Vulnerability Details : CVE-2016-0771
The internal DNS server in Samba 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4, when an AD DC is configured, allows remote authenticated users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory by uploading a crafted DNS TXT record.
Vulnerability category: OverflowDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2016-0771
Probability of exploitation activity in the next 30 days: 1.37%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 84 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2016-0771
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
4.9
|
MEDIUM | AV:N/AC:M/Au:S/C:P/I:N/A:P |
6.8
|
4.9
|
NIST |
5.9
|
MEDIUM | CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H |
1.6
|
4.2
|
NIST |
CWE ids for CVE-2016-0771
-
The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-0771
-
http://www.debian.org/security/2016/dsa-3514
Debian -- Security Information -- DSA-3514-1 samba
-
https://bugzilla.samba.org/show_bug.cgi?id=11686
Access Denied
-
https://www.samba.org/samba/security/CVE-2016-0771.html
Samba - Security Announcement ArchiveVendor Advisory
-
https://bugzilla.samba.org/show_bug.cgi?id=11128
Bug 11128 – ndr_push_error unexpected blob length is too large
-
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00063.html
[security-announce] openSUSE-SU-2016:0813-1: important: Security update
-
http://www.securityfocus.com/bid/84273
Samba CVE-2016-0771 Out of Bound Read Denial of Service Vulnerability
-
http://www.securitytracker.com/id/1035219
Samba Out-of-Bounds Read Error Lets Remote Users Deny Service or Obtain Potentially Sensitive Information - SecurityTracker
-
http://www.ubuntu.com/usn/USN-2922-1
USN-2922-1: Samba vulnerabilities | Ubuntu security notices
Products affected by CVE-2016-0771
- cpe:2.3:a:samba:samba:4.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.1.9:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.1.10:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.0.20:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.0.19:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.0.21:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.2.0:rc3:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.1.14:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.1.15:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.0.22:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.0.23:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.2.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.2.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.1.11:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.1.12:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.1.13:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.1.16:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.2.0:rc4:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.0.24:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.1.18:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.1.17:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.1.21:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.1.20:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.1.19:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.1.22:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.2.8:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.4.0:rc3:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.4.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:4.4.0:rc1:*:*:*:*:*:*