What is the severity of CVE-2016-2123?

CVE-2016-2123 is considered a critical vulnerability due to the potential for an attacker-controlled memory overwrite.

How do I fix CVE-2016-2123?

The recommended fix for CVE-2016-2123 is to upgrade Samba to a version that is not affected, such as versions 4.5.3 and above.

Who is affected by CVE-2016-2123?

CVE-2016-2123 affects users of Samba versions 4.0.0 to 4.5.2, particularly those who can write to the dnsRecord attribute.

What components are involved in CVE-2016-2123?

CVE-2016-2123 involves the Samba ndr_pull_dnsp_name routine and the parsing of data from the Samba Active Directory ldb database.

What attack vector is associated with CVE-2016-2123?

CVE-2016-2123 can be exploited by authenticated users who have the ability to modify DNS records.

Vulnerability/
CVE-2016-2123

high

8.8

CWE

122 119

1/11/2018

5/8/2024

CVE-2016-2123: Buffer Overflow

First published: Thu Nov 01 2018(Updated: )

A flaw was found in samba versions 4.0.0 to 4.5.2. The Samba routine ndr_pull_dnsp_name contains an integer wrap problem, leading to an attacker-controlled memory overwrite. ndr_pull_dnsp_name parses data from the Samba Active Directory ldb database. Any user who can write to the dnsRecord attribute over LDAP can trigger this memory corruption. By default, all authenticated LDAP users can write to the dnsRecord attribute on new DNS objects. This makes the defect a remote privilege escalation.

Credit: secalert@redhat.com secalert@redhat.com

Affected Software	Affected Version	How to fix
Samba	>=4.0.0<=4.0.26
Samba	>=4.1.0<=4.1.23
Samba	>=4.2.0<=4.2.14
Samba	>=4.3.0<4.3.13
Samba	>=4.4.0<4.4.8
Samba	>=4.5.0<4.5.3

Remedy

https://www.samba.org/samba/security/CVE-2016-2123.html

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2016-2123?
CVE-2016-2123 is considered a critical vulnerability due to the potential for an attacker-controlled memory overwrite.
How do I fix CVE-2016-2123?
The recommended fix for CVE-2016-2123 is to upgrade Samba to a version that is not affected, such as versions 4.5.3 and above.
Who is affected by CVE-2016-2123?
CVE-2016-2123 affects users of Samba versions 4.0.0 to 4.5.2, particularly those who can write to the dnsRecord attribute.
What components are involved in CVE-2016-2123?
CVE-2016-2123 involves the Samba ndr_pull_dnsp_name routine and the parsing of data from the Samba Active Directory ldb database.
What attack vector is associated with CVE-2016-2123?
CVE-2016-2123 can be exploited by authenticated users who have the ability to modify DNS records.

agent/references
agent/type
agent/softwarecombine
agent/author
agent/weakness
agent/remedy
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/severity
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
collector/nvd-index
vendor/samba
canonical/samba
version/samba/4.0.0
version/samba/4.0.26
version/samba/4.1.0
version/samba/4.1.23
version/samba/4.2.0
version/samba/4.2.14
version/samba/4.3.0
version/samba/4.4.0
version/samba/4.5.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.