Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to execute arbitrary code via a crafted RPC call.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Samba任意代码执行漏洞
Vulnerability Description
Samba是Samba团队开发的一套可使UNIX系列的操作系统与微软Windows操作系统的SMB/CIFS网络协议做连结的自由软件。该软件支持共享打印机、互相传输资料文件等。 Samba 3.4.16之前的3.x版本、3.5.14之前的3.5.x版本和3.6.4之前的3.6.x版本中的RPC代码生成器中存在漏洞,该漏洞源于未实现以验证数组内存分配的方式对数组长度进行验证。远程攻击者可利用该漏洞借助特制RPC调用执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A