CVE-2012-1182

The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to execute arbitrary code via a crafted RPC call.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 99%
Affected Products (NVD)
VendorProductVersion
sambasamba
𝑥
≤ 3.4.15
sambasamba
3.0.0
sambasamba
3.0.1
sambasamba
3.0.2
sambasamba
3.0.2:a
sambasamba
3.0.2a:a
sambasamba
3.0.3
sambasamba
3.0.4
sambasamba
3.0.4:rc1
sambasamba
3.0.5
sambasamba
3.0.6
sambasamba
3.0.7
sambasamba
3.0.8
sambasamba
3.0.9
sambasamba
3.0.10
sambasamba
3.0.11
sambasamba
3.0.12
sambasamba
3.0.13
sambasamba
3.0.14
sambasamba
3.0.14:a
sambasamba
3.0.14a:a
sambasamba
3.0.15
sambasamba
3.0.16
sambasamba
3.0.17
sambasamba
3.0.18
sambasamba
3.0.19
sambasamba
3.0.20
sambasamba
3.0.20:a
sambasamba
3.0.20:b
sambasamba
3.0.20a:a
sambasamba
3.0.20b:b
sambasamba
3.0.21
sambasamba
3.0.21:a
sambasamba
3.0.21:b
sambasamba
3.0.21:c
sambasamba
3.0.21a:a
sambasamba
3.0.21b:b
sambasamba
3.0.21c:c
sambasamba
3.0.22
sambasamba
3.0.23
sambasamba
3.0.23:a
sambasamba
3.0.23:b
sambasamba
3.0.23:c
sambasamba
3.0.23:d
sambasamba
3.0.23a:a
sambasamba
3.0.23b:b
sambasamba
3.0.23c:c
sambasamba
3.0.23d:d
sambasamba
3.0.24
sambasamba
3.0.25
sambasamba
3.0.25:a
sambasamba
3.0.25:b
sambasamba
3.0.25:c
sambasamba
3.0.25:pre1
sambasamba
3.0.25:pre2
sambasamba
3.0.25:rc1
sambasamba
3.0.25:rc2
sambasamba
3.0.25:rc3
sambasamba
3.0.25a:a
sambasamba
3.0.25b:b
sambasamba
3.0.25c:c
sambasamba
3.0.26
sambasamba
3.0.26:a
sambasamba
3.0.26a:a
sambasamba
3.0.27
sambasamba
3.0.27:a
sambasamba
3.0.28
sambasamba
3.0.28:a
sambasamba
3.0.29
sambasamba
3.0.30
sambasamba
3.0.31
sambasamba
3.0.32
sambasamba
3.0.33
sambasamba
3.0.34
sambasamba
3.0.35
sambasamba
3.0.36
sambasamba
3.0.37
sambasamba
3.1.0
sambasamba
3.2.0
sambasamba
3.2.1
sambasamba
3.2.2
sambasamba
3.2.3
sambasamba
3.2.4
sambasamba
3.2.5
sambasamba
3.2.6
sambasamba
3.2.7
sambasamba
3.2.8
sambasamba
3.2.9
sambasamba
3.2.10
sambasamba
3.2.11
sambasamba
3.2.12
sambasamba
3.2.13
sambasamba
3.2.14
sambasamba
3.2.15
sambasamba
3.3.0
sambasamba
3.3.1
sambasamba
3.3.2
sambasamba
3.3.3
sambasamba
3.3.4
sambasamba
3.3.5
sambasamba
3.3.6
sambasamba
3.3.7
sambasamba
3.3.8
sambasamba
3.3.9
sambasamba
3.3.10
sambasamba
3.3.11
sambasamba
3.3.12
sambasamba
3.3.13
sambasamba
3.3.14
sambasamba
3.3.15
sambasamba
3.3.16
sambasamba
3.4.0
sambasamba
3.4.1
sambasamba
3.4.2
sambasamba
3.4.3
sambasamba
3.4.4
sambasamba
3.4.5
sambasamba
3.4.6
sambasamba
3.4.7
sambasamba
3.4.8
sambasamba
3.4.9
sambasamba
3.4.10
sambasamba
3.4.11
sambasamba
3.4.12
sambasamba
3.4.13
sambasamba
3.4.14
sambasamba
3.5.0
sambasamba
3.5.1
sambasamba
3.5.2
sambasamba
3.5.3
sambasamba
3.5.4
sambasamba
3.5.5
sambasamba
3.5.6
sambasamba
3.5.7
sambasamba
3.5.8
sambasamba
3.5.9
sambasamba
3.5.10
sambasamba
3.5.11
sambasamba
3.5.12
sambasamba
3.5.13
sambasamba
3.6.0
sambasamba
3.6.1
sambasamba
3.6.2
sambasamba
3.6.3
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
samba
bookworm
2:4.17.12+dfsg-0+deb12u1
fixed
bookworm (security)
2:4.17.12+dfsg-0+deb12u1
fixed
bullseye
2:4.13.13+dfsg-1~deb11u6
fixed
bullseye (security)
2:4.13.13+dfsg-1~deb11u6
fixed
sid
2:4.21.1+dfsg-2
fixed
trixie
2:4.21.1+dfsg-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
samba
hardy
Fixed 3.0.28a-1ubuntu4.18
released
lucid
Fixed 2:3.4.7~dfsg-1ubuntu3.9
released
maverick
ignored
natty
Fixed 2:3.5.8~dfsg-1ubuntu2.4
released
oneiric
Fixed 2:3.5.11~dfsg-1ubuntu2.2
released
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
evolution-mapi
RHEL 6
0:0.28.3-12.el6
fixed
evolution-mapi-devel
RHEL 6
0:0.28.3-12.el6
fixed
libsmbclient
RHEL 6
0:3.5.10-115.el6_2
fixed
libsmbclient-devel
RHEL 6
0:3.5.10-115.el6_2
fixed
openchange
RHEL 6
0:1.0-4.el6
fixed
openchange-client
RHEL 6
0:1.0-4.el6
fixed
openchange-devel
RHEL 6
0:1.0-4.el6
fixed
openchange-devel-docs
RHEL 6
0:1.0-4.el6
fixed
samba
RHEL 6
0:3.5.10-115.el6_2
fixed
samba-client
RHEL 6
0:3.5.10-115.el6_2
fixed
samba-common
RHEL 6
0:3.5.10-115.el6_2
fixed
samba-doc
RHEL 6
0:3.5.10-115.el6_2
fixed
samba-domainjoin-gui
RHEL 6
0:3.5.10-115.el6_2
fixed
samba-swat
RHEL 6
0:3.5.10-115.el6_2
fixed
samba-winbind
RHEL 6
0:3.5.10-115.el6_2
fixed
samba-winbind-clients
RHEL 6
0:3.5.10-115.el6_2
fixed
samba-winbind-devel
RHEL 6
0:3.5.10-115.el6_2
fixed
samba-winbind-krb5-locator
RHEL 6
0:3.5.10-115.el6_2
fixed
samba4
RHEL 6
0:4.0.0-55.el6.rc4
fixed
samba4-client
RHEL 6
0:4.0.0-55.el6.rc4
fixed
samba4-common
RHEL 6
0:4.0.0-55.el6.rc4
fixed
samba4-dc
RHEL 6
0:4.0.0-55.el6.rc4
fixed
samba4-dc-libs
RHEL 6
0:4.0.0-55.el6.rc4
fixed
samba4-devel
RHEL 6
0:4.0.0-55.el6.rc4
fixed
samba4-libs
RHEL 6
0:4.0.0-55.el6.rc4
fixed
samba4-pidl
RHEL 6
0:4.0.0-55.el6.rc4
fixed
samba4-python
RHEL 6
0:4.0.0-55.el6.rc4
fixed
samba4-swat
RHEL 6
0:4.0.0-55.el6.rc4
fixed
samba4-test
RHEL 6
0:4.0.0-55.el6.rc4
fixed
samba4-winbind
RHEL 6
0:4.0.0-55.el6.rc4
fixed
samba4-winbind-clients
RHEL 6
0:4.0.0-55.el6.rc4
fixed
samba4-winbind-krb5-locator
RHEL 6
0:4.0.0-55.el6.rc4
fixed
Common Weakness Enumeration
References
http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078258.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078726.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078836.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080567.html
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00007.html
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00008.html
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00009.html
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00014.html
http://marc.info/?l=bugtraq&m=133951282306605&w=2
http://marc.info/?l=bugtraq&m=134323086902585&w=2
http://secunia.com/advisories/48751
http://secunia.com/advisories/48754
http://secunia.com/advisories/48816
http://secunia.com/advisories/48818
http://secunia.com/advisories/48844
http://secunia.com/advisories/48873
http://secunia.com/advisories/48879
http://secunia.com/advisories/48999
http://support.apple.com/kb/HT5281
http://www.collax.com/produkte/AllinOne-server-for-small-businesses#id2565578
http://www.debian.org/security/2012/dsa-2450
http://www.mandriva.com/security/advisories?name=MDVSA-2012:055
http://www.samba.org/samba/history/samba-3.6.4.html
http://www.securitytracker.com/id?1026913
http://www.ubuntu.com/usn/USN-1423-1
https://www.samba.org/samba/security/CVE-2012-1182
http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078258.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078726.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078836.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080567.html
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00007.html
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00008.html
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00009.html
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00014.html
http://marc.info/?l=bugtraq&m=133951282306605&w=2
http://marc.info/?l=bugtraq&m=134323086902585&w=2
http://secunia.com/advisories/48751
http://secunia.com/advisories/48754
http://secunia.com/advisories/48816
http://secunia.com/advisories/48818
http://secunia.com/advisories/48844
http://secunia.com/advisories/48873
http://secunia.com/advisories/48879
http://secunia.com/advisories/48999
http://support.apple.com/kb/HT5281
http://www.collax.com/produkte/AllinOne-server-for-small-businesses#id2565578
http://www.debian.org/security/2012/dsa-2450
http://www.mandriva.com/security/advisories?name=MDVSA-2012:055
http://www.samba.org/samba/history/samba-3.6.4.html
http://www.securitytracker.com/id?1026913
http://www.ubuntu.com/usn/USN-1423-1
https://www.samba.org/samba/security/CVE-2012-1182