CVE-2012-1182

Publication date 10 April 2012

Last updated 24 July 2024

The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to execute arbitrary code via a crafted RPC call.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
samba	11.10 oneiric	Fixed 2:3.5.11~dfsg-1ubuntu2.2
	11.04 natty	Fixed 2:3.5.8~dfsg-1ubuntu2.4
	10.10 maverick	Ignored
	10.04 LTS lucid	Fixed 2:3.4.7~dfsg-1ubuntu3.9
	8.04 LTS hardy	Fixed 3.0.28a-1ubuntu4.18

How can I get the fixes?
What do statuses mean?

Notes

sbeattie

in hardy, the 3.0 reproducer leads to a glibc backtrace

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-1423-1
Samba vulnerability
13 April 2012

Other references

https://www.samba.org/samba/security/CVE-2012-1182
https://www.cve.org/CVERecord?id=CVE-2012-1182