{"id":"UBUNTU-CVE-2015-8771","details":"The generate_smb_nt_hash function in include/functions.inc in GOsa allows remote attackers to execute arbitrary commands via a crafted password.","modified":"2025-07-16T08:11:51.115225Z","published":"2017-02-13T18:59:00Z","withdrawn":"2025-07-18T16:43:19Z","upstream":["CVE-2015-8771"],"references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-8771"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2015-8771"}],"affected":[{"package":{"name":"gosa","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/gosa@2.7.4+reloaded2-9ubuntu1?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.7.4+reloaded2-9ubuntu1"}]}],"versions":["2.7.4+reloaded2-2","2.7.4+reloaded2-5","2.7.4+reloaded2-6","2.7.4+reloaded2-7","2.7.4+reloaded2-8","2.7.4+reloaded2-9"],"ecosystem_specific":{"binaries":[{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-desktop"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-dev"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-help-de"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-help-en"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-help-fr"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-help-nl"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-plugin-connectivity"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-plugin-dhcp"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-plugin-dhcp-schema"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-plugin-dns"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-plugin-dns-schema"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-plugin-fai"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-plugin-fai-schema"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-plugin-gofax"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-plugin-gofon"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-plugin-goto"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-plugin-kolab"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-plugin-kolab-schema"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-plugin-ldapmanager"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-plugin-mail"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-plugin-mit-krb5"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-plugin-mit-krb5-schema"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-plugin-nagios"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-plugin-nagios-schema"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-plugin-netatalk"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-plugin-opengroupware"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-plugin-openxchange"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-plugin-openxchange-schema"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-plugin-opsi"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-plugin-phpgw"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-plugin-phpgw-schema"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-plugin-phpscheduleit"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-plugin-phpscheduleit-schema"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-plugin-pptp"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-plugin-pptp-schema"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-plugin-pureftpd"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-plugin-pureftpd-schema"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-plugin-rolemanagement"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-plugin-rsyslog"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-plugin-samba"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-plugin-scalix"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-plugin-squid"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-plugin-ssh"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-plugin-ssh-schema"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-plugin-sudo"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-plugin-sudo-schema"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-plugin-systems"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-plugin-uw-imap"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-plugin-webdav"},{"binary_version":"2.7.4+reloaded2-9ubuntu1","binary_name":"gosa-schema"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2015/UBUNTU-CVE-2015-8771.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]}