Vulnerability Details CVE-2014-2581
Smb4K before 1.1.1 allows remote attackers to obtain credentials via vectors related to the cuid option in the "Additional options" line edit.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.02
EPSS Ranking 82.8%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- http://lists.fedoraproject.org/pipermail/package-announce/2014-June/133898.html
- http://lists.fedoraproject.org/pipermail/package-announce/2014-June/133901.html
- http://sourceforge.net/projects/smb4k/files/1.1.1/
- http://www.openwall.com/lists/oss-security/2014/03/24/1
- http://www.openwall.com/lists/oss-security/2014/03/25/5
- https://bugs.gentoo.org/505376
- http://lists.fedoraproject.org/pipermail/package-announce/2014-June/133898.html
- http://lists.fedoraproject.org/pipermail/package-announce/2014-June/133901.html
- http://sourceforge.net/projects/smb4k/files/1.1.1/
- http://www.openwall.com/lists/oss-security/2014/03/24/1
- http://www.openwall.com/lists/oss-security/2014/03/25/5
- https://bugs.gentoo.org/505376
Products affected by CVE-2014-2581
-
cpe:2.3:a:smb4k_project:smb4k:-
-
cpe:2.3:a:smb4k_project:smb4k:0.10.12
-
cpe:2.3:a:smb4k_project:smb4k:0.8.7
-
cpe:2.3:a:smb4k_project:smb4k:0.9.10
-
cpe:2.3:a:smb4k_project:smb4k:1.0.0
-
cpe:2.3:a:smb4k_project:smb4k:1.0.1
-
cpe:2.3:a:smb4k_project:smb4k:1.0.2
-
cpe:2.3:a:smb4k_project:smb4k:1.0.3
-
cpe:2.3:a:smb4k_project:smb4k:1.0.4
-
cpe:2.3:a:smb4k_project:smb4k:1.0.5
-
cpe:2.3:a:smb4k_project:smb4k:1.0.6
-
cpe:2.3:a:smb4k_project:smb4k:1.0.7
-
cpe:2.3:a:smb4k_project:smb4k:1.0.8
-
cpe:2.3:a:smb4k_project:smb4k:1.0.9
-
cpe:2.3:a:smb4k_project:smb4k:1.1.0
-
cpe:2.3:o:fedoraproject:fedora:19
-
cpe:2.3:o:fedoraproject:fedora:20