QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2012-1182

Back to search

CVE-2012-1182

Published: Apr 10, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to execute arbitrary code via a crafted RPC call.

VendorProductVersions

n/a

n/a

affected
n/a

References

MDVSA-2012:055
vendor-advisory
x_refsource_MANDRIVA
SUSE-SU-2012:0501
vendor-advisory
x_refsource_SUSE
48751
third-party-advisory
x_refsource_SECUNIA
SUSE-SU-2012:0515
vendor-advisory
x_refsource_SUSE
DSA-2450
vendor-advisory
x_refsource_DEBIAN
HPSBUX02789
vendor-advisory
x_refsource_HP
SUSE-SU-2012:0502
vendor-advisory
x_refsource_SUSE
48844
third-party-advisory
x_refsource_SECUNIA
USN-1423-1
vendor-advisory
x_refsource_UBUNTU
FEDORA-2012-5793
vendor-advisory
x_refsource_FEDORA
FEDORA-2012-5805
vendor-advisory
x_refsource_FEDORA
48816
third-party-advisory
x_refsource_SECUNIA
FEDORA-2012-5843
vendor-advisory
x_refsource_FEDORA
HPSBMU02790
vendor-advisory
x_refsource_HP
SUSE-SU-2012:0504
vendor-advisory
x_refsource_SUSE
48879
third-party-advisory
x_refsource_SECUNIA
48754
third-party-advisory
x_refsource_SECUNIA
FEDORA-2012-6382
vendor-advisory
x_refsource_FEDORA
1026913
vdb-entry
x_refsource_SECTRACK
48818
third-party-advisory
x_refsource_SECUNIA
48999
third-party-advisory
x_refsource_SECUNIA
SSRT100872
vendor-advisory
x_refsource_HP
APPLE-SA-2012-05-09-1
vendor-advisory
x_refsource_APPLE
SSRT100824
vendor-advisory
x_refsource_HP
48873
third-party-advisory
x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now