Samba Heap Overflow Vulnerability (CVE-2012-1182) Scanner

Stay Up To Date
Asset Type


Need Membership


Asset Verify


API Support


Estimate Time (Second)


Samba Heap Overflow Vulnerability (CVE-2012-1182) Scanner Detail

Checks if target machines are vulnerable to the Samba heap overflow vulnerability CVE-2012-1182.

Samba versions 3.6.3 and all versions previous to this are affected by a vulnerability that allows remote code execution as the "root" user from an anonymous connection.

CVE-2012-1182 marks multiple heap overflow vulnerabilities located in PIDL based autogenerated code. This check script is based on PoC by ZDI marked as ZDI-CAN-1503. Vulnerability lies in ndr_pull_lsa_SidArray function where an attacker is under control of num_sids and can cause insufficient memory to be allocated, leading to heap buffer overflow and possibility of remote code execution.

Script builds a malicious packet and makes a SAMR GetAliasMembership call which triggers the vulnerability. On the vulnerable system, connection is dropped and result is "Failed to receive bytes after 5 attempts". On patched system, samba throws an error and result is "MSRPC call returned a fault (packet type)".



Some Advice for Common Problems

Patches addressing this issue have been posted to:

Need a Full Assessment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service