CVE-2013-4408

Published: 9 December 2013

Heap-based buffer overflow in the dcerpc_read_ncacn_packet_done function in librpc/rpc/dcerpc_util.c in winbindd in Samba 3.x before 3.6.22, 4.0.x before 4.0.13, and 4.1.x before 4.1.3 allows remote AD domain controllers to execute arbitrary code via an invalid fragment length in a DCE-RPC packet.

Priority

Status

Package	Release	Status
samba Launchpad, Ubuntu, Debian	lucid	Released (2:3.4.7~dfsg-1ubuntu3.13)
	precise	Released (2:3.6.3-2ubuntu2.9)
	quantal	Released (2:3.6.6-3ubuntu5.3)
	raring	Released (2:3.6.9-1ubuntu1.2)
	saucy	Released (2:3.6.18-1ubuntu3.1)
	trusty	Released (2:4.0.13+dfsg-1ubuntu1)
	upstream	Released (3.6.22)
	utopic	Released (2:4.0.13+dfsg-1ubuntu1)
	vivid	Released (2:4.0.13+dfsg-1ubuntu1)
	wily	Released (2:4.0.13+dfsg-1ubuntu1)
	xenial	Released (2:4.0.13+dfsg-1ubuntu1)
	yakkety	Released (2:4.0.13+dfsg-1ubuntu1)
	zesty	Released (2:4.0.13+dfsg-1ubuntu1)
	Patches: upstream: http://git.samba.org/?p=samba.git;a=commit;h=d485eff4c13ce3c0ab689cde56fe74ad3a0343f5 (3.6-1) upstream: http://git.samba.org/?p=samba.git;a=commit;h=b13b1426f6c309b6ff3b2b5f9e335a62fd256969 (3.6-2) upstream: http://git.samba.org/?p=samba.git;a=commit;h=4487b19619fa0fbfc64c33cd073e67ceae8563c3 (3.6-3) upstream: http://git.samba.org/?p=samba.git;a=commit;h=288337429fe8f3a830e592a53b8b12e1a060d299 (3.6-4) upstream: http://git.samba.org/?p=samba.git;a=commit;h=17667fcf49609a67ce72b6be6f922003db9befdc (3.6-5) upstream: http://git.samba.org/?p=samba.git;a=commit;h=c9d780c7d95dd8a5aaf0a87f48baed3bff046d59 (3.6-6) upstream: http://git.samba.org/?p=samba.git;a=commit;h=fc294c4842cfaea19ddcec2a5be37322ab8b5b45 (3.6-7) upstream: http://git.samba.org/?p=samba.git;a=commit;h=ba9728b86c52ad2da4d80d80edb17c07bd09be2c (3.6-8) upstream: http://git.samba.org/?p=samba.git;a=commit;h=27a751632eb3bfc3f5610314b8254d16d027c0b0 (3.6-9) upstream: http://git.samba.org/?p=samba.git;a=commit;h=9242121dcae43a736a9de5cf73c48a6dc95516f8 (3.6-10) upstream: http://git.samba.org/?p=samba.git;a=commit;h=f6d2b22ec51e025a309548224e8354bce52ea648 (3.6-11) upstream: http://git.samba.org/?p=samba.git;a=commit;h=6434d492578b37c7c97bd3f55d4fc14958bbd080 (3.6-12) upstream: http://git.samba.org/?p=samba.git;a=commit;h=4c2aa03e447b0ac7a74aecdee37205740e43bea5 (3.6-13) upstream: http://git.samba.org/?p=samba.git;a=commit;h=b915d0bd6d88f8fe725716b7654acfcb8303a2d4 (3.6-14) upstream: http://git.samba.org/?p=samba.git;a=commit;h=50e3da9992e4a43b888caa3aeadfbf5293e8281a (3.6-15)
samba4 Launchpad, Ubuntu, Debian	lucid	Ignored (end of life)
	precise	Ignored (end of life)
	quantal	Ignored (end of life)
	raring	Ignored (end of life)
	saucy	Ignored (end of life)
	trusty	Does not exist
	upstream	Released (4.0.13,4.1.3)
	utopic	Does not exist
	vivid	Does not exist
	wily	Does not exist
	xenial	Does not exist
	yakkety	Does not exist
	zesty	Does not exist

References

Bugs

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›