CVE Database

CVE-2012-1182

Impact: Critical
Public: 2012-04-10
CWE: CWE-228->CWE-122
Bugzilla: 804093: CVE-2012-1182 samba: Multiple heap-based buffer overflows in memory management based on NDR marshalling code output

Details

The MITRE CVE dictionary describes this issue as:

The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to execute arbitrary code via a crafted RPC call.

Find out more about CVE-2012-1182 from the MITRE CVE dictionary and NIST NVD.

Statement

This issue affects the version of samba4, openchange and evolution-mapi packages as shipped with Red Hat Enterprise Linux 6. A future security update may address this flaw.

CVSS v2 metrics

Base Score: 8.3
Base Metrics: AV:A/AC:L/Au:N/C:C/I:C/A:C
Access Vector: Adjacent Network
Access Complexity: Low
Authentication: None
Confidentiality Impact: Complete
Integrity Impact: Complete
Availability Impact: Complete

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Red Hat security errata

Platform Errata Release Date
Red Hat Enterprise Linux ES (v. 4 ELS) (samba) RHSA-2012:0478 April 13, 2012
Red Hat Enterprise Linux EUS (v. 5.6 server) (samba) RHSA-2012:0465 April 10, 2012
Red Hat Enterprise Linux EUS (v. 5.6 server) (samba3x) RHSA-2012:0466 April 10, 2012
Red Hat Enterprise Linux Long Life (v. 5.3 server) (samba) RHSA-2012:0465 April 10, 2012
Red Hat Enterprise Linux Server EUS (v. 6.0) (samba) RHSA-2012:0465 April 10, 2012
Red Hat Enterprise Linux Server EUS (v. 6.1) (samba) RHSA-2012:0465 April 10, 2012
Red Hat Enterprise Linux version 5 (samba) RHSA-2012:0465 April 10, 2012
Red Hat Enterprise Linux version 5 (samba3x) RHSA-2012:0466 April 10, 2012
Red Hat Enterprise Linux version 6 RHSA-2013:0515 February 20, 2013
Red Hat Enterprise Linux version 6 (samba) RHSA-2012:0465 April 10, 2012
Red Hat Enterprise Linux version 6 (samba4) RHSA-2013:0506 February 20, 2013

External References

http://www.samba.org/samba/history/samba-3.6.4.html

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact the Red Hat Security Response Team.