Описание
A flaw was found in the way samba implemented DCE/RPC. If a client to a Samba server sent a very large DCE/RPC request, and chose to fragment it, an attacker could replace later fragments with their own data, bypassing the signature requirements.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | 2:4.7.6+dfsg~ubuntu-0ubuntu2.24 |
| devel | released | 2:4.13.14+dfsg-0ubuntu1 |
| esm-infra-legacy/trusty | not-affected | |
| esm-infra/bionic | not-affected | 2:4.7.6+dfsg~ubuntu-0ubuntu2.24 |
| esm-infra/focal | released | 2:4.13.14+dfsg-0ubuntu0.20.04.1 |
| esm-infra/xenial | not-affected | |
| focal | released | 2:4.13.14+dfsg-0ubuntu0.20.04.1 |
| hirsute | released | 2:4.13.14+dfsg-0ubuntu0.21.04.1 |
| impish | released | 2:4.13.14+dfsg-0ubuntu0.21.10.1 |
| jammy | released | 2:4.13.14+dfsg-0ubuntu1 |
Показывать по
EPSS
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
A flaw was found in the way samba implemented DCE/RPC. If a client to a Samba server sent a very large DCE/RPC request, and chose to fragment it, an attacker could replace later fragments with their own data, bypassing the signature requirements.
A flaw was found in the way samba implemented DCE/RPC. If a client to a Samba server sent a very large DCE/RPC request, and chose to fragment it, an attacker could replace later fragments with their own data, bypassing the signature requirements.
A flaw was found in the way samba implemented DCE/RPC. If a client to ...
A flaw was found in the way samba implemented DCE/RPC. If a client to a Samba server sent a very large DCE/RPC request, and chose to fragment it, an attacker could replace later fragments with their own data, bypassing the signature requirements.
EPSS
5 Medium
CVSS2
7.5 High
CVSS3