CVE-2013-4408
CVE-2013-4408
Heap-based buffer overflow in the dcerpc_read_ncacn_packet_done function in librpc/rpc/dcerpc_util.c in winbindd in Samba 3.x before 3.6.22, 4.0.x before 4.0.13, and 4.1.x before 4.1.3 allows remote AD domain controllers to execute arbitrary code via an invalid fragment length in a DCE-RPC packet.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136864.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2014-June/134717.htmlhttp://lists.opensuse.org/opensuse-security-announce/2014-01/msg00002.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.htmlhttp://lists.opensuse.org/opensuse-updates/2013-12/msg00088.htmlhttp://lists.opensuse.org/opensuse-updates/2014-03/msg00063.htmlhttp://marc.info/?l=bugtraq&m=141660010015249&w=2http://rhn.redhat.com/errata/RHSA-2013-1805.htmlhttp://rhn.redhat.com/errata/RHSA-2013-1806.htmlhttp://rhn.redhat.com/errata/RHSA-2014-0009.htmlhttp://security.gentoo.org/glsa/glsa-201502-15.xml