CVE-2016-0771

Loading...

General

Score:4.9/10.0
Severity:Low
Category:Buffer Error

Impact Metrics

Confidentiality:Partial
Integrity:None
Availability:Partial

Exploitability Metrics

Access Vector:Network
Access Complexity:Medium
Authentication:None

Relative vulnerabilities

CVE-2013-0213, CVE-2013-0214, CVE-2015-7560

Published on 13/03/16 - Updated on 03/12/16

Description

The internal DNS server in Samba 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4, when an AD DC is configured, allows remote authenticated users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory by uploading a crafted DNS TXT record.

Category: Buffer Error

CWE-119 (Buffer Errors)
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

Security Notices

US National Vulnerability DatabaseCVE-2016-0771
Agence Nationale de la Sécurité des Systèmes d'Information CERTFR-2016-AVI-084
Debian DSA-3514-1
Renater 2016/VULN099
Ubuntu USN-2922-1

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
sambasamba

Share this vulnerability with:

Twitter Facebook LinkedIn Mail