CVE-2013-4408

Published: 9 December 2013

Heap-based buffer overflow in the dcerpc_read_ncacn_packet_done function in librpc/rpc/dcerpc_util.c in winbindd in Samba 3.x before 3.6.22, 4.0.x before 4.0.13, and 4.1.x before 4.1.3 allows remote AD domain controllers to execute arbitrary code via an invalid fragment length in a DCE-RPC packet.

Priority

Status

Package	Release	Status
samba Launchpad, Ubuntu, Debian	lucid	Released (2:3.4.7~dfsg-1ubuntu3.13)
	precise	Released (2:3.6.3-2ubuntu2.9)
	quantal	Released (2:3.6.6-3ubuntu5.3)
	raring	Released (2:3.6.9-1ubuntu1.2)
	saucy	Released (2:3.6.18-1ubuntu3.1)
	trusty	Released (2:4.0.13+dfsg-1ubuntu1)
	upstream	Released (3.6.22)
	utopic	Released (2:4.0.13+dfsg-1ubuntu1)
	vivid	Released (2:4.0.13+dfsg-1ubuntu1)
	wily	Released (2:4.0.13+dfsg-1ubuntu1)
	xenial	Released (2:4.0.13+dfsg-1ubuntu1)
	yakkety	Released (2:4.0.13+dfsg-1ubuntu1)
	zesty	Released (2:4.0.13+dfsg-1ubuntu1)
	Patches: upstream: http://git.samba.org/?p=samba.git;a=commit;h=d485eff4c13ce3c0ab689cde56fe74ad3a0343f5 (3.6-1) upstream: http://git.samba.org/?p=samba.git;a=commit;h=b13b1426f6c309b6ff3b2b5f9e335a62fd256969 (3.6-2) upstream: http://git.samba.org/?p=samba.git;a=commit;h=4487b19619fa0fbfc64c33cd073e67ceae8563c3 (3.6-3) upstream: http://git.samba.org/?p=samba.git;a=commit;h=288337429fe8f3a830e592a53b8b12e1a060d299 (3.6-4) upstream: http://git.samba.org/?p=samba.git;a=commit;h=17667fcf49609a67ce72b6be6f922003db9befdc (3.6-5) upstream: http://git.samba.org/?p=samba.git;a=commit;h=c9d780c7d95dd8a5aaf0a87f48baed3bff046d59 (3.6-6) upstream: http://git.samba.org/?p=samba.git;a=commit;h=fc294c4842cfaea19ddcec2a5be37322ab8b5b45 (3.6-7) upstream: http://git.samba.org/?p=samba.git;a=commit;h=ba9728b86c52ad2da4d80d80edb17c07bd09be2c (3.6-8) upstream: http://git.samba.org/?p=samba.git;a=commit;h=27a751632eb3bfc3f5610314b8254d16d027c0b0 (3.6-9) upstream: http://git.samba.org/?p=samba.git;a=commit;h=9242121dcae43a736a9de5cf73c48a6dc95516f8 (3.6-10) upstream: http://git.samba.org/?p=samba.git;a=commit;h=f6d2b22ec51e025a309548224e8354bce52ea648 (3.6-11) upstream: http://git.samba.org/?p=samba.git;a=commit;h=6434d492578b37c7c97bd3f55d4fc14958bbd080 (3.6-12) upstream: http://git.samba.org/?p=samba.git;a=commit;h=4c2aa03e447b0ac7a74aecdee37205740e43bea5 (3.6-13) upstream: http://git.samba.org/?p=samba.git;a=commit;h=b915d0bd6d88f8fe725716b7654acfcb8303a2d4 (3.6-14) upstream: http://git.samba.org/?p=samba.git;a=commit;h=50e3da9992e4a43b888caa3aeadfbf5293e8281a (3.6-15)
samba4 Launchpad, Ubuntu, Debian	lucid	Ignored (reached end-of-life)
	precise	Does not exist (precise was needed)
	quantal	Ignored (reached end-of-life)
	raring	Ignored (reached end-of-life)
	saucy	Ignored (reached end-of-life)
	trusty	Does not exist
	upstream	Released (4.0.13,4.1.3)
	utopic	Does not exist
	vivid	Does not exist
	wily	Does not exist
	xenial	Does not exist
	yakkety	Does not exist
	zesty	Does not exist

References

Bugs

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›