Launchpad has imported 14 comments from the remote bug at https://bugzilla.redhat.com/show_bug.cgi?id=804093.
If you reply to an imported comment from within Launchpad, your comment will be sent to the remote bug automatically. Read more about Launchpad's inter-bugtracker facilities at https://help.launchpad.net/InterBugTracking. ------------------------------------------------------------------------ On 2012-03-16T14:12:07+00:00 Jan wrote: Multiple heap-based buffer overflow flaws were found in the way the code generated by Perl-based DCE/RPC IDL (PIDL) compiler of the Samba suite performed array memory allocation. Memory for an array having an is_size() attribute has been allocated based on the array length, which was provided by the Network Data Representation (NDR) marshalling code (converting parameters provided to the RPC call by the client to the NDR). On the other hand the loop retrieving array elements for a particular array used variable indicated by the size_is() attribute. A remote attacker could provide a specially-crafted remote procedure call (RPC) parameters, which once processed by the marshalling code of the Samba server would lead to Samba daemon (smbd) crash, or, potentially arbitrary code execution with the privileges of the user running the server. Reply at: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/978458/comments/0 ------------------------------------------------------------------------ On 2012-04-10T16:44:20+00:00 Vincent wrote: This has been corrected in upstream 3.6.4, 3.5.14, and 3.4.16. External References: http://www.samba.org/samba/history/samba-3.6.4.html Reply at: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/978458/comments/1 ------------------------------------------------------------------------ On 2012-04-10T20:22:59+00:00 errata-xmlrpc wrote: This issue has been addressed in following products: Red Hat Enterprise Linux 5.6 EUS - Server Only Red Hat Enterprise Linux 5 Via RHSA-2012:0466 https://rhn.redhat.com/errata/RHSA-2012-0466.html Reply at: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/978458/comments/2 ------------------------------------------------------------------------ On 2012-04-10T21:13:14+00:00 errata-xmlrpc wrote: This issue has been addressed in following products: Red Hat Enterprise Linux 5.3 Long Life Red Hat Enterprise Linux 5.6 EUS - Server Only Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6.0 EUS - Server Only Red Hat Enterprise Linux 6.1 EUS - Server Only Red Hat Enterprise Linux 6 Via RHSA-2012:0465 https://rhn.redhat.com/errata/RHSA-2012-0465.html Reply at: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/978458/comments/3 ------------------------------------------------------------------------ On 2012-04-10T21:35:49+00:00 Vincent wrote: Created samba tracking bugs for this issue Affects: fedora-all [bug 811392] Reply at: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/978458/comments/4 ------------------------------------------------------------------------ On 2012-04-12T14:56:29+00:00 Gwyn wrote: Rawhide has been updated, updates have been created for f17, f16 and f15. Reply at: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/978458/comments/7 ------------------------------------------------------------------------ On 2012-04-13T08:50:14+00:00 Huzaifa wrote: Created samba4 tracking bugs for this issue Affects: fedora-all [bug 812257] Reply at: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/978458/comments/18 ------------------------------------------------------------------------ On 2012-04-13T13:54:40+00:00 errata-xmlrpc wrote: This issue has been addressed in following products: Red Hat Enterprise Linux 4 Extended Lifecycle Support Via RHSA-2012:0478 https://rhn.redhat.com/errata/RHSA-2012-0478.html Reply at: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/978458/comments/19 ------------------------------------------------------------------------ On 2012-04-25T13:27:15+00:00 Tomas wrote: Statement: This issue did not affect the versions of samba packages as shipped with Red Hat Enterprise Linux 3. The samba packages are also excluded from the Red Hat Enterprise Linux 3 Extended Life Cycle Support coverage: http://www.redhat.com/rhel/server/extended_lifecycle_support/exclusions/ Reply at: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/978458/comments/20 ------------------------------------------------------------------------ On 2012-05-15T23:28:25+00:00 Fedora wrote: samba4-4.0.0-38.alpha16.fc16 has been pushed to the Fedora 16 stable repository. If problems still persist, please make note of it in this bug report. Reply at: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/978458/comments/21 ------------------------------------------------------------------------ On 2012-09-07T03:52:48+00:00 Huzaifa wrote: Statement: This issue affects the version of samba4, openchange and evolution-mapi packages as shipped with Red Hat Enterprise Linux 6. A future security update may address this flaw. Reply at: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/978458/comments/22 ------------------------------------------------------------------------ On 2012-09-12T10:28:33+00:00 Huzaifa wrote: This flaw exists in the samba PIDL code, and therefore affects the PIDL compiler shipped within the samba4 package (samba4-pidl). However we do not ship any daemon with the samba4 package, hence the impact of this flaw on samba4 is very limited. The samba4-pidl compiler is also used to compile code in the openchange and evolution-mapi packages. These contain client side code for exchanging data with MAPI servers. In order to successfully exploit vulnerabilities in these packages, arising out of the above flaw in samba4-pidl, one will need to MITM the connection between these clients and the MAPI servers. Hence the impact on these packages is limited as well. Reply at: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/978458/comments/23 ------------------------------------------------------------------------ On 2013-02-21T08:45:59+00:00 errata-xmlrpc wrote: This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2013:0506 https://rhn.redhat.com/errata/RHSA-2013-0506.html Reply at: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/978458/comments/24 ------------------------------------------------------------------------ On 2013-02-21T10:20:42+00:00 errata-xmlrpc wrote: This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2013:0515 https://rhn.redhat.com/errata/RHSA-2013-0515.html Reply at: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/978458/comments/25 ** Changed in: samba (CentOS) Status: Unknown => Fix Released ** Changed in: samba (CentOS) Importance: Unknown => Critical ** Changed in: samba (Fedora) Status: Unknown => Fix Released ** Changed in: samba (Fedora) Importance: Unknown => Critical -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/978458 Title: CVE-2012-1182: "root" credential remote code execution To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/978458/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
