Debian Security Bug TrackerDEBIANCVE:CVE-2012-1182

HistoryApr 10, 2012 - 9:55 p.m.

CVE-2012-1182

2012-04-1021:55:00

Debian Security Bug Tracker

security-tracker.debian.org

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.494 Medium

EPSS

Percentile

97.5%

JSON

The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to execute arbitrary code via a crafted RPC call.

OSVersionArchitecturePackageVersionFilename
Debian12allsamba< 2:3.6.4-1samba_2:3.6.4-1_all.deb
Debian11allsamba< 2:3.6.4-1samba_2:3.6.4-1_all.deb
Debian10allsamba< 2:3.6.4-1samba_2:3.6.4-1_all.deb
Debian999allsamba< 2:3.6.4-1samba_2:3.6.4-1_all.deb
Debian13allsamba< 2:3.6.4-1samba_2:3.6.4-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	samba	< 2:3.6.4-1	samba_2:3.6.4-1_all.deb
Debian	11	all	samba	< 2:3.6.4-1	samba_2:3.6.4-1_all.deb
Debian	10	all	samba	< 2:3.6.4-1	samba_2:3.6.4-1_all.deb
Debian	999	all	samba	< 2:3.6.4-1	samba_2:3.6.4-1_all.deb
Debian	13	all	samba	< 2:3.6.4-1	samba_2:3.6.4-1_all.deb

nessus 29

openvas 41

securityvulns 3

seebug 1

oraclelinux 5

packetstorm 2

f5 2

thn 1

suse 5

cve 1

zdi 9

centos 4

freebsd 1

checkpoint_advisories 2

veracode 1

ubuntucve 1

canvas 2

debian 2

redhat 5

cisa 1

ibm 1

altlinux 2

fedora 2

prion 1

ubuntu 1

samba 1

nmap 73

nessus

Scientific Linux Security Update : samba4 on SL6.x i386/x86_64 (20130221)

2013-03-05 00:00:00

openSUSE Security Update : samba (openSUSE-SU-2012:0508-1)

2014-06-13 00:00:00

Fedora 16 : samba4-4.0.0-38.alpha16.fc16 (2012-6382)

2012-05-16 00:00:00

openvas

Fedora Update for samba4 FEDORA-2012-6349

2012-05-04 00:00:00

CentOS Update for openchange CESA-2013:0515 centos6

2013-03-12 00:00:00

CentOS Update for samba4 CESA-2013:0506 centos6

2013-03-12 00:00:00

securityvulns

HP Server Automation code execution

2012-06-17 00:00:00

Samba array index overflow

2012-04-19 00:00:00

[security bulletin] HPSBMU02790 SSRT100872 rev.1 - HP Server Automation, Remote Execution of Arbitrary Code

2012-06-17 00:00:00

seebug

Samba < 3.6.3 版本ndr_pull_lsa_SidArray堆溢出漏洞(CVE-2012-1182)

2012-04-12 00:00:00

oraclelinux

samba security update

2012-04-10 00:00:00

samba security update

2012-04-16 00:00:00

openchange security, bug fix and enhancement update

2013-02-27 00:00:00

packetstorm

Samba SetInformationPolicy AuditEventsInfo Heap Overflow

2012-09-28 00:00:00

Samba 3.x Remote Root

2012-09-25 00:00:00

SOL13719 - Samba vulnerability CVE-2012-1182

2012-07-10 00:00:00

K13719 : Samba vulnerability CVE-2012-1182

2013-08-29 00:00:00

thn

Samba remote code execution vulnerability, Patch Released !

2012-04-12 12:10:00

suse

Security update for Samba (critical)

2012-04-14 10:08:19

Security update for Samba (critical)

2012-04-14 10:08:18

update for samba (critical)

2012-04-16 16:08:12

cve

CVE-2012-1182

2012-04-10 21:55:00

zdi

Samba SetInfoPolicy AuditEventsInfo Remote Code Execution Vulnerability

2012-04-18 00:00:00

Samba ndr_pull_dfs_Info3 Heap Overflow Remote Code Execution Vulnerability

2012-04-18 00:00:00

Samba ndr_ValidatePassword heap overflow Remote Code Execution Vulnerability

2012-04-18 00:00:00

centos

libsmbclient, samba security update

2012-04-10 21:30:27

samba4 security update

2013-02-27 19:38:13

evolution, openchange security update

2013-02-27 19:34:43

freebsd

samba -- "root" credential remote code execution

2012-04-10 00:00:00

checkpoint_advisories

Samba SetInformationPolicy AuditEventsInfo Heap Overflow (CVE-2012-1182)

2013-07-28 00:00:00

Samba DCE RPC IDL Parser Out-of-bounds Array Access (CVE-2012-1182)

2012-10-14 00:00:00

veracode

Remote Code Execution (RCE)

2019-01-15 08:57:16

ubuntucve

CVE-2012-1182

2012-04-10 00:00:00

canvas

Immunity Canvas: CVE_2012_1182_NONX

2012-04-10 17:55:02

Immunity Canvas: CVE_2012_1182

2012-04-10 21:55:00

debian

[BSA-070] Security Update for samba

2012-04-14 08:51:02

[SECURITY] [DSA 2450-1] samba security update

2012-04-12 20:29:01

redhat

(RHSA-2012:0478) Critical: samba security update

2012-04-13 00:00:00

(RHSA-2013:0506) Moderate: samba4 security, bug fix and enhancement update

2013-02-21 00:00:00

(RHSA-2013:0515) Moderate: openchange security, bug fix and enhancement update

2013-02-21 00:00:00

cisa

Samba Releases Updates for 3.0.x - 3.6.3

2012-04-11 00:00:00

ibm

Security Bulletin: SONAS Fix Available for Samba Remote Code Execution Vulnerability (CVE-2012-1182)

2022-09-26 04:23:14

altlinux

Security fix for the ALT Linux 5 package samba version 3.0.37-alt5.M50P.1

2012-04-11 00:00:00

Security fix for the ALT Linux 6 package samba version 3.5.14-alt1.M60P.1

2012-04-11 00:00:00

fedora

[SECURITY] Fedora 16 Update: samba4-4.0.0-38.alpha16.fc16

2012-05-15 23:28:34

[SECURITY] Fedora 15 Update: samba4-4.0.0-26.alpha11.fc15.6

2012-05-03 07:32:37

prion

Input validation

2012-04-10 21:55:00

ubuntu

Samba vulnerability

2012-04-13 00:00:00

samba

"root" credential remote code execution.

2012-04-10 00:00:00

nmap

ajp-request NSE Script

2012-05-14 21:30:24

http-sitemap-generator NSE Script

2012-07-01 09:55:47

hadoop-secondary-namenode-info NSE Script

2011-11-08 16:00:16

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.494 Medium

EPSS

Percentile

97.5%

JSON

Related for DEBIANCVE:CVE-2012-1182