F5F5:K13719

HistoryAug 29, 2013 - 12:00 a.m.

K13719 : Samba vulnerability CVE-2012-1182

2013-08-2900:00:00

my.f5.com

10 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.53 Medium

EPSS

Percentile

97.3%

JSON

Security Advisory Description

The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to execute arbitrary code by way of a crafted RPC call. (CVE-2012-1182)
Impact
None

CPENameOperatorVersion
big-ip afmeq11.3.0
big-ip afmeq11.4.0
big-ip analyticseq11.0.0
big-ip analyticseq11.1.0
big-ip analyticseq11.2.0
big-ip analyticseq11.2.1
big-ip analyticseq11.3.0
big-ip analyticseq11.4.0
big-ip aameq11.4.0
big-ip apmeq10.1.0

Name	Operator	Version
big-ip afm	eq	11.3.0
big-ip afm	eq	11.4.0
big-ip analytics	eq	11.0.0
big-ip analytics	eq	11.1.0
big-ip analytics	eq	11.2.0
big-ip analytics	eq	11.2.1
big-ip analytics	eq	11.3.0
big-ip analytics	eq	11.4.0
big-ip aam	eq	11.4.0
big-ip apm	eq	10.1.0

Rows per page:

1-10 of 2491

oraclelinux 5

canvas 2

openvas 43

redhat 5

debian 2

cisa 1

packetstorm 2

ibm 1

nessus 30

centos 4

zdi 9

fedora 3

prion 1

altlinux 2

ubuntu 1

debiancve 1

samba 1

checkpoint_advisories 2

suse 5

veracode 1

securityvulns 3

ubuntucve 1

seebug 1

f5 1

thn 1

freebsd 1

cve 1

nmap 69

oraclelinux

openchange security, bug fix and enhancement update

2013-02-27 00:00:00

samba3x security update

2012-04-10 00:00:00

samba4 security, bug fix and enhancement update

2013-02-27 00:00:00

canvas

Immunity Canvas: CVE_2012_1182_NONX

2012-04-10 17:55:02

Immunity Canvas: CVE_2012_1182

2012-04-10 21:55:00

openvas

FreeBSD Ports: samba34

2012-04-30 00:00:00

CentOS Update for openchange CESA-2013:0515 centos6

2013-03-12 00:00:00

CentOS Update for libsmbclient CESA-2012:0465 centos5

2012-07-30 00:00:00

redhat

(RHSA-2012:0478) Critical: samba security update

2012-04-13 00:00:00

(RHSA-2012:0466) Critical: samba3x security update

2012-04-10 00:00:00

(RHSA-2013:0506) Moderate: samba4 security, bug fix and enhancement update

2013-02-21 00:00:00

debian

[BSA-070] Security Update for samba

2012-04-14 08:51:02

[SECURITY] [DSA 2450-1] samba security update

2012-04-12 20:29:01

cisa

Samba Releases Updates for 3.0.x - 3.6.3

2012-04-11 00:00:00

packetstorm

Samba 3.x Remote Root

2012-09-25 00:00:00

Samba SetInformationPolicy AuditEventsInfo Heap Overflow

2012-09-28 00:00:00

ibm

Security Bulletin: SONAS Fix Available for Samba Remote Code Execution Vulnerability (CVE-2012-1182)

2022-09-26 04:23:14

nessus

Oracle Solaris Third-Party Patch Update : samba (cve_2012_1182_arbitrary_code)

2015-01-19 00:00:00

Ubuntu 8.04 LTS / 10.04 LTS / 11.04 / 11.10 : samba vulnerability (USN-1423-1)

2012-04-13 00:00:00

Oracle Linux 4 : samba (ELSA-2012-0478)

2013-07-12 00:00:00

centos

samba4 security update

2013-02-27 19:38:13

evolution, openchange security update

2013-02-27 19:34:43

samba3x security update

2012-04-10 21:13:02

zdi

Samba NDR PULL LSA TrustDomainInfoControllers Heap Overflow Remote Code Execution Vulnerability

2012-04-18 00:00:00

Samba NDR PULL DFS EnumArray1 Heap Overflow Remote Code Execution Vulnerability

2012-04-18 00:00:00

Samba NDR PULL SVCCTL StartServiceW Heap Overflow Remote Code Execution Vulnerability

2012-04-18 00:00:00

fedora

[SECURITY] Fedora 16 Update: samba4-4.0.0-38.alpha16.fc16

2012-05-15 23:28:34

[SECURITY] Fedora 15 Update: samba4-4.0.0-26.alpha11.fc15.6

2012-05-03 07:32:37

[SECURITY] Fedora 17 Update: samba-3.6.4-82.fc17.1

2012-04-18 23:09:23

prion

Input validation

2012-04-10 21:55:00

altlinux

Security fix for the ALT Linux 6 package samba version 3.5.14-alt1.M60P.1

2012-04-11 00:00:00

Security fix for the ALT Linux 5 package samba version 3.0.37-alt5.M50P.1

2012-04-11 00:00:00

ubuntu

Samba vulnerability

2012-04-13 00:00:00

debiancve

CVE-2012-1182

2012-04-10 21:55:00

samba

"root" credential remote code execution.

2012-04-10 00:00:00

checkpoint_advisories

Samba SetInformationPolicy AuditEventsInfo Heap Overflow (CVE-2012-1182)

2013-07-28 00:00:00

Samba DCE RPC IDL Parser Out-of-bounds Array Access (CVE-2012-1182)

2012-10-14 00:00:00

suse

Security update for Samba (critical)

2012-04-14 10:08:18

update for samba (critical)

2012-04-16 16:08:12

Security update for Samba (critical)

2012-04-14 10:08:19

veracode

Remote Code Execution (RCE)

2019-01-15 08:57:16

securityvulns

[security bulletin] HPSBMU02790 SSRT100872 rev.1 - HP Server Automation, Remote Execution of Arbitrary Code

2012-06-17 00:00:00

HP Server Automation code execution

2012-06-17 00:00:00

Samba array index overflow

2012-04-19 00:00:00

ubuntucve

CVE-2012-1182

2012-04-10 00:00:00

seebug

Samba < 3.6.3 版本ndr_pull_lsa_SidArray堆溢出漏洞(CVE-2012-1182)

2012-04-12 00:00:00

SOL13719 - Samba vulnerability CVE-2012-1182

2012-07-10 00:00:00

thn

Samba remote code execution vulnerability, Patch Released !

2012-04-12 12:10:00

freebsd

samba -- "root" credential remote code execution

2012-04-10 00:00:00

cve

CVE-2012-1182

2012-04-10 21:55:00

nmap

smb-mbenum NSE Script

2011-06-19 18:47:19

openvas-otp-brute NSE Script

2011-11-10 20:50:04

modbus-discover NSE Script

2010-12-16 08:59:16

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

10 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.53 Medium

EPSS

Percentile

97.3%

JSON

Related for F5:K13719