A flaw was found in the way samba implemented DCE/RPC. If a client to a Samba server sent a very large DCE/RPC request, and chose to fragment it, an attacker could replace later fragments with their own data, bypassing the signature requirements.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Samba | Samba | 4.10.0 | * |
Samba | Samba | 4.14.0 | * |
Samba | Samba | 4.15.0 | * |