Описание
Heap-based buffer overflow in the dcerpc_read_ncacn_packet_done function in librpc/rpc/dcerpc_util.c in winbindd in Samba 3.x before 3.6.22, 4.0.x before 4.0.13, and 4.1.x before 4.1.3 allows remote AD domain controllers to execute arbitrary code via an invalid fragment length in a DCE-RPC packet.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 2:4.0.13+dfsg-1ubuntu1 |
| esm-infra-legacy/trusty | released | 2:4.0.13+dfsg-1ubuntu1 |
| esm-infra/xenial | released | 2:4.0.13+dfsg-1ubuntu1 |
| lucid | released | 2:3.4.7~dfsg-1ubuntu3.13 |
| precise | released | 2:3.6.3-2ubuntu2.9 |
| precise/esm | not-affected | 2:3.6.3-2ubuntu2.9 |
| quantal | released | 2:3.6.6-3ubuntu5.3 |
| raring | released | 2:3.6.9-1ubuntu1.2 |
| saucy | released | 2:3.6.18-1ubuntu3.1 |
| trusty | released | 2:4.0.13+dfsg-1ubuntu1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| lucid | ignored | end of life |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
| quantal | ignored | end of life |
| raring | ignored | end of life |
| saucy | ignored | end of life |
| trusty | DNE | |
| trusty/esm | DNE |
Показывать по
EPSS
8.3 High
CVSS2
Связанные уязвимости
Heap-based buffer overflow in the dcerpc_read_ncacn_packet_done function in librpc/rpc/dcerpc_util.c in winbindd in Samba 3.x before 3.6.22, 4.0.x before 4.0.13, and 4.1.x before 4.1.3 allows remote AD domain controllers to execute arbitrary code via an invalid fragment length in a DCE-RPC packet.
Heap-based buffer overflow in the dcerpc_read_ncacn_packet_done function in librpc/rpc/dcerpc_util.c in winbindd in Samba 3.x before 3.6.22, 4.0.x before 4.0.13, and 4.1.x before 4.1.3 allows remote AD domain controllers to execute arbitrary code via an invalid fragment length in a DCE-RPC packet.
Heap-based buffer overflow in the dcerpc_read_ncacn_packet_done functi ...
Heap-based buffer overflow in the dcerpc_read_ncacn_packet_done function in librpc/rpc/dcerpc_util.c in winbindd in Samba 3.x before 3.6.22, 4.0.x before 4.0.13, and 4.1.x before 4.1.3 allows remote AD domain controllers to execute arbitrary code via an invalid fragment length in a DCE-RPC packet.
EPSS
8.3 High
CVSS2