SMB: Samba DCE RPC IDL Parser Out-of-bounds Array Access
This signature detects attempts to exploit a known flaw in the open source project Samba. An out-of-bounds array access leading to heap memory corruption has been reported in Samba. The vulnerability is due to an error in Samba's RPC code generator. A remote, unauthenticated attacker could exploit this vulnerability by sending malicious Server Message Block (SMB) traffic to a vulnerable server. A successful exploitation attempt may result in the execution of arbitrary code as the 'root' user.
Extended Description
Samba is prone to a remote-code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code with root privileges. Failed exploit attempts will cause a denial-of-service condition. Samba versions 3.0 through 3.6.3 are vulnerable.
Affected Products
Suse suse_linux_enterprise_desktop
Short Name
SMB:SAMBA:IDL-PARSE-OOB
Severity
Major
Recommended
False
Recommended Action
Drop
Category
SMB
Keywords
Access Array CVE-2012-1182 DCE IDL Out-of-bounds Parser RPC Samba bid:52973
Release Date
05/01/2012
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Red_hat
Samba
Suse
Apple
Gentoo
Hp
Collax
Avaya
Oracle
Ubuntu
Mandriva
Debian
Ibm
CVSS Score
10.0