2 matches found
samba: crash in dcesrv_auth_bind_ack due to missing error check
Multiple flaws were found in Samba's DCE/RPC protocol implementation. A remote, authenticated attacker could use these flaws to cause a denial of service against the Samba server high CPU load or a crash or, possibly, execute arbitrary code with the permissions of the user running Samba root. Thi...
PT-2014-1864 · Red Hat +1 · 389-Ds-Base +2
Name of the Vulnerable Software and Affected Versions: 389-ds-base versions 1.2.11.15 through 1.2.11.25 Description: The issue allows remote authenticated users to connect as an arbitrary user and gain privileges via the authzid parameter in a SASL/GSSAPI bind. This can lead to a violation of...