Professional OVAL Repository
[Eng]
[Rus]
[Sign-In]
OVAL
Search
Categories
RedCheck
About
OVAL Definitions
OVAL Items
FSTEC Data Bank Information Security Threats
NKCKI
EOL (End Of Life)
Linux Security Advisories
Mozilla Foundation Security Advisory
IBM
VMware
Cisco
Check Point Software Technologies
Apache
Solaris
FreeBSD
Development
GitHub Enterprise
Google Chrome Security Advisories
Oracle Security Advisories
Adobe Security Advisories
OpenSSL Security Advisories
Microsoft
CVE
CWE
CPE
Latest Updates
OS ROSA
ALT Linux
Astra Linux SE 1.5
Astra Linux SE 1.6
RED OS
DSA (Debian Security Advisory) Patсh Statistics
DSA (Debian Security Advisory) Patсh Feed
DSA (Debian Security Advisory) Vulnerability Feed
DLA (Debian Security Advisory) Patсh Statistics
DLA (Debian Security Advisory) Patсh Feed
DLA (Debian Security Advisory) Vulnerability Feed
ALT Linux (Security Bulletins) Patсh Statistics
ALT Linux (Security Bulletins) Patсh Feed
ALT Linux (Security Bulletins) Vulnerability Feed
RED OS (Security Bulletins) Patсh Statistics
RED OS (Security Bulletins) Patсh Feed
RED OS (Security Bulletins) Vulnerability Feed
USN (Ubuntu Security Notice) Patсh Statistics
USN (Ubuntu Security Notice) Patсh Feed
USN (Ubuntu Security Notice) Vulnerability Feed
RHSA (RedHat Security Advisory) Patсh Statistics
RHSA (RedHat Security Advisory) Patсh Feed
RHSA (RedHat Security Advisory) Vulnerability Feed
ELSA (Oracle Linux Security Advisory) Patсh Statistics
ELSA (Oracle Linux Security Advisory) Patсh Feed
ELSA (Oracle Linux Security Advisory) Vulnerability Feed
SUSE (SUSE Security Advisories) Patсh Statistics
SUSE (SUSE Security Advisories) Patсh Feed
SUSE (SUSE Security Advisories) Vulnerability Feed
openSUSE (openSUSE Security Advisories) Patсh Statistics
openSUSE (openSUSE Security Advisories) Patсh Feed
openSUSE (openSUSE Security Advisories) Vulnerability Feed
Amazon Linux AMI (Security Bulletins) Patсh Statistics
Amazon Linux AMI (Security Bulletins) Patсh Feed
Amazon Linux AMI (Security Bulletins) Vulnerability Feed
Mageia Linux (Security Bulletins) Patсh Statistics
Mageia Linux (Security Bulletins) Patсh Feed
Mageia Linux (Security Bulletins) Vulnerability Feed
OS ROSA SX COBALT 1.0
OS ROSA DX COBALT 1.0
ROSA 7.3 (Security Advisories) Patсh Statistics
ROSA 7.3 (Security Advisories) Patсh Feed
ROSA 7.3 (Security Advisories) Vulnerability Feed
ALT Linux SPT 6.0
ALT Linux SPT 7.0
ALT 8 SP
ALT 9
RED OS Murom 7.1
RED OS Murom 7.2
IBM DB2
VMware Vulnerabilities Advisory (VMSA)
VMware vCenter Patch Advisories
VMware ESXi Patch Advisories
VMware NSX Patches
VMware NSX Vulnerabilities
VMware Photon OS 1.0 Patches
VMware Photon OS 1.0 Vulnerabilities
VMware Photon OS 2.0 Patches
VMware Photon OS 2.0 Vulnerabilities
Cisco ASA
Cisco IOS/NX-OS Advisory
Cisco NX-OS Vulnerabilities
Check Point Gaia
Apache Tomcat Advisories
Apache Tomcat Server
Apache HTTP Server
Python
Node.js
RubyGems
Qt
Microsoft Security Bulletin
Microsoft Knowledge Base Article
Microsoft SharePoint
Microsoft SharePoint Foundation 2013
Microsoft SharePoint Server 2013
Microsoft SharePoint Server 2016
About OVALdb
User manual
Pricing
Contact us
OVAL Definitions
>
OVAL Definition Details
Id
oval:ru.altx-soft.nix:def:34773
[Eng]
Version
5
Class
vulnerability
ALTXid
204931
Language
Russian
Severity
Critical
Title
Red Hat/CentOS -- уязвимость в samba4, evolution-mapi, openchange, samba, samba3x (CVE-2012-1182)
Description
В продуктах samba4, evolution-mapi, openchange, samba, samba3x обнаружена уязвимость CVE-2012-1182.
Family
unix
Platform
CentOS Linux 5
CentOS Linux 6
Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
Product
evolution-mapi
openchange
samba
samba3x
samba4
Reference
packetstormsecurity: Samba-SetInformationPolicy-AuditEventsInfo-Heap-Overflow
packetstormsecurity: Samba-SetInformationPolicy-AuditEventsInfo-Heap-Overflow
Id:
Samba-SetInformationPolicy-AuditEventsInfo-Heap-Overflow
Reference:
https://packetstormsecurity.com/files/116953/Samba-SetInformationPolicy-AuditEventsInfo-Heap-Overflow.html
FSTEC: BDU:2015-09648
FSTEC: BDU:2015-09648
Id:
BDU:2015-09648
Reference:
https://bdu.fstec.ru/vul/2015-09648
FSTEC: BDU:2015-08829
FSTEC: BDU:2015-08829
Id:
BDU:2015-08829
Reference:
https://bdu.fstec.ru/vul/2015-08829
FSTEC: BDU:2015-07557
FSTEC: BDU:2015-07557
Id:
BDU:2015-07557
Reference:
https://bdu.fstec.ru/vul/2015-07557
FSTEC: BDU:2015-05452
FSTEC: BDU:2015-05452
Id:
BDU:2015-05452
Reference:
https://bdu.fstec.ru/vul/2015-05452
FSTEC: BDU:2015-05451
FSTEC: BDU:2015-05451
Id:
BDU:2015-05451
Reference:
https://bdu.fstec.ru/vul/2015-05451
FSTEC: BDU:2015-05450
FSTEC: BDU:2015-05450
Id:
BDU:2015-05450
Reference:
https://bdu.fstec.ru/vul/2015-05450
FSTEC: BDU:2015-05449
FSTEC: BDU:2015-05449
Id:
BDU:2015-05449
Reference:
https://bdu.fstec.ru/vul/2015-05449
FSTEC: BDU:2015-05448
FSTEC: BDU:2015-05448
Id:
BDU:2015-05448
Reference:
https://bdu.fstec.ru/vul/2015-05448
FSTEC: BDU:2015-05447
FSTEC: BDU:2015-05447
Id:
BDU:2015-05447
Reference:
https://bdu.fstec.ru/vul/2015-05447
FSTEC: BDU:2015-05446
FSTEC: BDU:2015-05446
Id:
BDU:2015-05446
Reference:
https://bdu.fstec.ru/vul/2015-05446
FSTEC: BDU:2015-05445
FSTEC: BDU:2015-05445
Id:
BDU:2015-05445
Reference:
https://bdu.fstec.ru/vul/2015-05445
FSTEC: BDU:2015-05444
FSTEC: BDU:2015-05444
Id:
BDU:2015-05444
Reference:
https://bdu.fstec.ru/vul/2015-05444
FSTEC: BDU:2015-05443
FSTEC: BDU:2015-05443
Id:
BDU:2015-05443
Reference:
https://bdu.fstec.ru/vul/2015-05443
FSTEC: BDU:2015-05442
FSTEC: BDU:2015-05442
Id:
BDU:2015-05442
Reference:
https://bdu.fstec.ru/vul/2015-05442
FSTEC: BDU:2015-05441
FSTEC: BDU:2015-05441
Id:
BDU:2015-05441
Reference:
https://bdu.fstec.ru/vul/2015-05441
FSTEC: BDU:2015-05440
FSTEC: BDU:2015-05440
Id:
BDU:2015-05440
Reference:
https://bdu.fstec.ru/vul/2015-05440
FSTEC: BDU:2015-05439
FSTEC: BDU:2015-05439
Id:
BDU:2015-05439
Reference:
https://bdu.fstec.ru/vul/2015-05439
FSTEC: BDU:2015-05438
FSTEC: BDU:2015-05438
Id:
BDU:2015-05438
Reference:
https://bdu.fstec.ru/vul/2015-05438
FSTEC: BDU:2015-05437
FSTEC: BDU:2015-05437
Id:
BDU:2015-05437
Reference:
https://bdu.fstec.ru/vul/2015-05437
FSTEC: BDU:2015-05436
FSTEC: BDU:2015-05436
Id:
BDU:2015-05436
Reference:
https://bdu.fstec.ru/vul/2015-05436
FSTEC: BDU:2015-05435
FSTEC: BDU:2015-05435
Id:
BDU:2015-05435
Reference:
https://bdu.fstec.ru/vul/2015-05435
FSTEC: BDU:2015-05434
FSTEC: BDU:2015-05434
Id:
BDU:2015-05434
Reference:
https://bdu.fstec.ru/vul/2015-05434
FSTEC: BDU:2015-05433
FSTEC: BDU:2015-05433
Id:
BDU:2015-05433
Reference:
https://bdu.fstec.ru/vul/2015-05433
FSTEC: BDU:2015-05432
FSTEC: BDU:2015-05432
Id:
BDU:2015-05432
Reference:
https://bdu.fstec.ru/vul/2015-05432
FSTEC: BDU:2015-05431
FSTEC: BDU:2015-05431
Id:
BDU:2015-05431
Reference:
https://bdu.fstec.ru/vul/2015-05431
FSTEC: BDU:2015-05430
FSTEC: BDU:2015-05430
Id:
BDU:2015-05430
Reference:
https://bdu.fstec.ru/vul/2015-05430
FSTEC: BDU:2015-05429
FSTEC: BDU:2015-05429
Id:
BDU:2015-05429
Reference:
https://bdu.fstec.ru/vul/2015-05429
FSTEC: BDU:2015-05428
FSTEC: BDU:2015-05428
Id:
BDU:2015-05428
Reference:
https://bdu.fstec.ru/vul/2015-05428
FSTEC: BDU:2015-05427
FSTEC: BDU:2015-05427
Id:
BDU:2015-05427
Reference:
https://bdu.fstec.ru/vul/2015-05427
FSTEC: BDU:2015-05426
FSTEC: BDU:2015-05426
Id:
BDU:2015-05426
Reference:
https://bdu.fstec.ru/vul/2015-05426
FSTEC: BDU:2015-05425
FSTEC: BDU:2015-05425
Id:
BDU:2015-05425
Reference:
https://bdu.fstec.ru/vul/2015-05425
FSTEC: BDU:2015-05424
FSTEC: BDU:2015-05424
Id:
BDU:2015-05424
Reference:
https://bdu.fstec.ru/vul/2015-05424
FSTEC: BDU:2015-05423
FSTEC: BDU:2015-05423
Id:
BDU:2015-05423
Reference:
https://bdu.fstec.ru/vul/2015-05423
FSTEC: BDU:2015-05422
FSTEC: BDU:2015-05422
Id:
BDU:2015-05422
Reference:
https://bdu.fstec.ru/vul/2015-05422
FSTEC: BDU:2015-05421
FSTEC: BDU:2015-05421
Id:
BDU:2015-05421
Reference:
https://bdu.fstec.ru/vul/2015-05421
FSTEC: BDU:2015-05420
FSTEC: BDU:2015-05420
Id:
BDU:2015-05420
Reference:
https://bdu.fstec.ru/vul/2015-05420
FSTEC: BDU:2015-05419
FSTEC: BDU:2015-05419
Id:
BDU:2015-05419
Reference:
https://bdu.fstec.ru/vul/2015-05419
FSTEC: BDU:2015-05418
FSTEC: BDU:2015-05418
Id:
BDU:2015-05418
Reference:
https://bdu.fstec.ru/vul/2015-05418
FSTEC: BDU:2015-05417
FSTEC: BDU:2015-05417
Id:
BDU:2015-05417
Reference:
https://bdu.fstec.ru/vul/2015-05417
FSTEC: BDU:2015-05416
FSTEC: BDU:2015-05416
Id:
BDU:2015-05416
Reference:
https://bdu.fstec.ru/vul/2015-05416
FSTEC: BDU:2015-05415
FSTEC: BDU:2015-05415
Id:
BDU:2015-05415
Reference:
https://bdu.fstec.ru/vul/2015-05415
FSTEC: BDU:2015-05414
FSTEC: BDU:2015-05414
Id:
BDU:2015-05414
Reference:
https://bdu.fstec.ru/vul/2015-05414
CVE: CVE-2012-1182
CVE: CVE-2012-1182
Id:
CVE-2012-1182
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1182
Comment
: The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to execute arbitrary code via a crafted RPC call.
CVSSv2 Score:
10
Access vector:
NETWORK
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
COMPLETE
Integrity impact:
COMPLETE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
CWE:
189 (Numeric Errors)
References:
https://www.samba.org/samba/security/CVE-2012-1182 (CONFIRM)
http://support.apple.com/kb/HT5281 (CONFIRM)
APPLE-SA-2012-05-09-1 (APPLE)
http://www.collax.com/produkte/AllinOne-server-for-small-businesses#id2565578 (CONFIRM)
48999 (SECUNIA)
FEDORA-2012-6382 (FEDORA)
USN-1423-1 (UBUNTU)
48844 (SECUNIA)
48879 (SECUNIA)
48816 (SECUNIA)
48818 (SECUNIA)
48754 (SECUNIA)
48751 (SECUNIA)
48873 (SECUNIA)
SSRT100824 (HP)
SSRT100872 (HP)
1026913 (SECTRACK)
http://www.samba.org/samba/history/samba-3.6.4.html (CONFIRM)
FEDORA-2012-5805 (FEDORA)
FEDORA-2012-5793 (FEDORA)
FEDORA-2012-5843 (FEDORA)
DSA-2450 (DEBIAN)
MDVSA-2012:055 (MANDRIVA)
SUSE-SU-2012:0515 (SUSE)
SUSE-SU-2012:0504 (SUSE)
SUSE-SU-2012:0502 (SUSE)
SUSE-SU-2012:0501 (SUSE)
VENDOR: RHSA-2013:0506-02
VENDOR: RHSA-2013:0506-02
Id:
RHSA-2013:0506-02
Reference:
https://rhn.redhat.com/errata/RHSA-2013-0506.html
VENDOR: RHSA-2013:0515-02
VENDOR: RHSA-2013:0515-02
Id:
RHSA-2013:0515-02
Reference:
https://rhn.redhat.com/errata/RHSA-2013-0515.html
VENDOR: RHSA-2012:0465-02
VENDOR: RHSA-2012:0465-02
Id:
RHSA-2012:0465-02
Reference:
https://rhn.redhat.com/errata/RHSA-2012-0465.html
VENDOR: RHSA-2012:0466-02
VENDOR: RHSA-2012:0466-02
Id:
RHSA-2012:0466-02
Reference:
https://rhn.redhat.com/errata/RHSA-2012-0466.html
CESA-2013:0506: CESA-2013:0506-CentOS 6
CESA-2013:0506: CESA-2013:0506-CentOS 6
Id:
CESA-2013:0506-CentOS 6
Reference:
http://lists.centos.org/pipermail/centos-cr-announce/2013-February/000689.html
CESA-2013:0515: CESA-2013:0515-CentOS 6
CESA-2013:0515: CESA-2013:0515-CentOS 6
Id:
CESA-2013:0515-CentOS 6
Reference:
http://lists.centos.org/pipermail/centos-cr-announce/2013-February/000508.html
CESA-2012:0465: CESA-2012:0465-CentOS 5
CESA-2012:0465: CESA-2012:0465-CentOS 5
Id:
CESA-2012:0465-CentOS 5
Reference:
http://lists.centos.org/pipermail/centos-announce/2012-April/018562.html
CESA-2012:0465: CESA-2012:0465-CentOS 6
CESA-2012:0465: CESA-2012:0465-CentOS 6
Id:
CESA-2012:0465-CentOS 6
Reference:
http://lists.centos.org/pipermail/centos-announce/2012-April/018565.html
CESA-2012:0466: CESA-2012:0466
CESA-2012:0466: CESA-2012:0466
Id:
CESA-2012:0466
Reference:
http://lists.centos.org/pipermail/centos-announce/2012-April/018561.html
Content available only for registered users!
ovaldb@altx-soft.com