|
|
|||
| Rule General Information |
|---|
| Release Date: | 2017-08-04 | |
| Rule Name: | Samba NDR Parsing Ndr_pull_dnsp_name Integer Overflow Vulnerability (CVE-2016-2123) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | An integer overflow vulnerability was found in Samba. The vulnerability is caused by incorrectly parsing crafted NDR data in the ndr_pull_dnsp_name() function, leading to an integer overflow that results in a heap buffer overflow. | |
| Impact: | An attacker can exploit the affected software with an integer overflow vulnerability. Successful exploit leads to execute arbitrary code, and failed exploit may disturb the software logic and cause denial of service. | |
| Affected OS: | Windows | |
| Reference: | SecurityTrackerID:1037493 SecurityFocusBID:94970 https://www.samba.org/samba/security/CVE-2016-2123.html https://bugzilla.redhat.com/show_bug.cgi |
|
| Solutions |
|---|
| More advisories have been published on the website, please visit for more suggestions: https://www.samba.org/samba/security/CVE-2016-2123.html |