1
PublicDateAtUSN: 2016-12-19
2
Candidate: CVE-2016-2123
6
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2123
7
https://www.samba.org/samba/security/CVE-2016-2123.html
8
https://usn.ubuntu.com/usn/usn-3158-1
10
Samba NDR Parsing ndr_pull_dnsp_name Heap-based Buffer Overflow Remote
11
Code Execution Vulnerability
13
Frederic Besler and others discovered that the routine
14
ndr_pull_dnsp_nam in Samba contained an integer overflow. An
15
authenticated attacker could use this to gain administrative
20
https://bugzilla.samba.org/show_bug.cgi?id=12409
22
Discovered-by: Frederic Besler
26
upstream_samba: needs-triage
27
precise_samba: not-affected
28
precise/esm_samba: not-affected
29
trusty_samba: released (2:4.3.11+dfsg-0ubuntu0.14.04.4)
30
vivid/ubuntu-core_samba: DNE
31
vivid/stable-phone-overlay_samba: DNE
32
xenial_samba: released (2:4.3.11+dfsg-0ubuntu0.16.04.3)
33
yakkety_samba: released (2:4.4.5+dfsg-2ubuntu5.2)
34
zesty_samba: released (2:4.4.5+dfsg-2ubuntu7)
35
devel_samba: released (2:4.4.5+dfsg-2ubuntu7)
38
upstream_samba4: needs-triage
39
precise_samba4: ignored (reached end-of-life)
40
precise/esm_samba4: DNE (precise was needed)
42
vivid/ubuntu-core_samba4: DNE
43
vivid/stable-phone-overlay_samba4: DNE