what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

CVE-2013-4408

Status Candidate

Overview

Heap-based buffer overflow in the dcerpc_read_ncacn_packet_done function in librpc/rpc/dcerpc_util.c in winbindd in Samba 3.x before 3.6.22, 4.0.x before 4.0.13, and 4.1.x before 4.1.3 allows remote AD domain controllers to execute arbitrary code via an invalid fragment length in a DCE-RPC packet.

Related Files

Gentoo Linux Security Advisory 201502-15
Posted Feb 26, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201502-15 - Multiple vulnerabilities have been found in Samba, the worst of which allowing a context-dependent attacker to bypass intended file restrictions, cause a Denial of Service or execute arbitrary code. Versions less than 3.6.25 are affected.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2012-6150, CVE-2013-4124, CVE-2013-4408, CVE-2013-4475, CVE-2013-4476, CVE-2013-4496, CVE-2014-0178, CVE-2014-0239, CVE-2014-0244, CVE-2014-3493, CVE-2015-0240
SHA-256 | 606c956ce8f163cd743c45062fd6201fce247d72cbe7bc650aed2d2440e1861b
HP Security Bulletin HPSBUX03087 SSRT101413 2
Posted Nov 22, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX03087 SSRT101413 2 - Potential security vulnerabilities have been identified with HP-UX CIFS-Server (Samba). The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS), execution of arbitrary code, or unauthorized access. Revision 2 of this advisory.

tags | advisory, denial of service, arbitrary, vulnerability
systems | hpux
advisories | CVE-2012-6150, CVE-2013-4124, CVE-2013-4408
SHA-256 | a56a13f1ec26735d4d53c5b23bf32116794a56a90a713f7129caca2874101576
HP Security Bulletin HPSBUX03087 SSRT101413
Posted Aug 8, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX03087 SSRT101413 - Potential security vulnerabilities have been identified with HP-UX CIFS-Server (Samba). The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
systems | hpux
advisories | CVE-2012-6150, CVE-2013-4124, CVE-2013-4408
SHA-256 | 1299cc2ae31937153cba3aee6893facc0a9857094409153f01cd2e09689e173b
Slackware Security Advisory - samba Updates
Posted Jan 14, 2014
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New samba packages are available for Slackware 14.1, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2013-4408
SHA-256 | aaf542c1edaf53c34eb9aee0f7ef9b039611aa47d44495a0d8bc548201d9a409
Red Hat Security Advisory 2014-0009-01
Posted Jan 6, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0009-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in the DCE-RPC client code in Samba. A specially crafted DCE-RPC packet could cause various Samba programs to crash or, possibly, execute arbitrary code when parsed. A malicious or compromised Active Directory Domain Controller could use this flaw to compromise the winbindd daemon running with root privileges.

tags | advisory, overflow, arbitrary, root, protocol
systems | linux, redhat
advisories | CVE-2013-4408, CVE-2013-4475
SHA-256 | 9153c8aeb19a4ad7c3bbc309c720fa69bb6d3177dc1120458ca05236e6c48a4a
Mandriva Linux Security Advisory 2013-299
Posted Dec 23, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-299 - The winbind_name_list_to_sid_string_list function in nsswitch/pam_winbind.c in Samba through 4.1.2 handles invalid require_membership_of group names by accepting authentication by any user, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by leveraging an administrator's pam_winbind configuration-file mistake. Buffer overflow in the dcerpc_read_ncacn_packet_done function in librpc/rpc/dcerpc_util.c in winbindd in Samba 3.x before 3.6.22, 4.0.x before 4.0.13, and 4.1.x before 4.1.3 allows remote AD domain controllers to execute arbitrary code via an invalid fragment length in a DCE-RPC packet. The updated packages has been upgraded to the 3.6.22 version which resolves various upstream bugs and is not vulnerable to these issues.

tags | advisory, remote, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2012-6150, CVE-2013-4408
SHA-256 | 616e78bf48894f3bc5d18232a8b44d069f6ab91be39e3eb85bbad5e45a00df87
Ubuntu Security Notice USN-2054-1
Posted Dec 12, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2054-1 - It was discovered that Winbind incorrectly handled invalid group names with the require_membership_of parameter. If an administrator used an invalid group name by mistake, access was granted instead of having the login fail. Stefan Metzmacher and Michael Adam discovered that Samba incorrectly handled DCE-RPC fragment length fields. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or possibly execute arbitrary code as the root user. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, root
systems | linux, ubuntu
advisories | CVE-2012-6150, CVE-2013-4408, CVE-2013-4475, CVE-2012-6150, CVE-2013-4408, CVE-2013-4475
SHA-256 | 37f80d54fa555acc23ea6eff4a37a7ea3dc8c6b393c21df3b217c7cb111faf5f
Red Hat Security Advisory 2013-1806-01
Posted Dec 10, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1806-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in the DCE-RPC client code in Samba. A specially crafted DCE-RPC packet could cause various Samba programs to crash or, possibly, execute arbitrary code when parsed. A malicious or compromised Active Directory Domain Controller could use this flaw to compromise the winbindd daemon running with root privileges.

tags | advisory, overflow, arbitrary, root, protocol
systems | linux, redhat
advisories | CVE-2013-4408, CVE-2013-4475
SHA-256 | 776f5e06aa1d59689b658d1881b9e89a5fcea991a6537bc63833095590381b35
Red Hat Security Advisory 2013-1805-01
Posted Dec 10, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1805-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in the DCE-RPC client code in Samba. A specially crafted DCE-RPC packet could cause various Samba programs to crash or, possibly, execute arbitrary code when parsed. A malicious or compromised Active Directory Domain Controller could use this flaw to compromise the winbindd daemon running with root privileges.

tags | advisory, overflow, arbitrary, root, protocol
systems | linux, redhat
advisories | CVE-2013-4408
SHA-256 | 7a95ea07e79777b06a6fa8a5c54f5c65a0354ca7595170be622db4ed1496de04
Debian Security Advisory 2812-1
Posted Dec 10, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2812-1 - Two security issues were found in Samba, a SMB/CIFS file, print, and login server.

tags | advisory
systems | linux, debian
advisories | CVE-2013-4408, CVE-2013-4475
SHA-256 | f999b212f4fc13361aae0ea94817b1f46dc2584eaa0f151337c38c12cae08445
Page 1 of 1
Back1Next

File Archive:

June 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    19 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    28 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    19 Files
  • 7
    Jun 7th
    23 Files
  • 8
    Jun 8th
    11 Files
  • 9
    Jun 9th
    10 Files
  • 10
    Jun 10th
    4 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    27 Files
  • 20
    Jun 20th
    65 Files
  • 21
    Jun 21st
    10 Files
  • 22
    Jun 22nd
    8 Files
  • 23
    Jun 23rd
    6 Files
  • 24
    Jun 24th
    6 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close