Lucene search
AnonymousZDI-12-064HistoryApr 18, 2012 - 12:00 a.m.
Samba NDR PULL DFS EnumArray1 Heap Overflow Remote Code Execution Vulnerability
2012-04-1800:00:00
Anonymous
www.zerodayinitiative.com
35
EPSS
0.765
Percentile
98.2%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samba. Authentication is not required to exploit this vulnerability. The specific flaw exists within Samba’s handling of a NDR PULL DFS EnumArray1 request. By sending a specially crafted packet, it is possible to cause Samba to use a different size for memory allocation than it uses for a memory copy loop. This can result in memory corruption, and may be exploited by an attacker to gain remote code execution.
Related
openvas
openvas
Ubuntu Update for samba USN-1423-1
2012-04-13 00:00:00
Ubuntu: Security Advisory (USN-1423-1)
2012-04-13 00:00:00
Fedora Update for samba4 FEDORA-2012-6349
2012-05-04 00:00:00
zdi
zdi
thn
thn
Samba remote code execution vulnerability, Patch Released !
2012-04-12 12:10:00
centos
centos
libsmbclient, samba security update
2012-04-10 21:30:27
samba4 security update
2013-02-27 19:38:13
evolution, openchange security update
2013-02-27 19:34:43
seebug
seebug
Samba < 3.6.3 版本ndr_pull_lsa_SidArray堆溢出漏洞(CVE-2012-1182)
2012-04-12 00:00:00
metasploit
metasploit
Samba SetInformationPolicy AuditEventsInfo Heap Overflow
2012-09-27 23:18:52
f5
f5
SOL13719 - Samba vulnerability CVE-2012-1182
2012-07-10 00:00:00
K13719 : Samba vulnerability CVE-2012-1182
2013-08-29 00:00:00
freebsd
freebsd
samba -- "root" credential remote code execution
2012-04-10 00:00:00
suse
suse
Security update for Samba (critical)
2012-04-14 10:08:19
Security update for Samba (critical)
2012-04-14 14:08:19
Security update for Samba (critical)
2012-04-14 14:08:17
packetstorm
packetstorm
Samba SetInformationPolicy AuditEventsInfo Heap Overflow
2012-09-28 00:00:00
Samba 3.x Remote Root
2012-09-25 00:00:00
nessus
nessus
FreeBSD : samba -- 'root' credential remote code execution (baf37cd2-8351-11e1-894e-00215c6a37bb)
2012-04-11 00:00:00
Fedora 16 : samba4-4.0.0-38.alpha16.fc16 (2012-6382)
2012-05-16 00:00:00
Scientific Linux Security Update : samba4 on SL6.x i386/x86_64 (20130221)
2013-03-05 00:00:00
cvelist
cvelist
CVE-2012-1182
2012-04-10 21:00:00
cve
cve
CVE-2012-1182
2012-04-10 21:55:02
securityvulns
securityvulns
Samba array index overflow
2012-04-19 00:00:00
HP Server Automation code execution
2012-06-17 00:00:00
oraclelinux
oraclelinux
samba security update
2012-04-10 00:00:00
openchange security, bug fix and enhancement update
2013-02-27 00:00:00
samba4 security, bug fix and enhancement update
2013-02-27 00:00:00
debian
debian
[SECURITY] [DSA 2450-1] samba security update
2012-04-12 20:29:01
[BSA-070] Security Update for samba
2012-04-14 08:51:02
redhat
redhat
(RHSA-2012:0478) Critical: samba security update
2012-04-13 00:00:00
(RHSA-2013:0506) Moderate: samba4 security, bug fix and enhancement update
2013-02-21 00:00:00
ibm
ibm
cisa
cisa
Samba Releases Updates for 3.0.x - 3.6.3
2012-04-11 00:00:00
nvd
nvd
CVE-2012-1182
2012-04-10 21:55:02
canvas
canvas
Immunity Canvas: CVE_2012_1182_NONX
2012-04-10 17:55:02
Immunity Canvas: CVE_2012_1182
2012-04-10 21:55:00
checkpoint_advisories
checkpoint_advisories
Samba DCE RPC IDL Parser Out-of-bounds Array Access (CVE-2012-1182)
2012-10-14 00:00:00
Samba SetInformationPolicy AuditEventsInfo Heap Overflow (CVE-2012-1182)
2013-07-28 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 5 package samba version 3.0.37-alt5.M50P.1
2012-04-11 00:00:00
Security fix for the ALT Linux 6 package samba version 3.5.14-alt1.M60P.1
2012-04-11 00:00:00
samba
samba
"root" credential remote code execution.
2012-04-10 00:00:00
prion
prion
Input validation
2012-04-10 21:55:00
fedora
fedora
[SECURITY] Fedora 16 Update: samba4-4.0.0-38.alpha16.fc16
2012-05-15 23:28:34
[SECURITY] Fedora 15 Update: samba4-4.0.0-26.alpha11.fc15.6
2012-05-03 07:32:37
debiancve
debiancve
CVE-2012-1182
2012-04-10 21:55:02
ubuntu
ubuntu
Samba vulnerability
2012-04-13 00:00:00
veracode
veracode
Remote Code Execution (RCE)
2019-01-15 08:57:16
ubuntucve
ubuntucve
CVE-2012-1182
2012-04-10 00:00:00
exploitdb
exploitdb
nmap
nmap
mrinfo NSE Script
2012-08-03 22:58:29
broadcast-novell-locate NSE Script
2011-06-15 06:23:30
telnet-ntlm-info NSE Script
2016-01-08 15:54:53