CVE-2016-0771 in Sambainfo

Summary

The internal DNS server in Samba 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4, when an AD DC is configured, allows remote authenticated users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory by uploading a crafted DNS TXT record.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

12/16/2015

Disclosure

03/13/2016

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-119 (Confirmed)

CVSS

6.2

EPSS

0.05663

CTI

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-0771
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-0771
CVE Details	https://www.cvedetails.com/cve/CVE-2016-0771/

◂ Previous Overview Next ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!