CVE-2014-2830

Description

Stack-based buffer overflow in cifskey.c or cifscreds.c in cifs-utils before 6.4, as used in pam_cifscreds, allows remote attackers to have unspecified impact via unknown vectors.

Predictions

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

References

• http://advisories.mageia.org/MGASA-2014-0242.html
• http://seclists.org/oss-sec/2014/q2/96
• http://www.mandriva.com/security/advisories?name=MDVSA-2015:114
• https://bugs.mageia.org/show_bug.cgi?id=13386
• https://bugzilla.novell.com/show_bug.cgi?id=870168
• https://bugzilla.redhat.com/show_bug.cgi?id=1086224
• https://lists.samba.org/archive/samba-technical/2014-July/101132.html
• https://security.gentoo.org/glsa/201612-08
• https://security-tracker.debian.org/tracker/CVE-2014-2830

CWEs

CWE-119