ldb prior to 1.1.24, as used in the AD LDAP server in Samba 4.x prior to 4.1.22, 4.2.x prior to 4.2.7, and 4.3.x prior to 4.3.3, mishandles string lengths, which allows remote malicious users to obtain sensitive information from daemon heap memory by sending crafted packets and then reading (1) an error message or (2) a database value.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
samba samba 4.2.6 |
||
samba samba 4.1.9 |
||
samba samba 4.0.14 |
||
samba samba 4.0.24 |
||
samba samba 4.1.16 |
||
samba samba 4.1.12 |
||
samba samba 4.0.2 |
||
samba samba 4.1.14 |
||
samba samba 4.0.22 |
||
samba samba 4.2.1 |
||
samba samba 4.0.11 |
||
samba samba 4.1.7 |
||
samba samba 4.0.3 |
||
samba samba 4.3.0 |
||
samba samba 4.0.21 |
||
samba samba 4.0.16 |
||
samba samba 4.1.8 |
||
samba samba 4.2.4 |
||
samba samba 4.0.13 |
||
samba samba 4.2.0 |
||
samba samba 4.1.5 |
||
samba samba 4.1.6 |
||
samba samba 4.0.17 |
||
samba samba 4.0.6 |
||
samba samba 4.0.19 |
||
samba samba 4.1.11 |
||
samba samba 4.0.10 |
||
samba samba 4.1.4 |
||
samba samba 4.1.20 |
||
samba samba 4.0.7 |
||
samba samba 4.1.0 |
||
samba samba 4.1.19 |
||
samba samba 4.0.1 |
||
samba samba 4.0.8 |
||
samba samba 4.2.2 |
||
samba samba 4.1.10 |
||
samba samba 4.3.1 |
||
samba samba 4.1.15 |
||
samba samba 4.1.17 |
||
samba samba 4.3.2 |
||
samba samba 4.0.0 |
||
samba samba 4.2.3 |
||
samba samba 4.0.5 |
||
samba samba 4.1.2 |
||
samba samba 4.1.3 |
||
samba samba 4.0.18 |
||
samba samba 4.1.21 |
||
samba samba 4.1.1 |
||
samba samba 4.0.23 |
||
samba samba 4.1.13 |
||
samba samba 4.2.5 |
||
samba samba 4.0.12 |
||
samba samba 4.0.4 |
||
samba samba 4.0.15 |
||
samba samba 4.0.20 |
||
samba samba 4.1.18 |
||
samba samba 4.0.9 |
Vulmon