CVE-2016-0771
Description
The internal DNS server in Samba 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4, when an AD DC is configured, allows remote authenticated users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory by uploading a crafted DNS TXT record.
Risk Information
Base Score
5.9
MODERATE
Vector
CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H
EPSS Score
Exploitation Probability
5.663
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| SMB/CIFS file, print, and login server for Unix (USN-2922-1) samba_3.6.3-2ubuntu2.17_i386.deb | Linux |
| SMB/CIFS file, print, and login server for Unix (USN-2922-1) samba_3.6.3-2ubuntu2.17_amd64.deb | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234