Guest

Preview Tool

Cisco Bug: CSCum09569 - [PSIRT] VXC-6215 - Samba winbindd Root Level Compromise CVE-2013-4408

Last Modified

Jan 30, 2020

Products (1)

  • Cisco Virtualization Experience Client 6000 Series

Known Affected Releases

9.3(0) 9.7(0)

Description (partial)

Symptom:
This bug is to investigate the impact of a heap-based buffer overflow in the Samba code. Specifically, a heap-based buffer overflow in the
dcerpc_read_ncacn_packet_done function in librpc/rpc/dcerpc_util.c in winbindd in Samba 3.x before 3.6.22, 4.0.x before 4.0.13, and 4.1.x before
4.1.3 allows remote AD domain controllers to execute arbitrary code via an invalid fragment length in a DCE-RPC packet.

Conditions:
None
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.