CVE-2008-4314
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2008-4314
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
smbd in Samba 3.0.29 through 3.2.4 might allow remote attackers to read arbitrary memory and cause a denial of service via crafted (1) trans, (2) trans2, and (3) nttrans requests, related to a "cut&paste error" that causes an improper bounds check to be performed.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Samba smbd远程信息泄露漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Samba是Samba团队开发的一套可使UNIX系列的操作系统与微软Windows操作系统的SMB/CIFS网络协议做连结的自由软件。该软件支持共享打印机、互相传输资料文件等。 Samba在处理trans、trans2和nttrans请求时存在边界条件错误。这些请求用于在客户端和服务器之间传输任意数量的内存,包含有两个偏移:偏移A指向客户端所发送的PDU,偏移B将传输的内存引导到服务端上的缓冲区。由于在偏移A中的一个剪切错误,导致远程攻击者可以通过发送特制的请求泄露受限制的smbd进程内存。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2008-4314
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2008-4314
Please Login to view more intelligence information
- http://us1.samba.org/samba/security/CVE-2008-4314.htmlx_refsource_CONFIRM
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-249087-1vendor-advisoryx_refsource_SUNALERT
- http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00002.htmlvendor-advisoryx_refsource_SUSE
- http://www.redhat.com/archives/fedora-package-announce/2008-December/msg00141.htmlvendor-advisoryx_refsource_FEDORA
- http://www.redhat.com/archives/fedora-package-announce/2008-December/msg00021.htmlvendor-advisoryx_refsource_FEDORA
- https://nvd.nist.gov/vuln/detail/CVE-2008-4314
Same Patch Batch · n/a · 2008-12-01 · 20 CVEs total
| CVE-2008-5290 | Werner Hilversum Clean CMS 'full_txt.php'跨站脚本漏洞 | |
| CVE-2008-5299 | Debian chm2pdf 不安全临时文件创建漏洞 | |
| CVE-2008-5298 | Debian chm2pdf 临时文件拒绝服务漏洞 | |
| CVE-2008-5297 | No-IP Dynamic Update Client远程栈溢出漏洞 | |
| CVE-2008-5296 | Menalto Gallery 安全认证绕过和权限提升漏洞 | |
| CVE-2008-5295 | Jamit Job Board 'index.php' SQL注入漏洞 | |
| CVE-2008-5294 | WebStudio eCatalogue index.php SQL注入漏洞 | |
| CVE-2008-5293 | WebStudio eHotel index.php SQL注入漏洞 | |
| CVE-2008-5292 | VideoGirls 'view_snaps.php' SQL注入漏洞 | |
| CVE-2008-5291 | fuzzylime (cms) 'code/track.php'目录遍历漏洞 | |
| CVE-2008-5300 | Linux Kernel sendmsg()本地拒绝服务漏洞 | |
| CVE-2008-5289 | Werner Hilversum Clean CMS 'full_txt.php' SQL注入漏洞 | |
| CVE-2008-5288 | Werner Hilversum FAQ Manager 'include/header.php' 远程文件包含漏洞 | |
| CVE-2008-5287 | Werner Hilversum FAQ Manager 'catagorie.php' SQL注入漏洞 | |
| CVE-2008-5286 | CUPS PNG _cupsImageReadPNG()函数整数溢出漏洞 | |
| CVE-2008-5285 | Wireshark SMTP报文远程拒绝服务漏洞 | |
| CVE-2008-5303 | Perl rmdir()函数本地竞争条件漏洞 | |
| CVE-2008-5302 | Perl rmdir()函数本地竞争条件漏洞 | |
| CVE-2008-5301 | Dovecot ManageSieve Service '.sieve' Files 目录遍历漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8268
Open5GS SMF OpenAPI_list_create denial of service - CVE-2026-8267
Open5GS SMF smf_nsmf_handle_created_data_in_vsmf denial of s - CVE-2026-8266
Open5GS SMF gsm-build.c gsm_build_pdu_session_establishment_ - CVE-2026-8261
Squirrel sqobject.cpp Load heap-based overflow - CVE-2026-8258
Squirrel sqstdstring.cpp validate_format stack-based overflo
V. Comments for CVE-2008-4314
No comments yet