CVE-2013-4124

Loading...

General

Score:5.0/10.0
Severity:Medium
Category:Numeric Error
Exploit:Available

Impact Metrics

Confidentiality:None
Integrity:None
Availability:Partial

Exploitability Metrics

Access Vector:Network
Access Complexity:Low
Authentication:None

Relative vulnerabilities

CVE-2007-2444, CVE-2007-2446, CVE-2007-2447, CVE-2008-1105, CVE-2008-3789, CVE-2008-4314, CVE-2009-2813, CVE-2009-2906, CVE-2009-2948, CVE-2009-3297, CVE-2010-0728, CVE-2010-3069, CVE-2011-0719, CVE-2011-2522, CVE-2011-2694, CVE-2012-1182, CVE-2012-2111, CVE-2012-6150, CVE-2013-0213, CVE-2013-0214, CVE-2013-4408, CVE-2013-4475, CVE-2013-4496, CVE-2013-6442, CVE-2014-0244, CVE-2014-3493, CVE-2015-0240, CVE-2015-5252, CVE-2015-5296, CVE-2015-5299, CVE-2015-5330, CVE-2015-5370, CVE-2015-7560, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2115, CVE-2016-2118, CVE-2016-2125, CVE-2016-2126, CVE-2017-12150, CVE-2017-12163, CVE-2017-2619, CVE-2017-7494, CVE-2018-1050

Published on 06/08/13 - Updated on 30/10/18

Description

Integer overflow in the read_nttrans_ea_list function in nttrans.c in smbd in Samba 3.x before 3.5.22, 3.6.x before 3.6.17, and 4.x before 4.0.8 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet.

Category: Numeric Error

CWE-189 (Numeric Errors)
Weaknesses in this category are related to improper calculation or conversion of numbers.

Security Notices

US National Vulnerability DatabaseCVE-2013-4124
Agence Nationale de la Sécurité des Systèmes d'Information CERTA-2013-AVI-469, CERTA-2013-AVI-590, CERTFR-2014-AVI-112, CERTFR-2014-AVI-193
CentOS CESA-2013:1310, CESA-2013:1542, CESA-2013:1543, CESA-2014:0305
Oracle Linux ELSA-2013-1310, ELSA-2013-1542, ELSA-2013-1543, ELSA-2014-0305, ELSA-2017-0662, ELSA-2018-1860
Redhat RHSA-2013:1310, RHSA-2013:1542, RHSA-2013:1543, RHSA-2014:0305
Renater 2013/VULN331
SUSE SUSE-SU-2013:1468, SUSE-SU-2013:1469, SUSE-SU-2013:1522, SUSE-SU-2014:0723
Ubuntu USN-1966-1

Exploits

Exploit-DBEDB-27778

Relative technologies

VendorProduct
canonicalubuntu_linux
fedoraprojectfedora
opensuseopensuse
redhatenterprise_linux
sambasamba

Share this vulnerability with:

Twitter Facebook LinkedIn Mail