Signature Detail
Short Name |
SMB:SAMBA:IDL-PARSE-OOB |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
SMB |
Keywords |
Samba DCE RPC IDL Parser Out-of-bounds Array Access |
Release Date |
2012/05/01 |
Update Number |
2127 |
Supported Platforms |
idp-4.1.110110609+, isg-3.4.139899+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
SMB: Samba DCE RPC IDL Parser Out-of-bounds Array Access
This signature detects attempts to exploit a known flaw in the open source project Samba. An out-of-bounds array access leading to heap memory corruption has been reported in Samba. The vulnerability is due to an error in Samba's RPC code generator. A remote, unauthenticated attacker could exploit this vulnerability by sending malicious Server Message Block (SMB) traffic to a vulnerable server. A successful exploitation attempt may result in the execution of arbitrary code as the 'root' user.
Extended Description
Samba is prone to a remote-code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code with root privileges. Failed exploit attempts will cause a denial-of-service condition. Samba versions 3.0 through 3.6.3 are vulnerable.
Affected Products
- Apple Mac Os X 10.6.5
- Apple Mac Os X 10.6.6
- Apple Mac Os X 10.6.7
- Apple Mac Os X 10.6.8
- Apple Mac OS X 10.6
- Apple Mac OS X 10.6.1
- Apple Mac OS X 10.6.2
- Apple Mac OS X 10.6.3
- Apple Mac OS X 10.6.4
- Apple Mac OS X 10.6.5
- Apple Mac Os X Server 10.6.7
- Apple Mac Os X Server 10.6.8
- Apple Mac OS X Server 10.6
- Apple Mac OS X Server 10.6.1
- Apple Mac OS X Server 10.6.2
- Apple Mac OS X Server 10.6.3
- Apple Mac OS X Server 10.6.4
- Apple Mac OS X Server 10.6.5
- Apple Mac OS X Server 10.6.5
- Apple Mac OS X Server 10.6.6
- Avaya Aura System Manager 5.2
- Avaya Aura System Manager 6.0
- Avaya Aura System Manager 6.0 SP1
- Avaya Aura System Manager 6.1
- Avaya Aura System Manager 6.1.1
- Avaya Aura System Manager 6.1.2
- Avaya Aura System Manager 6.1.3
- Avaya Aura System Manager 6.1 Sp1
- Avaya Aura System Manager 6.1 SP2
- Avaya Aura System Manager 6.2
- Avaya IP Office Application Server 8.0
- Avaya IQ 4.0
- Avaya IQ 4.1.0
- Avaya IQ 4.2
- Avaya Messaging Storage Server 5.0
- Avaya Messaging Storage Server 5.1
- Avaya Messaging Storage Server 5.1 SP1
- Avaya Messaging Storage Server 5.1 SP2
- Avaya Messaging Storage Server 5.2
- Avaya Messaging Storage Server 5.2.2
- Avaya Messaging Storage Server 5.2.8
- Avaya Messaging Storage Server 5.2 SP1
- Avaya Messaging Storage Server 5.2 SP2
- Avaya Messaging Storage Server 5.2 SP3
- Collax Collax Business Server 5.5.0
- Debian Linux 6.0 amd64
- Debian Linux 6.0 arm
- Debian Linux 6.0 ia-32
- Debian Linux 6.0 ia-64
- Debian Linux 6.0 mips
- Debian Linux 6.0 powerpc
- Debian Linux 6.0 s/390
- Debian Linux 6.0 sparc
- Gentoo Linux
- HP HP-UX B.11.23
- HP HP-UX B.11.31
- HP Server Automation 7.8
- HP Server Automation 9.0
- HP Server Automation 9.1
- IBM Scale Out Network Attached Storage 1.1
- IBM Scale Out Network Attached Storage 1.3.0.4
- IBM Storwize V7000 Unified 1.3.0.0
- IBM Storwize V7000 Unified 1.3.0.5
- Mandriva Enterprise Server 5
- Mandriva Enterprise Server 5 X86 64
- Mandriva Linux Mandrake 2010.1
- Mandriva Linux Mandrake 2010.1 X86 64
- Mandriva Linux Mandrake 2011
- Mandriva Linux Mandrake 2011 x86_64
- Oracle Enterprise Linux 4
- Oracle Enterprise Linux 5
- Oracle Enterprise Linux 6
- Oracle Enterprise Linux 6.2
- Red Hat Enterprise Linux 5 Server
- Red Hat Enterprise Linux AS 4
- Red Hat Enterprise Linux Desktop 5 Client
- Red Hat Enterprise Linux Desktop 6
- Red Hat Enterprise Linux Desktop Optional 6
- Red Hat Enterprise Linux Desktop Workstation 5 Client
- Red Hat Enterprise Linux ES 4
- Red Hat Enterprise Linux EUS 5.6.z server
- Red Hat Enterprise Linux HPC Node 6
- Red Hat Enterprise Linux HPC Node Optional 6
- Red Hat Enterprise Linux Long Life 5.3 Server
- Red Hat Enterprise Linux Server 6
- Red Hat Enterprise Linux Server EUS 6.0
- Red Hat Enterprise Linux Server EUS 6.1.z
- Red Hat Enterprise Linux Server Optional 6
- Red Hat Enterprise Linux Server Optional 6.0.z
- Red Hat Enterprise Linux Workstation 6
- Red Hat Enterprise Linux Workstation Optional 6
- Red Hat Fedora 15
- Red Hat Fedora 16
- Red Hat Fedora 17
- Samba 3.0.0
- Samba 3.0.0 Alpha
- Samba 3.0.1
- Samba 3.0.10
- Samba 3.0.11
- Samba 3.0.12
- Samba 3.0.13
- Samba 3.0.14
- Samba 3.0.14A
- Samba 3.0.14 A
- Samba 3.0.15
- Samba 3.0.16
- Samba 3.0.17
- Samba 3.0.18
- Samba 3.0.19
- Samba 3.0.2
- Samba 3.0.20
- Samba 3.0.20A
- Samba 3.0.20 A
- Samba 3.0.20B
- Samba 3.0.20 B
- Samba 3.0.21
- Samba 3.0.21A
- Samba 3.0.21 A
- Samba 3.0.21B
- Samba 3.0.21 B
- Samba 3.0.21C
- Samba 3.0.21 C
- Samba 3.0.22
- Samba 3.0.23
- Samba 3.0.23A
- Samba 3.0.23 A
- Samba 3.0.23B
- Samba 3.0.23 B
- Samba 3.0.23C
- Samba 3.0.23 C
- Samba 3.0.23D
- Samba 3.0.23 D
- Samba 3.0.24
- Samba 3.0.25
- Samba 3.0.25A
- Samba 3.0.25 A
- Samba 3.0.25B
- Samba 3.0.25 B
- Samba 3.0.25C
- Samba 3.0.25 C
- Samba 3.0.25 Pre1
- Samba 3.0.25 Pre2
- Samba 3.0.25 Rc1
- Samba 3.0.25 Rc2
- Samba 3.0.25 Rc3
- Samba 3.0.26
- Samba 3.0.26A
- Samba 3.0.26 A
- Samba 3.0.27
- Samba 3.0.27A
- Samba 3.0.27 A
- Samba 3.0.28
- Samba 3.0.28A
- Samba 3.0.28 A
- Samba 3.0.29
- Samba 3.0.2 A
- Samba 3.0.2 A
- Samba 3.0.3
- Samba 3.0.30
- Samba 3.0.31
- Samba 3.0.32
- Samba 3.0.33
- Samba 3.0.34
- Samba 3.0.35
- Samba 3.0.36
- Samba 3.0.37
- Samba 3.0.4
- Samba 3.0.4 -R1
- Samba 3.0.4 Rc1
- Samba 3.0.5
- Samba 3.0.6
- Samba 3.0.7
- Samba 3.0.8
- Samba 3.0.9
- Samba 3.1
- Samba 3.2.0
- Samba 3.2.1
- Samba 3.2.10
- Samba 3.2.11
- Samba 3.2.12
- Samba 3.2.13
- Samba 3.2.14
- Samba 3.2.15
- Samba 3.2.2
- Samba 3.2.3
- Samba 3.2.4
- Samba 3.2.5
- Samba 3.2.6
- Samba 3.2.7
- Samba 3.2.8
- Samba 3.2.9
- Samba 3.3.0
- Samba 3.3.1
- Samba 3.3.10
- Samba 3.3.11
- Samba 3.3.12
- Samba 3.3.13
- Samba 3.3.14
- Samba 3.3.15
- Samba 3.3.16
- Samba 3.3.2
- Samba 3.3.3
- Samba 3.3.4
- Samba 3.3.5
- Samba 3.3.6
- Samba 3.3.7
- Samba 3.3.8
- Samba 3.3.9
- Samba 3.4.0
- Samba 3.4.1
- Samba 3.4.10
- Samba 3.4.11
- Samba 3.4.12
- Samba 3.4.13
- Samba 3.4.14
- Samba 3.4.2
- Samba 3.4.3
- Samba 3.4.4
- Samba 3.4.5
- Samba 3.4.6
- Samba 3.4.7
- Samba 3.4.8
- Samba 3.4.9
- Samba 3.5
- Samba 3.5.0
- Samba 3.5.1
- Samba 3.5.10
- Samba 3.5.11
- Samba 3.5.2
- Samba 3.5.3
- Samba 3.5.4
- Samba 3.5.5
- Samba 3.5.6
- Samba 3.5.7
- Samba 3.5.8
- Samba 3.5.9
- Samba 3.5.9
- Samba 3.6.0
- Samba 3.6.0
- Samba 3.6.1
- Samba 3.6.2
- Samba 3.6.3
- SuSE CORE 9
- SuSE openSUSE 11.4
- SuSE openSUSE 12.1
- SuSE SUSE CORE 9 for x86
- SuSE SUSE Linux Enterprise Desktop 10 SP4
- SuSE SUSE Linux Enterprise Desktop 11 SP1
- SuSE SUSE Linux Enterprise Desktop 11 SP2
- SuSE SUSE Linux Enterprise SDK 10 SP4
- SuSE SUSE Linux Enterprise SDK 11 SP1
- SuSE SUSE Linux Enterprise SDK 11 SP2
- SuSE SUSE Linux Enterprise Server 10 GPLv3 Extras
- SuSE SUSE Linux Enterprise Server 10 SP2
- SuSE SUSE Linux Enterprise Server 10 SP3 LTSS
- SuSE SUSE Linux Enterprise Server 10 SP4
- SuSE SUSE Linux Enterprise Server 11 SP1
- SuSE SUSE Linux Enterprise Server 11 SP2
- SuSE SUSE Linux Enterprise Server for VMware 11 SP1
- SuSE SUSE Linux Enterprise Server for VMware 11 SP2
- Ubuntu Ubuntu Linux 10.04 Amd64
- Ubuntu Ubuntu Linux 10.04 ARM
- Ubuntu Ubuntu Linux 10.04 I386
- Ubuntu Ubuntu Linux 10.04 Powerpc
- Ubuntu Ubuntu Linux 10.04 Sparc
- Ubuntu Ubuntu Linux 11.04 amd64
- Ubuntu Ubuntu Linux 11.04 ARM
- Ubuntu Ubuntu Linux 11.04 i386
- Ubuntu Ubuntu Linux 11.04 powerpc
- Ubuntu Ubuntu Linux 11.10 amd64
- Ubuntu Ubuntu Linux 11.10 i386
- Ubuntu Ubuntu Linux 8.04 LTS Amd64
- Ubuntu Ubuntu Linux 8.04 LTS I386
- Ubuntu Ubuntu Linux 8.04 LTS Lpia
- Ubuntu Ubuntu Linux 8.04 LTS Powerpc
- Ubuntu Ubuntu Linux 8.04 LTS Sparc
References
- BugTraq: 52973
- CVE: CVE-2012-1182