.com/secunia_research/2008-20/advisory/

http://security.gentoo.org/glsa/glsa-200805-23.xml

http://securitytracker.com/id?1020123

https://exchange.xforce.ibmcloud.com/vulnerabilities/42664

https://exchange.xforce.ibmcloud.com/vulnerabilities/45251

http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.473951

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10020

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5733

http://sunsolve.sun.com/search/document.do?assetkey=1-26-249086-1

http://support.apple.com/kb/HT2163

https://www.exploit-db.com/exploits/5712

https://www.redhat.com/archives/fedora-package-announce/2008-May/msg01006.html

https://www.redhat.com/archives/fedora-package-announce/2008-May/msg01030.html

https://www.redhat.com/archives/fedora-package-announce/2008-May/msg01082.html

http://wiki.rpath.com/Advisories:rPSA-2008-0180

http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657

http://www.debian.org/security/2008/dsa-1590

http://www.mandriva.com/security/advisories?name=MDVSA-2008:108

http://www.redhat.com/support/errata/RHSA-2008-0288.html

http://www.redhat.com/support/errata/RHSA-2008-0289.html

http://www.redhat.com/support/errata/RHSA-2008-0290.html

http://www.samba.org/samba/security/CVE-2008-1105.html

http://www.securityfocus.com/archive/1/492683/100/0/threaded

http://www.securityfocus.com/archive/1/492737/100/0/threaded

http://www.securityfocus.com/archive/1/492903/100/0/threaded

http://www.securityfocus.com/bid/29404

http://www.securityfocus.com/bid/31255

http://www.ubuntu.com/usn/usn-617-1

http://www.ubuntu.com/usn/usn-617-2

http://www.vupen.com/english/advisories/2008/1681

http://www.vupen.com/english/advisories/2008/1908

http://www.vupen.com/english/advisories/2008/1981/references

http://www.vupen.com/english/advisories/2008/2222/references

http://www.vupen.com/english/advisories/2008/2639

http://www.xerox.com/downloads/usa/en/c/cert_XRX08_009.pdf

446724

https://bugzilla.redhat.com/show_bug.cgi?id=446724

483410

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=483410

cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:3.0.28a:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:3.0.28a:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:3.0.29:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:3.0.29:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*

cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*

CVE-2008-1105

https://nvd.nist.gov/vuln/detail/CVE-2008-1105

GLSA-200805-23

https://security.gentoo.org/glsa/200805-23

RHSA-2008:0288

https://access.redhat.com/errata/RHSA-2008:0288

RHSA-2008:0289

https://access.redhat.com/errata/RHSA-2008:0289

RHSA-2008:0290

https://access.redhat.com/errata/RHSA-2008:0290

USN-617-1

https://usn.ubuntu.com/617-1/

USN-617-2

https://usn.ubuntu.com/617-2/

Data source	Exploit-DB
Date added	May 31, 2008
Description	Samba 3.0.29 (Client) - 'receive_smb_raw()' Buffer Overflow (PoC)
Ransomware campaign use	Known
Source publication date	June 1, 2008
Exploit type	dos
Platform	multiple
Source update date	Sept. 6, 2017

Exploit-DB

May 31, 2008

Samba 3.0.29 (Client) - 'receive_smb_raw()' Buffer Overflow (PoC)

Known

June 1, 2008

dos

multiple

Sept. 6, 2017

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.

There are no relevant records.

Vulnerability ID	VCID-bgf8-d36f-aaaa
Aliases	CVE-2008-1105
Summary	Heap-based buffer overflow in the receive_smb_raw function in util/sock.c in Samba 3.0.0 through 3.0.29 allows remote attackers to execute arbitrary code via a crafted SMB response.
Status	Published
Exploitability	2.0
Weighted Severity	9.0
Risk	10.0
Affected and Fixed Packages	Package Details

Percentile	0.99467
EPSS Score	0.8952
Published At	March 29, 2025, 12:55 p.m.