Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 SMB:SAMBA:SETINFOPOLICY-HEAP

Severity

 Critical

Recommended

 Yes

Recommended Action

 Drop

Category

 SMB

Keywords

 Samba SetInformationPolicy AuditEventsInfo Heap Overflow

Release Date

 2013/03/21

Update Number

 2247

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

SMB: Samba SetInformationPolicy AuditEventsInfo Heap Overflow


This signature detects attempts to exploit a known vulnerability against Samba daemon. A successful attack can lead to a heap overflow and finally execute arbitrary code with root privileges.

Extended Description

The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to execute arbitrary code via a crafted RPC call.

Affected Products

  • samba 3.0.0
  • samba 3.0.1
  • samba 3.0.10
  • samba 3.0.11
  • samba 3.0.12
  • samba 3.0.13
  • samba 3.0.14a
  • samba 3.0.14 (a)
  • samba 3.0.15
  • samba 3.0.16
  • samba 3.0.17
  • samba 3.0.18
  • samba 3.0.19
  • samba 3.0.20a
  • samba 3.0.20 (a)
  • samba 3.0.20b
  • samba 3.0.20 (b)
  • samba 3.0.21a
  • samba 3.0.21 (a)
  • samba 3.0.21b
  • samba 3.0.21 (b)
  • samba 3.0.21c
  • samba 3.0.21 (c)
  • samba 3.0.22
  • samba 3.0.23a
  • samba 3.0.23 (a)
  • samba 3.0.23b
  • samba 3.0.23 (b)
  • samba 3.0.23c
  • samba 3.0.23 (c)
  • samba 3.0.23d
  • samba 3.0.23 (d)
  • samba 3.0.24
  • samba 3.0.25a
  • samba 3.0.25 (a)
  • samba 3.0.25b
  • samba 3.0.25 (b)
  • samba 3.0.25c
  • samba 3.0.25 (c)
  • samba 3.0.25 (pre1)
  • samba 3.0.25 (pre2)
  • samba 3.0.25 (rc1)
  • samba 3.0.25 (rc2)
  • samba 3.0.25 (rc3)
  • samba 3.0.26a
  • samba 3.0.26 (a)
  • samba 3.0.27 (a)
  • samba 3.0.28 (a)
  • samba 3.0.29
  • samba 3.0.2a
  • samba 3.0.2 (a)
  • samba 3.0.3
  • samba 3.0.30
  • samba 3.0.31
  • samba 3.0.32
  • samba 3.0.33
  • samba 3.0.34
  • samba 3.0.35
  • samba 3.0.36
  • samba 3.0.37
  • samba 3.0.4 (rc1)
  • samba 3.0.5
  • samba 3.0.6
  • samba 3.0.7
  • samba 3.0.8
  • samba 3.0.9
  • samba 3.1
  • samba 3.2.0
  • samba 3.2.1
  • samba 3.2.10
  • samba 3.2.11
  • samba 3.2.12
  • samba 3.2.13
  • samba 3.2.14
  • samba 3.2.15
  • samba 3.2.2
  • samba 3.2.3
  • samba 3.2.4
  • samba 3.2.5
  • samba 3.2.6
  • samba 3.2.7
  • samba 3.2.8
  • samba 3.2.9
  • samba 3.3.0
  • samba 3.3.1
  • samba 3.3.10
  • samba 3.3.11
  • samba 3.3.12
  • samba 3.3.13
  • samba 3.3.14
  • samba 3.3.15
  • samba 3.3.16
  • samba 3.3.2
  • samba 3.3.3
  • samba 3.3.4
  • samba 3.3.5
  • samba 3.3.6
  • samba 3.3.7
  • samba 3.3.8
  • samba 3.3.9
  • samba 3.4.0
  • samba 3.4.1
  • samba 3.4.10
  • samba 3.4.11
  • samba 3.4.12
  • samba 3.4.13
  • samba 3.4.14
  • samba 3.4.2
  • samba 3.4.3
  • samba 3.4.4
  • samba 3.4.5
  • samba 3.4.6
  • samba 3.4.7
  • samba 3.4.8
  • samba 3.4.9
  • samba 3.5.0
  • samba 3.5.1
  • samba 3.5.10
  • samba 3.5.11
  • samba 3.5.12
  • samba 3.5.13
  • samba 3.5.2
  • samba 3.5.3
  • samba 3.5.4
  • samba 3.5.5
  • samba 3.5.6
  • samba 3.5.7
  • samba 3.5.8
  • samba 3.5.9
  • samba 3.6.0
  • samba 3.6.1
  • samba 3.6.2
  • samba 3.6.3
  • samba up to 3.4.15

References

  • CVE: CVE-2012-1182
  • URL: https://www.samba.org/samba/security/CVE-2012-1182

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out