CVE-2016-0771

Priority
Description
The internal DNS server in Samba 4.x before 4.1.23, 4.2.x before 4.2.9,
4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4, when an AD DC is configured,
allows remote authenticated users to cause a denial of service
(out-of-bounds read) or possibly obtain sensitive information from process
memory by uploading a crafted DNS TXT record.
Assigned-to
mdeslaur
Notes
mdeslaur4.0+ only
Package
Source: samba (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):not-affected
Ubuntu 14.04 ESM (Trusty Tahr):released (2:4.1.6+dfsg-1ubuntu2.14.04.13)
Ubuntu 16.04 LTS (Xenial Xerus):released (2:4.3.6+dfsg-1ubuntu1)
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needed)
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
More Information

Updated: 2019-12-05 18:43:39 UTC (commit dd38ff22974aae499eb50644b9d5a2817483cbdb)