Lucene search

K
cveRedhatCVE-2012-1182
HistoryApr 10, 2012 - 9:55 p.m.

CVE-2012-1182

2012-04-1021:55:02
CWE-189
redhat
web.nvd.nist.gov
320
In Wild
2
24
cve-2012-1182
samba
code generator
remote execution
rpc
nvd

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

9.7

Confidence

High

EPSS

0.757

Percentile

98.2%

The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to execute arbitrary code via a crafted RPC call.

Affected configurations

Nvd
Node
sambasambaRange3.4.15
OR
sambasambaMatch3.0.0
OR
sambasambaMatch3.0.1
OR
sambasambaMatch3.0.2
OR
sambasambaMatch3.0.2a
OR
sambasambaMatch3.0.2a
OR
sambasambaMatch3.0.3
OR
sambasambaMatch3.0.4
OR
sambasambaMatch3.0.4rc1
OR
sambasambaMatch3.0.5
OR
sambasambaMatch3.0.6
OR
sambasambaMatch3.0.7
OR
sambasambaMatch3.0.8
OR
sambasambaMatch3.0.9
OR
sambasambaMatch3.0.10
OR
sambasambaMatch3.0.11
OR
sambasambaMatch3.0.12
OR
sambasambaMatch3.0.13
OR
sambasambaMatch3.0.14
OR
sambasambaMatch3.0.14a
OR
sambasambaMatch3.0.14a
OR
sambasambaMatch3.0.15
OR
sambasambaMatch3.0.16
OR
sambasambaMatch3.0.17
OR
sambasambaMatch3.0.18
OR
sambasambaMatch3.0.19
OR
sambasambaMatch3.0.20
OR
sambasambaMatch3.0.20a
OR
sambasambaMatch3.0.20b
OR
sambasambaMatch3.0.20a
OR
sambasambaMatch3.0.20b
OR
sambasambaMatch3.0.21
OR
sambasambaMatch3.0.21a
OR
sambasambaMatch3.0.21b
OR
sambasambaMatch3.0.21c
OR
sambasambaMatch3.0.21a
OR
sambasambaMatch3.0.21b
OR
sambasambaMatch3.0.21c
OR
sambasambaMatch3.0.22
OR
sambasambaMatch3.0.23
OR
sambasambaMatch3.0.23a
OR
sambasambaMatch3.0.23b
OR
sambasambaMatch3.0.23c
OR
sambasambaMatch3.0.23d
OR
sambasambaMatch3.0.23a
OR
sambasambaMatch3.0.23b
OR
sambasambaMatch3.0.23c
OR
sambasambaMatch3.0.23d
OR
sambasambaMatch3.0.24
OR
sambasambaMatch3.0.25
OR
sambasambaMatch3.0.25a
OR
sambasambaMatch3.0.25b
OR
sambasambaMatch3.0.25c
OR
sambasambaMatch3.0.25pre1
OR
sambasambaMatch3.0.25pre2
OR
sambasambaMatch3.0.25rc1
OR
sambasambaMatch3.0.25rc2
OR
sambasambaMatch3.0.25rc3
OR
sambasambaMatch3.0.25a
OR
sambasambaMatch3.0.25b
OR
sambasambaMatch3.0.25c
OR
sambasambaMatch3.0.26
OR
sambasambaMatch3.0.26a
OR
sambasambaMatch3.0.26a
OR
sambasambaMatch3.0.27
OR
sambasambaMatch3.0.27a
OR
sambasambaMatch3.0.28
OR
sambasambaMatch3.0.28a
OR
sambasambaMatch3.0.29
OR
sambasambaMatch3.0.30
OR
sambasambaMatch3.0.31
OR
sambasambaMatch3.0.32
OR
sambasambaMatch3.0.33
OR
sambasambaMatch3.0.34
OR
sambasambaMatch3.0.35
OR
sambasambaMatch3.0.36
OR
sambasambaMatch3.0.37
OR
sambasambaMatch3.1.0
OR
sambasambaMatch3.2.0
OR
sambasambaMatch3.2.1
OR
sambasambaMatch3.2.2
OR
sambasambaMatch3.2.3
OR
sambasambaMatch3.2.4
OR
sambasambaMatch3.2.5
OR
sambasambaMatch3.2.6
OR
sambasambaMatch3.2.7
OR
sambasambaMatch3.2.8
OR
sambasambaMatch3.2.9
OR
sambasambaMatch3.2.10
OR
sambasambaMatch3.2.11
OR
sambasambaMatch3.2.12
OR
sambasambaMatch3.2.13
OR
sambasambaMatch3.2.14
OR
sambasambaMatch3.2.15
OR
sambasambaMatch3.3.0
OR
sambasambaMatch3.3.1
OR
sambasambaMatch3.3.2
OR
sambasambaMatch3.3.3
OR
sambasambaMatch3.3.4
OR
sambasambaMatch3.3.5
OR
sambasambaMatch3.3.6
OR
sambasambaMatch3.3.7
OR
sambasambaMatch3.3.8
OR
sambasambaMatch3.3.9
OR
sambasambaMatch3.3.10
OR
sambasambaMatch3.3.11
OR
sambasambaMatch3.3.12
OR
sambasambaMatch3.3.13
OR
sambasambaMatch3.3.14
OR
sambasambaMatch3.3.15
OR
sambasambaMatch3.3.16
OR
sambasambaMatch3.4.0
OR
sambasambaMatch3.4.1
OR
sambasambaMatch3.4.2
OR
sambasambaMatch3.4.3
OR
sambasambaMatch3.4.4
OR
sambasambaMatch3.4.5
OR
sambasambaMatch3.4.6
OR
sambasambaMatch3.4.7
OR
sambasambaMatch3.4.8
OR
sambasambaMatch3.4.9
OR
sambasambaMatch3.4.10
OR
sambasambaMatch3.4.11
OR
sambasambaMatch3.4.12
OR
sambasambaMatch3.4.13
OR
sambasambaMatch3.4.14
Node
sambasambaMatch3.5.0
OR
sambasambaMatch3.5.1
OR
sambasambaMatch3.5.2
OR
sambasambaMatch3.5.3
OR
sambasambaMatch3.5.4
OR
sambasambaMatch3.5.5
OR
sambasambaMatch3.5.6
OR
sambasambaMatch3.5.7
OR
sambasambaMatch3.5.8
OR
sambasambaMatch3.5.9
OR
sambasambaMatch3.5.10
OR
sambasambaMatch3.5.11
OR
sambasambaMatch3.5.12
OR
sambasambaMatch3.5.13
Node
sambasambaMatch3.6.0
OR
sambasambaMatch3.6.1
OR
sambasambaMatch3.6.2
OR
sambasambaMatch3.6.3
VendorProductVersionCPE
sambasamba*cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
sambasamba3.0.0cpe:2.3:a:samba:samba:3.0.0:*:*:*:*:*:*:*
sambasamba3.0.1cpe:2.3:a:samba:samba:3.0.1:*:*:*:*:*:*:*
sambasamba3.0.2cpe:2.3:a:samba:samba:3.0.2:*:*:*:*:*:*:*
sambasamba3.0.2cpe:2.3:a:samba:samba:3.0.2:a:*:*:*:*:*:*
sambasamba3.0.2acpe:2.3:a:samba:samba:3.0.2a:*:*:*:*:*:*:*
sambasamba3.0.3cpe:2.3:a:samba:samba:3.0.3:*:*:*:*:*:*:*
sambasamba3.0.4cpe:2.3:a:samba:samba:3.0.4:*:*:*:*:*:*:*
sambasamba3.0.4cpe:2.3:a:samba:samba:3.0.4:rc1:*:*:*:*:*:*
sambasamba3.0.5cpe:2.3:a:samba:samba:3.0.5:*:*:*:*:*:*:*
Rows per page:
1-10 of 1441

References

Social References

More

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

9.7

Confidence

High

EPSS

0.757

Percentile

98.2%