Vulnerabilities > CVE-2013-4124 - Numeric Errors vulnerability in multiple products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
Integer overflow in the read_nttrans_ea_list function in nttrans.c in smbd in Samba 3.x before 3.5.22, 3.6.x before 3.6.17, and 4.x before 4.0.8 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Exploit-Db
description | Samba nttrans Reply - Integer Overflow Vulnerability. CVE-2013-4124. Dos exploit for linux platform |
id | EDB-ID:27778 |
last seen | 2016-02-03 |
modified | 2013-08-22 |
published | 2013-08-22 |
reporter | x90c |
source | https://www.exploit-db.com/download/27778/ |
title | Samba nttrans Reply - Integer Overflow Vulnerability |
Metasploit
description | Integer overflow in the read_nttrans_ea_list function in nttrans.c in smbd in Samba 3.x before 3.5.22, 3.6.x before 3.6.17, and 4.x before 4.0.8 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet. Important Note: in order to work, the "ea support" option on the target share must be enabled. |
id | MSF:AUXILIARY/DOS/SAMBA/READ_NTTRANS_EA_LIST |
last seen | 2020-03-06 |
modified | 2017-07-24 |
published | 2013-08-28 |
references | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4124 |
reporter | Rapid7 |
source | https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/dos/samba/read_nttrans_ea_list.rb |
title | Samba read_nttrans_ea_list Integer Overflow |
Nessus
NASL family Scientific Linux Local Security Checks NASL id SL_20140317_SAMBA_ON_SL5_X.NASL description It was discovered that the Samba Web Administration Tool (SWAT) did not protect against being opened in a web page frame. A remote attacker could possibly use this flaw to conduct a clickjacking attack against SWAT users or users with an active SWAT session. (CVE-2013-0213) A flaw was found in the Cross-Site Request Forgery (CSRF) protection mechanism implemented in SWAT. An attacker with the knowledge of a victim last seen 2020-03-18 modified 2014-03-18 plugin id 73074 published 2014-03-18 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/73074 title Scientific Linux Security Update : samba on SL5.x i386/x86_64 (20140317) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_E21C7C7A011611E39E833C970E169BC2.NASL description The Samba project reports : All current released versions of Samba are vulnerable to a denial of service on an authenticated or guest connection. A malformed packet can cause the smbd server to loop the CPU performing memory allocations and preventing any further service. A connection to a file share, or a local account is needed to exploit this problem, either authenticated or unauthenticated if guest connections are allowed. last seen 2020-06-01 modified 2020-06-02 plugin id 69293 published 2013-08-10 reporter This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/69293 title FreeBSD : samba -- denial of service vulnerability (e21c7c7a-0116-11e3-9e83-3c970e169bc2) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2013-207.NASL description A vulnerability has been found and corrected in samba : Integer overflow in the read_nttrans_ea_list function in nttrans.c in smbd in Samba 3.x before 3.5.22, 3.6.x before 3.6.17, and 4.x before 4.0.8 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet (CVE-2013-4124). The updated packages for Enterprise Server 5.2 has been patched to correct this issue. The updated packages for Business Server 1 has been upgraded to the 3.6.17 version which resolves many upstream bugs and is not vulnerable to this issue. Additionally the libtevent packages are being provided which is a requirement since samba 3.6.16. last seen 2020-06-01 modified 2020-06-02 plugin id 69230 published 2013-08-07 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/69230 title Mandriva Linux Security Advisory : samba (MDVSA-2013:207) NASL family SuSE Local Security Checks NASL id SUSE_11_CIFS-MOUNT-130807.NASL description The Samba server suite received a security update to fix a denial of service problem in integer wrap protection. (CVE-2013-4124). Additionally, the following stability fixes are included in this update : - Fix libreplace license ambiguity. (bnc#765270) - Document idmap_ad rfc2307 attribute requirements. (bnc#820531) - The pam_winbind require_membership_of option allows for a list of SID, but currently only provides buffer space for ~20. (bnc#806501). last seen 2020-06-05 modified 2013-09-20 plugin id 70019 published 2013-09-20 reporter This script is Copyright (C) 2013-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/70019 title SuSE 11.3 Security Update : Samba (SAT Patch Number 8171) NASL family Scientific Linux Local Security Checks NASL id SL_20130930_SAMBA3X_ON_SL5_X.NASL description It was discovered that the Samba Web Administration Tool (SWAT) did not protect against being opened in a web page frame. A remote attacker could possibly use this flaw to conduct a clickjacking attack against SWAT users or users with an active SWAT session. (CVE-2013-0213) A flaw was found in the Cross-Site Request Forgery (CSRF) protection mechanism implemented in SWAT. An attacker with the knowledge of a victim last seen 2020-03-18 modified 2013-10-11 plugin id 70390 published 2013-10-11 reporter This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/70390 title Scientific Linux Security Update : samba3x on SL5.x i386/x86_64 (20130930) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2013-1543.NASL description Updated samba4 packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Samba is an open source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. An integer overflow flaw was found in the way Samba handled an Extended Attribute (EA) list provided by a client. A malicious client could send a specially crafted EA list that triggered an overflow, causing the server to loop and reprocess the list using an excessive amount of memory. (CVE-2013-4124) Note: This issue did not affect the default configuration of the Samba server. This update fixes the following bugs : * When Samba was installed in the build root directory, the RPM target might not have existed. Consequently, the find-debuginfo.sh script did not create symbolic links for the libwbclient.so.debug module associated with the target. With this update, the paths to the symbolic links are relative so that the symbolic links are now created correctly. (BZ#882338) * Previously, the samba4 packages were missing a dependency for the libreplace.so module which could lead to installation failures. With this update, the missing dependency has been added to the dependency list of the samba4 packages and installation now proceeds as expected. (BZ#911264) All samba4 users are advised to upgrade to these updated packages, which contain a backported patch to correct these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 71003 published 2013-11-21 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/71003 title RHEL 6 : samba4 (RHSA-2013:1543) NASL family SuSE Local Security Checks NASL id OPENSUSE-2013-644.NASL description This update of samba fixed the following issues : - The pam_winbind require_membership_of option allows for a list of SID, but currently only provides buffer space for ~20; (bnc#806501). - Samba 3.0.x to 4.0.7 are affected by a denial of service attack on authenticated or guest connections; CVE-2013-4124; (bnc#829969). - PIDL: fix parsing linemarkers in preprocessor output; (bso#9636). - build:autoconf: fix output of syslog-facility check; (bso#9983). - libreplace: add a missing last seen 2020-06-05 modified 2014-06-13 plugin id 75116 published 2014-06-13 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/75116 title openSUSE Security Update : samba (openSUSE-SU-2013:1339-1) NASL family Slackware Local Security Checks NASL id SLACKWARE_SSA_2013-218-03.NASL description New samba packages are available for Slackware 13.1, 13.37, 14.0, and -current to fix a security issue. last seen 2020-06-01 modified 2020-06-02 plugin id 69226 published 2013-08-07 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/69226 title Slackware 13.1 / 13.37 / 14.0 / current : samba (SSA:2013-218-03) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2013-1542.NASL description Updated samba packages that fix three security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Samba is an open source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. It was discovered that the Samba Web Administration Tool (SWAT) did not protect against being opened in a web page frame. A remote attacker could possibly use this flaw to conduct a clickjacking attack against SWAT users or users with an active SWAT session. (CVE-2013-0213) A flaw was found in the Cross-Site Request Forgery (CSRF) protection mechanism implemented in SWAT. An attacker with the knowledge of a victim last seen 2020-06-01 modified 2020-06-02 plugin id 79159 published 2014-11-12 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/79159 title CentOS 6 : samba (CESA-2013:1542) NASL family SuSE Local Security Checks NASL id SUSE_SU-2014-0723-1.NASL description This is a LTSS roll-up update for the Samba Server suite fixing multiple security issues and bugs. Security issues fixed : - CVE-2013-4496: Password lockout was not enforced for SAMR password changes, leading to brute force possibility. - CVE-2013-4408: DCE-RPC fragment length field is incorrectly checked. - CVE-2013-4124: Samba was affected by a denial of service attack on authenticated or guest connections. - CVE-2013-0214: The SWAT webadministration was affected by a cross site scripting attack (XSS). - CVE-2013-0213: The SWAT webadministration could possibly be used in clickjacking attacks. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2015-05-20 plugin id 83623 published 2015-05-20 reporter This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/83623 title SUSE SLES11 Security Update : Samba (SUSE-SU-2014:0723-1) NASL family Scientific Linux Local Security Checks NASL id SL_20131121_SAMBA_ON_SL6_X.NASL description It was discovered that the Samba Web Administration Tool (SWAT) did not protect against being opened in a web page frame. A remote attacker could possibly use this flaw to conduct a clickjacking attack against SWAT users or users with an active SWAT session. (CVE-2013-0213) A flaw was found in the Cross-Site Request Forgery (CSRF) protection mechanism implemented in SWAT. An attacker with the knowledge of a victim last seen 2020-03-18 modified 2013-12-04 plugin id 71201 published 2013-12-04 reporter This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/71201 title Scientific Linux Security Update : samba on SL6.x i386/x86_64 (20131121) NASL family SuSE Local Security Checks NASL id OPENSUSE-2013-651.NASL description This update of samba fixed the following issues : - The pam_winbind require_membership_of option allows for a list of SID, but currently only provides buffer space for ~20; (bnc#806501). - Samba 3.0.x to 4.0.7 are affected by a denial of service attack on authenticated or guest connections; CVE-2013-4124; (bnc#829969). - PIDL: fix parsing linemarkers in preprocessor output; (bso#9636). - build:autoconf: fix output of syslog-facility check; (bso#9983). - libreplace: add a missing last seen 2020-06-05 modified 2014-06-13 plugin id 75121 published 2014-06-13 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/75121 title openSUSE Security Update : samba (openSUSE-SU-2013:1349-1) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-1966-1.NASL description Jeremy Allison discovered that Samba incorrectly handled certain extended attribute lists. A remote attacker could use this issue to cause Samba to hang, resulting in a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 70116 published 2013-09-25 reporter Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/70116 title Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.04 : samba vulnerability (USN-1966-1) NASL family Fedora Local Security Checks NASL id FEDORA_2013-14312.NASL description Update to 4.0.8 (CVE-2013-4124). Fix location of the Kerberos credentials cache. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2013-08-10 plugin id 69291 published 2013-08-10 reporter This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/69291 title Fedora 19 : samba-4.0.8-1.fc19 (2013-14312) NASL family Misc. NASL id SAMBA_4_0_8.NASL description According to its banner, the version of Samba running on the remote host is 3.x prior to 3.5.22, 3.6.x prior to 3.6.17 or 4.0.x prior to 4.0.8. It is, therefore, potentially affected by a denial of service vulnerability. An integer overflow error exists in the function last seen 2020-06-01 modified 2020-06-02 plugin id 69276 published 2013-08-08 reporter This script is Copyright (C) 2013-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/69276 title Samba 3.x < 3.5.22 / 3.6.x < 3.6.17 / 4.0.x < 4.0.8 read_nttrans_ea_lis DoS NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201502-15.NASL description The remote host is affected by the vulnerability described in GLSA-201502-15 (Samba: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Samba. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker may be able to execute arbitrary code, cause a Denial of Service condition, bypass intended file restrictions, or obtain sensitive information. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 81536 published 2015-02-26 reporter This script is Copyright (C) 2015-2016 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/81536 title GLSA-201502-15 : Samba: Multiple vulnerabilities NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2014-0305.NASL description Updated samba packages that fix three security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Samba is an open source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. It was discovered that the Samba Web Administration Tool (SWAT) did not protect against being opened in a web page frame. A remote attacker could possibly use this flaw to conduct a clickjacking attack against SWAT users or users with an active SWAT session. (CVE-2013-0213) A flaw was found in the Cross-Site Request Forgery (CSRF) protection mechanism implemented in SWAT. An attacker with the knowledge of a victim last seen 2020-06-01 modified 2020-06-02 plugin id 73072 published 2014-03-18 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/73072 title RHEL 5 : samba (RHSA-2014:0305) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2013-1310.NASL description From Red Hat Security Advisory 2013:1310 : Updated samba3x packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Samba is an open source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. It was discovered that the Samba Web Administration Tool (SWAT) did not protect against being opened in a web page frame. A remote attacker could possibly use this flaw to conduct a clickjacking attack against SWAT users or users with an active SWAT session. (CVE-2013-0213) A flaw was found in the Cross-Site Request Forgery (CSRF) protection mechanism implemented in SWAT. An attacker with the knowledge of a victim last seen 2020-06-01 modified 2020-06-02 plugin id 70346 published 2013-10-09 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/70346 title Oracle Linux 5 : samba3x (ELSA-2013-1310) NASL family SuSE Local Security Checks NASL id SUSE_11_CIFS-MOUNT-130806.NASL description The Samba server suite received a security update to fix a denial of service problem in integer wrap protection. (CVE-2013-4124). Additionally, the following stability fixes are included in this update : - Do not restart the smbfs service on pre-11.3 systems during dhcp lease renewal when the IP address remains the same. (bnc#800782) - Fix smbclient recursive mget EPERM handling. (bnc#786350) - Fix SMB1 Session Setup AndX handling with a large krb PAC. (bnc#802031) - Fix periodic printcap cache reloads. (bnc#807334) - Fix AD printer publishing. (bnc#798856) - Add extra attributes for AD printer publishing. (bnc#798856) - Fix is_printer_published GUID retrieval. (bnc#798856) - Fix vfs_catia module. (bnc#824833) - Don last seen 2020-06-05 modified 2013-09-20 plugin id 70018 published 2013-09-20 reporter This script is Copyright (C) 2013-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/70018 title SuSE 11.2 Security Update : Samba (SAT Patch Number 8170) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2013-1542.NASL description From Red Hat Security Advisory 2013:1542 : Updated samba packages that fix three security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Samba is an open source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. It was discovered that the Samba Web Administration Tool (SWAT) did not protect against being opened in a web page frame. A remote attacker could possibly use this flaw to conduct a clickjacking attack against SWAT users or users with an active SWAT session. (CVE-2013-0213) A flaw was found in the Cross-Site Request Forgery (CSRF) protection mechanism implemented in SWAT. An attacker with the knowledge of a victim last seen 2020-06-01 modified 2020-06-02 plugin id 71103 published 2013-11-27 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/71103 title Oracle Linux 6 : samba (ELSA-2013-1542) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2014-0305.NASL description From Red Hat Security Advisory 2014:0305 : Updated samba packages that fix three security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Samba is an open source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. It was discovered that the Samba Web Administration Tool (SWAT) did not protect against being opened in a web page frame. A remote attacker could possibly use this flaw to conduct a clickjacking attack against SWAT users or users with an active SWAT session. (CVE-2013-0213) A flaw was found in the Cross-Site Request Forgery (CSRF) protection mechanism implemented in SWAT. An attacker with the knowledge of a victim last seen 2020-06-01 modified 2020-06-02 plugin id 73070 published 2014-03-18 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/73070 title Oracle Linux 5 : samba (ELSA-2014-0305) NASL family Fedora Local Security Checks NASL id FEDORA_2014-9132.NASL description Update to Samba 4.0.21. CVE-2014-3560. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2014-08-20 plugin id 77268 published 2014-08-20 reporter This script is Copyright (C) 2014-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/77268 title Fedora 19 : samba-4.0.21-1.fc19 (2014-9132) NASL family Scientific Linux Local Security Checks NASL id SL_20131121_SAMBA4_ON_SL6_X.NASL description An integer overflow flaw was found in the way Samba handled an Extended Attribute (EA) list provided by a client. A malicious client could send a specially crafted EA list that triggered an overflow, causing the server to loop and reprocess the list using an excessive amount of memory. (CVE-2013-4124) Note: This issue did not affect the default configuration of the Samba server. This update fixes the following bugs : - When Samba was installed in the build root directory, the RPM target might not have existed. Consequently, the find-debuginfo.sh script did not create symbolic links for the libwbclient.so.debug module associated with the target. With this update, the paths to the symbolic links are relative so that the symbolic links are now created correctly. - Previously, the samba4 packages were missing a dependency for the libreplace.so module which could lead to installation failures. With this update, the missing dependency has been added to the dependency list of the samba4 packages and installation now proceeds as expected. last seen 2020-03-18 modified 2013-12-04 plugin id 71200 published 2013-12-04 reporter This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/71200 title Scientific Linux Security Update : samba4 on SL6.x i386/x86_64 (20131121) NASL family Solaris Local Security Checks NASL id SOLARIS11_SAMBA_20140102.NASL description The remote Solaris system is missing necessary patches to address security updates : - Integer overflow in the read_nttrans_ea_list function in nttrans.c in smbd in Samba 3.x before 3.5.22, 3.6.x before 3.6.17, and 4.x before 4.0.8 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet. (CVE-2013-4124) last seen 2020-06-01 modified 2020-06-02 plugin id 80764 published 2015-01-19 reporter This script is Copyright (C) 2015-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/80764 title Oracle Solaris Third-Party Patch Update : samba (cve_2013_4124_denial_of) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2013-1543.NASL description Updated samba4 packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Samba is an open source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. An integer overflow flaw was found in the way Samba handled an Extended Attribute (EA) list provided by a client. A malicious client could send a specially crafted EA list that triggered an overflow, causing the server to loop and reprocess the list using an excessive amount of memory. (CVE-2013-4124) Note: This issue did not affect the default configuration of the Samba server. This update fixes the following bugs : * When Samba was installed in the build root directory, the RPM target might not have existed. Consequently, the find-debuginfo.sh script did not create symbolic links for the libwbclient.so.debug module associated with the target. With this update, the paths to the symbolic links are relative so that the symbolic links are now created correctly. (BZ#882338) * Previously, the samba4 packages were missing a dependency for the libreplace.so module which could lead to installation failures. With this update, the missing dependency has been added to the dependency list of the samba4 packages and installation now proceeds as expected. (BZ#911264) All samba4 users are advised to upgrade to these updated packages, which contain a backported patch to correct these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 79160 published 2014-11-12 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/79160 title CentOS 6 : samba4 (CESA-2013:1543) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2013-1310.NASL description Updated samba3x packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Samba is an open source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. It was discovered that the Samba Web Administration Tool (SWAT) did not protect against being opened in a web page frame. A remote attacker could possibly use this flaw to conduct a clickjacking attack against SWAT users or users with an active SWAT session. (CVE-2013-0213) A flaw was found in the Cross-Site Request Forgery (CSRF) protection mechanism implemented in SWAT. An attacker with the knowledge of a victim last seen 2020-04-16 modified 2013-10-01 plugin id 70245 published 2013-10-01 reporter This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/70245 title RHEL 5 : samba3x (RHSA-2013:1310) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2013-1543.NASL description From Red Hat Security Advisory 2013:1543 : Updated samba4 packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Samba is an open source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. An integer overflow flaw was found in the way Samba handled an Extended Attribute (EA) list provided by a client. A malicious client could send a specially crafted EA list that triggered an overflow, causing the server to loop and reprocess the list using an excessive amount of memory. (CVE-2013-4124) Note: This issue did not affect the default configuration of the Samba server. This update fixes the following bugs : * When Samba was installed in the build root directory, the RPM target might not have existed. Consequently, the find-debuginfo.sh script did not create symbolic links for the libwbclient.so.debug module associated with the target. With this update, the paths to the symbolic links are relative so that the symbolic links are now created correctly. (BZ#882338) * Previously, the samba4 packages were missing a dependency for the libreplace.so module which could lead to installation failures. With this update, the missing dependency has been added to the dependency list of the samba4 packages and installation now proceeds as expected. (BZ#911264) All samba4 users are advised to upgrade to these updated packages, which contain a backported patch to correct these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 71104 published 2013-11-27 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/71104 title Oracle Linux 6 : samba4 (ELSA-2013-1543) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2013-1542.NASL description Updated samba packages that fix three security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Samba is an open source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. It was discovered that the Samba Web Administration Tool (SWAT) did not protect against being opened in a web page frame. A remote attacker could possibly use this flaw to conduct a clickjacking attack against SWAT users or users with an active SWAT session. (CVE-2013-0213) A flaw was found in the Cross-Site Request Forgery (CSRF) protection mechanism implemented in SWAT. An attacker with the knowledge of a victim last seen 2020-06-01 modified 2020-06-02 plugin id 71002 published 2013-11-21 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/71002 title RHEL 6 : samba (RHSA-2013:1542) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2013-1310.NASL description Updated samba3x packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Samba is an open source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. It was discovered that the Samba Web Administration Tool (SWAT) did not protect against being opened in a web page frame. A remote attacker could possibly use this flaw to conduct a clickjacking attack against SWAT users or users with an active SWAT session. (CVE-2013-0213) A flaw was found in the Cross-Site Request Forgery (CSRF) protection mechanism implemented in SWAT. An attacker with the knowledge of a victim last seen 2020-06-01 modified 2020-06-02 plugin id 79150 published 2014-11-12 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/79150 title CentOS 5 : samba3x (CESA-2013:1310) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2014-0305.NASL description Updated samba packages that fix three security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Samba is an open source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. It was discovered that the Samba Web Administration Tool (SWAT) did not protect against being opened in a web page frame. A remote attacker could possibly use this flaw to conduct a clickjacking attack against SWAT users or users with an active SWAT session. (CVE-2013-0213) A flaw was found in the Cross-Site Request Forgery (CSRF) protection mechanism implemented in SWAT. An attacker with the knowledge of a victim last seen 2020-06-01 modified 2020-06-02 plugin id 73063 published 2014-03-18 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/73063 title CentOS 5 : samba (CESA-2014:0305) NASL family Fedora Local Security Checks NASL id FEDORA_2013-14355.NASL description Update to 4.0.8 (CVE-2013-4124). Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2013-08-15 plugin id 69362 published 2013-08-15 reporter This script is Copyright (C) 2013-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/69362 title Fedora 18 : samba-4.0.8-1.fc18 (2013-14355)
Redhat
advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
rpms |
|
Seebug
bulletinFamily exploit description BUGTRAQ ID: 61597 CVE(CAN) ID: CVE-2013-4124 Samba是一套实现SMB(Server Messages Block)协议、跨平台进行文件共享和打印共享服务的程序。 Samba 3.0.0-4.0.7在已验证或客户端连接的实现上存在拒绝服务漏洞,恶意报文可造成smbd服务器CPU循环执行内存分配,导致拒绝服务。要利用此漏洞需要一个文件共享连接或本地账户。 0 Samba 4.x Samba 3.x 厂商补丁: Samba ----- Samba已经为此发布了一个安全公告(CVE-2013-4124)以及相应补丁: CVE-2013-4124:Denial of service - CPU loop and memory allocation. 链接:http://www.samba.org/samba/security/CVE-2013-4124 补丁下载:http://www.samba.org/samba/security/ id SSV:60939 last seen 2017-11-19 modified 2013-08-11 published 2013-08-11 reporter Root title Samba 本地拒绝服务漏洞(CVE-2013-4124) bulletinFamily exploit description No description provided by source. id SSV:81370 last seen 2017-11-19 modified 2014-07-01 published 2014-07-01 reporter Root source https://www.seebug.org/vuldb/ssvid-81370 title Samba nttrans Reply - Integer Overflow Vulnerability
References
- http://archives.neohapsis.com/archives/bugtraq/2013-08/0028.html
- http://ftp.samba.org/pub/samba/patches/security/samba-4.0.7-CVE-2013-4124.patch
- http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113591.html
- http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114011.html
- http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136864.html
- http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00012.html
- http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00015.html
- http://marc.info/?l=bugtraq&m=141660010015249&w=2
- http://osvdb.org/95969
- http://rhn.redhat.com/errata/RHSA-2013-1310.html
- http://rhn.redhat.com/errata/RHSA-2013-1542.html
- http://rhn.redhat.com/errata/RHSA-2013-1543.html
- http://rhn.redhat.com/errata/RHSA-2014-0305.html
- http://secunia.com/advisories/54519
- http://security.gentoo.org/glsa/glsa-201502-15.xml
- http://www.mandriva.com/security/advisories?name=MDVSA-2013:207
- http://www.samba.org/samba/history/samba-3.5.22.html
- http://www.samba.org/samba/history/samba-3.6.17.html
- http://www.samba.org/samba/history/samba-4.0.8.html
- http://www.samba.org/samba/security/CVE-2013-4124
- http://www.securitytracker.com/id/1028882
- http://www.ubuntu.com/usn/USN-1966-1
- https://bugzilla.redhat.com/show_bug.cgi?id=984401
- https://exchange.xforce.ibmcloud.com/vulnerabilities/86185