Описание
NetBIOS name services daemon (nmbd) in Samba 4.0.x before 4.0.21 and 4.1.x before 4.1.11 allows remote attackers to execute arbitrary code via unspecified vectors that modify heap memory, involving a sizeof operation on an incorrect variable in the unstrcpy macro in string_wrappers.h.
A heap-based buffer overflow flaw was found in Samba's NetBIOS message block daemon (nmbd). An attacker on the local network could use this flaw to send specially crafted packets that, when processed by nmbd, could possibly lead to arbitrary code execution with root privileges.
Отчет
This issue did not affect the versions of samba or samba3x as shipped with Red Hat Enterprise Linux 5, and the versions of samba as shipped with Red Hat Enterprise Linux 6, as it only affected Samba 4.0.0 and higher.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | samba | Not affected | ||
| Red Hat Enterprise Linux 5 | samba3x | Not affected | ||
| Red Hat Enterprise Linux 6 | samba | Not affected | ||
| Red Hat Enterprise Linux Extended Update Support 6.2 | samba4 | Affected | ||
| Red Hat Enterprise Linux Extended Update Support 6.4 | samba4 | Affected | ||
| Red Hat Storage 2.1 | samba | Not affected | ||
| Red Hat Storage 3.0 | samba | Not affected | ||
| Red Hat Enterprise Linux 6 | samba4 | Fixed | RHSA-2014:1009 | 05.08.2014 |
| Red Hat Enterprise Linux 7 | samba | Fixed | RHSA-2014:1008 | 05.08.2014 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.9 High
CVSS2
Связанные уязвимости
NetBIOS name services daemon (nmbd) in Samba 4.0.x before 4.0.21 and 4.1.x before 4.1.11 allows remote attackers to execute arbitrary code via unspecified vectors that modify heap memory, involving a sizeof operation on an incorrect variable in the unstrcpy macro in string_wrappers.h.
NetBIOS name services daemon (nmbd) in Samba 4.0.x before 4.0.21 and 4.1.x before 4.1.11 allows remote attackers to execute arbitrary code via unspecified vectors that modify heap memory, involving a sizeof operation on an incorrect variable in the unstrcpy macro in string_wrappers.h.
NetBIOS name services daemon (nmbd) in Samba 4.0.x before 4.0.21 and 4 ...
NetBIOS name services daemon (nmbd) in Samba 4.0.x before 4.0.21 and 4.1.x before 4.1.11 allows remote attackers to execute arbitrary code via unspecified vectors that modify heap memory, involving a sizeof operation on an incorrect variable in the unstrcpy macro in string_wrappers.h.
EPSS
7.9 High
CVSS2