Launchpad CVE tracker

CVE 2013-4408

Heap-based buffer overflow in the dcerpc_read_ncacn_packet_done function in librpc/rpc/dcerpc_util.c in winbindd in Samba 3.x before 3.6.22, 4.0.x before 4.0.13, and 4.1.x before 4.1.3 allows remote AD domain controllers to execute arbitrary code via an invalid fragment length in a DCE-RPC packet.

Related bugs and status

CVE-2013-4408 (Candidate) is related to these bugs:

Bug #1261871: Buffer overrun while parsing DCE-RPC packets

Summary				In	Importance	Status
	1261871	Buffer overrun while parsing DCE-RPC packets		samba (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://www.securityfoc...
MISC: http://www.debian.org/...
MISC: http://lists.fedorapro...
MISC: http://lists.fedorapro...
MISC: http://security.gentoo...
MISC: http://www.mandriva.co...
MISC: http://rhn.redhat.com/...
MISC: http://rhn.redhat.com/...
MISC: http://rhn.redhat.com/...
MISC: http://marc.info/?l=bu...
MISC: http://lists.opensuse....
MISC: http://www.ubuntu.com/...
MISC: http://www.samba.org/s...
MISC: http://www.samba.org/s...
MISC: http://lists.opensuse....
MISC: http://lists.opensuse....
MISC: http://lists.opensuse....
MISC: http://lists.opensuse....

Launchpad.net

CVE 2013-4408

Related bugs and status

Related bugs

References