CVE-2016-2123

See a problem?

Source

https://nvd.nist.gov/vuln/detail/CVE-2016-2123

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-2123.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2016-2123

Related

Published

2018-11-01T13:29:00Z

Modified

2024-09-18T02:24:57.565612Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

A flaw was found in samba versions 4.0.0 to 4.5.2. The Samba routine ndrpulldnspname contains an integer wrap problem, leading to an attacker-controlled memory overwrite. ndrpulldnspname parses data from the Samba Active Directory ldb database. Any user who can write to the dnsRecord attribute over LDAP can trigger this memory corruption. By default, all authenticated LDAP users can write to the dnsRecord attribute on new DNS objects. This makes the defect a remote privilege escalation.

References

Affected packages

Alpine:v3.2 / samba

Package

Name: samba
Purl: pkg:apk/alpine/samba?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.2.14-r1

Affected versions

3.*

3.2.8-r0

3.2.8-r1

3.2.10-r0

3.2.11-r0

3.2.11-r1

3.3.4-r0

3.3.5-r0

3.3.5-r1

3.3.5-r2

3.3.6-r0

3.3.7-r0

3.3.7-r1

3.3.7-r2

3.3.7-r3

3.3.7-r4

3.3.8-r0

3.4.3-r0

3.4.3-r1

3.4.4-r0

3.4.5-r0

3.4.5-r1

3.4.7-r0

3.4.7-r1

3.5.2-r0

3.5.3-r0

3.5.4-r0

3.5.4-r1

3.5.5-r0

3.5.6-r0

3.5.6-r1

3.5.6-r2

3.5.6-r3

3.5.6-r4

3.5.7-r0

3.5.8-r0

3.5.9-r0

3.5.9-r1

3.5.10-r0

3.5.11-r0

3.6.1-r0

3.6.1-r1

3.6.1-r2

3.6.2-r0

3.6.3-r0

3.6.4-r0

3.6.4-r1

3.6.5-r0

3.6.6-r0

3.6.7-r0

3.6.7-r1

3.6.8-r0

3.6.8-r1

3.6.9-r0

3.6.10-r0

3.6.11-r0

3.6.12-r0

3.6.13-r0

3.6.13-r1

3.6.15-r0

3.6.16-r0

3.6.19-r0

3.6.19-r1

4.*

4.1.0-r1

4.1.0-r2

4.1.1-r0

4.1.2-r0

4.1.3-r0

4.1.3-r1

4.1.3-r2

4.1.4-r0

4.1.5-r0

4.1.5-r1

4.1.6-r0

4.1.7-r0

4.1.8-r0

4.1.9-r0

4.1.10-r0

4.1.11-r0

4.1.12-r0

4.1.13-r0

4.1.14-r0

4.1.14-r1

4.1.15-r0

4.1.16-r0

4.1.17-r0

4.2.0-r0

4.2.0-r1

4.2.1-r0

4.2.1-r1

4.2.1-r2

4.2.7-r0

4.2.9-r0

4.2.11-r0

4.2.14-r0

Alpine:v3.3 / samba

Package

Name: samba
Purl: pkg:apk/alpine/samba?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.2.14-r1

Affected versions

3.*

3.2.8-r0

3.2.8-r1

3.2.10-r0

3.2.11-r0

3.2.11-r1

3.3.4-r0

3.3.5-r0

3.3.5-r1

3.3.5-r2

3.3.6-r0

3.3.7-r0

3.3.7-r1

3.3.7-r2

3.3.7-r3

3.3.7-r4

3.3.8-r0

3.4.3-r0

3.4.3-r1

3.4.4-r0

3.4.5-r0

3.4.5-r1

3.4.7-r0

3.4.7-r1

3.5.2-r0

3.5.3-r0

3.5.4-r0

3.5.4-r1

3.5.5-r0

3.5.6-r0

3.5.6-r1

3.5.6-r2

3.5.6-r3

3.5.6-r4

3.5.7-r0

3.5.8-r0

3.5.9-r0

3.5.9-r1

3.5.10-r0

3.5.11-r0

3.6.1-r0

3.6.1-r1

3.6.1-r2

3.6.2-r0

3.6.3-r0

3.6.4-r0

3.6.4-r1

3.6.5-r0

3.6.6-r0

3.6.7-r0

3.6.7-r1

3.6.8-r0

3.6.8-r1

3.6.9-r0

3.6.10-r0

3.6.11-r0

3.6.12-r0

3.6.13-r0

3.6.13-r1

3.6.15-r0

3.6.16-r0

3.6.19-r0

3.6.19-r1

4.*

4.1.0-r1

4.1.0-r2

4.1.1-r0

4.1.2-r0

4.1.3-r0

4.1.3-r1

4.1.3-r2

4.1.4-r0

4.1.5-r0

4.1.5-r1

4.1.6-r0

4.1.7-r0

4.1.8-r0

4.1.9-r0

4.1.10-r0

4.1.11-r0

4.1.12-r0

4.1.13-r0

4.1.14-r0

4.1.14-r1

4.1.15-r0

4.1.16-r0

4.1.17-r0

4.2.0-r0

4.2.0-r1

4.2.1-r0

4.2.1-r1

4.2.1-r2

4.2.3-r0

4.2.3-r1

4.2.3-r2

4.2.3-r3

4.2.7-r0

4.2.9-r0

4.2.11-r0

4.2.14-r0

Alpine:v3.4 / samba

Package

Name: samba
Purl: pkg:apk/alpine/samba?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.4.5-r2

Affected versions

3.*

3.2.8-r0

3.2.8-r1

3.2.10-r0

3.2.11-r0

3.2.11-r1

3.3.4-r0

3.3.5-r0

3.3.5-r1

3.3.5-r2

3.3.6-r0

3.3.7-r0

3.3.7-r1

3.3.7-r2

3.3.7-r3

3.3.7-r4

3.3.8-r0

3.4.3-r0

3.4.3-r1

3.4.4-r0

3.4.5-r0

3.4.5-r1

3.4.7-r0

3.4.7-r1

3.5.2-r0

3.5.3-r0

3.5.4-r0

3.5.4-r1

3.5.5-r0

3.5.6-r0

3.5.6-r1

3.5.6-r2

3.5.6-r3

3.5.6-r4

3.5.7-r0

3.5.8-r0

3.5.9-r0

3.5.9-r1

3.5.10-r0

3.5.11-r0

3.6.1-r0

3.6.1-r1

3.6.1-r2

3.6.2-r0

3.6.3-r0

3.6.4-r0

3.6.4-r1

3.6.5-r0

3.6.6-r0

3.6.7-r0

3.6.7-r1

3.6.8-r0

3.6.8-r1

3.6.9-r0

3.6.10-r0

3.6.11-r0

3.6.12-r0

3.6.13-r0

3.6.13-r1

3.6.15-r0

3.6.16-r0

3.6.19-r0

3.6.19-r1

4.*

4.1.0-r1

4.1.0-r2

4.1.1-r0

4.1.2-r0

4.1.3-r0

4.1.3-r1

4.1.3-r2

4.1.4-r0

4.1.5-r0

4.1.5-r1

4.1.6-r0

4.1.7-r0

4.1.8-r0

4.1.9-r0

4.1.10-r0

4.1.11-r0

4.1.12-r0

4.1.13-r0

4.1.14-r0

4.1.14-r1

4.1.15-r0

4.1.16-r0

4.1.17-r0

4.2.0-r0

4.2.0-r1

4.2.1-r0

4.2.1-r1

4.2.1-r2

4.2.3-r0

4.2.3-r1

4.2.3-r2

4.2.3-r3

4.2.7-r0

4.2.9-r0

4.2.9-r1

4.4.2-r0

4.4.2-r1

4.4.3-r0

4.4.5-r0

4.4.5-r1

Debian:11 / samba

Package

Name: samba
Purl: pkg:deb/debian/samba?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:4.5.2+dfsg-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / samba

Package

Name: samba
Purl: pkg:deb/debian/samba?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:4.5.2+dfsg-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / samba

Package

Name: samba
Purl: pkg:deb/debian/samba?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:4.5.2+dfsg-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/samba-team/samba

Affected ranges

Type: GIT
Repo: https://github.com/samba-team/samba
Events: Introduced

b85f6018c803fb9aad82820d4b5505179ec5bac3

Fixed

09348d38684215a34b091dd98ea7df21fc07f32c

Affected versions

samba-4.*

samba-4.3.0

samba-4.3.1

samba-4.3.10

samba-4.3.11

samba-4.3.12

samba-4.3.2

samba-4.3.3

samba-4.3.4

samba-4.3.5

samba-4.3.6

samba-4.3.7

samba-4.3.8

samba-4.3.9