Integer overflow in the read_nttrans_ea_list function in nttrans.c in smbd in Samba 3.x before 3.5.22, 3.6.x before 3.6.17, and 4.x before 4.0.8 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet (CVE-2013-4124).

OSVersionArchitecturePackageVersionFilename
Mageia2noarchsamba< 3.6.5-2.3samba-3.6.5-2.3.mga2
Mageia3noarchsamba< 3.6.15-1.1samba-3.6.15-1.1.mga3

OS	Version	Architecture	Package	Version	Filename
Mageia	2	noarch	samba	< 3.6.5-2.3	samba-3.6.5-2.3.mga2
Mageia	3	noarch	samba	< 3.6.15-1.1	samba-3.6.15-1.1.mga3

References

www.samba.org/samba/security/CVE-2013-4124

bugs.mageia.org/show_bug.cgi?id=10926

nessus 31

securityvulns 3

zdt 1

openvas 42

veracode 2

samba 1

slackware 1

seebug 2

ubuntucve 1

freebsd 1

oraclelinux 4

centos 4

ubuntu 1

debiancve 1

cve 1

checkpoint_advisories 1

prion 1

altlinux 3

fedora 8

redhat 4

suse 2

exploitpack 1

exploitdb 1

gentoo 1

nessus

FreeBSD : samba -- denial of service vulnerability (e21c7c7a-0116-11e3-9e83-3c970e169bc2)

2013-08-10 00:00:00

SuSE 11.2 Security Update : Samba (SAT Patch Number 8170)

2013-09-20 00:00:00

Mandriva Linux Security Advisory : samba (MDVSA-2013:207)

2013-08-07 00:00:00

securityvulns

Samba DoS

2013-08-28 00:00:00

[ MDVSA-2013:207 ] samba

2013-08-12 00:00:00

CVE-2013-4124 samba nttrans dos private exploit

2013-08-28 00:00:00

zdt

Samba nttrans Reply - Integer Overflow Vulnerability

2013-08-22 00:00:00

openvas

Ubuntu Update for samba USN-1966-1

2013-10-03 00:00:00

Samba 3.0.0 <= 4.0.7 DoS Vulnerability (CVE-2013-4124)

2021-09-24 00:00:00

Fedora Update for samba FEDORA-2013-14312

2013-08-20 00:00:00

veracode

Denial Of Service (DoS)

2019-01-15 08:51:27

Cross-site Request Forgery (CSRF)

2019-05-02 04:58:49

samba

Denial of service - CPU loop and memory allocation.

2013-08-05 00:00:00

slackware

[slackware-security] samba

2013-08-06 07:20:57

seebug

Samba nttrans Reply - Integer Overflow Vulnerability

2014-07-01 00:00:00

Samba 本地拒绝服务漏洞(CVE-2013-4124)

2013-08-11 00:00:00

ubuntucve

CVE-2013-4124

2013-08-05 00:00:00

freebsd

samba -- denial of service vulnerability

2013-08-05 00:00:00

oraclelinux

samba4 security and bug fix update

2013-11-25 00:00:00

samba security update

2014-03-17 00:00:00

samba security, bug fix, and enhancement update

2013-11-25 00:00:00

centos

samba4 security update

2013-11-26 13:32:52

samba3x security update

2013-10-07 12:45:09

libsmbclient, samba security update

2013-11-26 13:32:51

ubuntu

Samba vulnerability

2013-09-24 00:00:00

debiancve

CVE-2013-4124

2013-08-06 02:56:00

cve

CVE-2013-4124

2013-08-06 02:56:00

checkpoint_advisories

Samba smbd read_nttrans_ea_list Infinite Allocation Loop Denial of Service (CVE-2013-4124)

2013-10-27 00:00:00

prion

Integer overflow

2013-08-06 02:56:00

altlinux

Security fix for the ALT Linux 10 package samba version 4.0.8-alt1

2013-08-07 00:00:00

Security fix for the ALT Linux 8 package samba version 4.0.8-alt1

2013-08-07 00:00:00

Security fix for the ALT Linux 8 package samba-DC version 4.0.8-alt1

2013-08-07 00:00:00

fedora

[SECURITY] Fedora 19 Update: samba-4.0.8-1.fc19

2013-08-09 17:09:31

[SECURITY] Fedora 19 Update: samba-4.0.11-1.fc19

2013-11-21 04:37:11

[SECURITY] Fedora 18 Update: samba-4.0.8-1.fc18

2013-08-15 02:50:09

redhat

(RHSA-2013:1543) Moderate: samba4 security and bug fix update

2013-11-21 00:00:00

(RHSA-2014:0305) Moderate: samba security update

2014-03-17 00:00:00

(RHSA-2013:1310) Moderate: samba3x security and bug fix update

2013-09-30 16:52:28

suse

update for samba (important)

2013-08-16 15:04:40

update for samba (important)

2013-08-14 03:08:23

exploitpack

Samba 3.5.223.6.174.0.8 - nttrans Reply Integer Overflow

2013-08-22 00:00:00

exploitdb

Samba 3.5.22/3.6.17/4.0.8 - nttrans Reply Integer Overflow

2013-08-22 00:00:00

gentoo

Samba: Multiple vulnerabilities

2015-02-25 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.969 High

EPSS

Percentile

99.7%

JSON

Related for MGASA-2013-0246