18 matches found
Samba NDR Parsing ndr_pull_dnsp_name Integer Overflow (CVE-2016-2123)
An integer overflow vulnerability exists in Samba. The vulnerability is due to incorrectly parsing crafted NDR data that results in an integer overflow. A remote, authenticated attacker could exploit this vulnerability by sending malicious packets to a vulnerable Samba service and could result in...
Samba NDR Parsing ndr_pull_dnsp_name Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samba. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NDR data. The issue results from the lack of proper validation of the length of...
Samba NDR Parsing ndr_pull_dnsp_name Heap-based Buffer
Description The Samba routine ndrpulldnspname contains an integer wrap problem, leading to an attacker-controlled memory overwrite. ndrpulldnspname parses data from the Samba Active Directory ldb database. Any user who can write to the dnsRecord attribute over LDAP can trigger this memory...
Scientific Linux Security Update : samba on SL5.x, SL4.x, SL3.x i386/x86_64
Various bugs were found in NDR parsing, used to decode MS-RPC requests in Samba. A remote attacker could have sent carefully crafted requests causing a heap overflow, which may have led to the ability to execute arbitrary code on the server. CVE-2007-2446 Unescaped user input parameters were bein...
Ubuntu Update for samba vulnerabilities USN-460-1
Ubuntu Update for Linux kernel vulnerabilities USN-460-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN4601.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for samba vulnerabilities USN-460-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...
Mandrake Linux Security Advisory : samba (MDKSA-2007:104-1)
A number of bugs were discovered in the NDR parsing support in Samba that is used to decode MS-RPC requests. A remote attacker could send a carefully crafted request that would cause a heap overflow, possibly leading to the ability to execute arbitrary code on the server CVE-2007-2446. A remote...
Debian DSA-1291-1 : samba - several vulnerabilities
Several issues have been identified in Samba, the SMB/CIFS file- and print-server implementation for GNU/Linux. - CVE-2007-2444 When translating SIDs to/from names using Samba local list of user and group accounts, a logic error in the smbd daemon's internal security stack may result in a...
CentOS 3 / 4 / 5 : samba (CESA-2007:0354)
Updated samba packages that fix several security flaws are now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. Samba provides file and printer sharing services to SMB/CIFS clients. Various bugs were found in NDR parsing, used to deco...
[SAMBA-SECURITY] CVE-2007-2446: Multiple Heap Overflows Allow Remote Code Execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == == Subject: Multiple Heap Overflows Allow Remote == Code Execution == CVE ID: CVE-2007-2446 == == Versions: Samba 3.0.0 - 3.0.25rc3 inclusive == == Summary: Various bugs in Samba's NDR...
samba security update
CentOS Errata and Security Advisory CESA-2007:0354-01 Updated samba packages that fix several security flaws are now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. Samba provides file and printer sharing services to SMB/CIFS clients...
Heap overflow
Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 through 3.0.25rc3 allow remote attackers to execute arbitrary code via crafted MS-RPC requests involving 1 DFSEnum netdfsiodfsEnumInfod, 2 RFNPCNEX smbionotifyoptiontypedata, 3 LsarAddPrivilegesToAccount...
CVE-2007-2446
Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 through 3.0.25rc3 allow remote attackers to execute arbitrary code via crafted MS-RPC requests involving 1 DFSEnum netdfsiodfsEnumInfod, 2 RFNPCNEX smbionotifyoptiontypedata, 3 LsarAddPrivilegesToAccount...
DEBIAN-CVE-2007-2446
Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 through 3.0.25rc3 allow remote attackers to execute arbitrary code via crafted MS-RPC requests involving 1 DFSEnum netdfsiodfsEnumInfod, 2 RFNPCNEX smbionotifyoptiontypedata, 3 LsarAddPrivilegesToAccount...
CVE-2007-2446
Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 through 3.0.25rc3 allow remote attackers to execute arbitrary code via crafted MS-RPC requests involving 1 DFSEnum netdfsiodfsEnumInfod, 2 RFNPCNEX smbionotifyoptiontypedata, 3 LsarAddPrivilegesToAccount...
CVE-2007-2446
Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 through 3.0.25rc3 allow remote attackers to execute arbitrary code via crafted MS-RPC requests involving 1 DFSEnum netdfsiodfsEnumInfod, 2 RFNPCNEX smbionotifyoptiontypedata, 3 LsarAddPrivilegesToAccount...
CVE-2007-2446
CVE-2007-2446 is a remote code execution vulnerability in Samba, caused by heap-based buffer overflows in the NDR parsing of the SMB/CIFS NetDFS/LSA RPC interfaces. Affected are Samba 3.0.0 through 3.0.25rc3. The flaw is triggered by crafted MS-RPC requests and affects multiple RPC operations, in...
Multiple Heap Overflows Allow Remote
Description Various bugs in Samba's NDR parsing can allow a user to send specially crafted MS-RPC requests that will overwrite the heap space with user defined data. Patch Availability A patch against Samba 3.0.24 has been posted at http://www.samba.org/samba/security/ Workaround There is no...
samba -- multiple vulnerabilities
The Samba Team reports: A bug in the local SID/Name translation routines may potentially result in a user being able to issue SMB/CIFS protocol operations as root. When translating SIDs to/from names using Samba local list of user and group accounts, a logic error in the smbd daemon's internal...