Search for vulnerabilities
Vulnerability details: VCID-bvch-rees-b7cu
Vulnerability ID VCID-bvch-rees-b7cu
Aliases CVE-2012-1182
Summary
Status Published
Exploitability 2.0
Weighted Severity 0.7
Risk 1.4
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-228 Improper Handling of Syntactically Invalid Structure
CWE-122 Heap-based Buffer Overflow
System Score Found at
epss 0.76396 https://api.first.org/data/v1/epss?cve=CVE-2012-1182
epss 0.76396 https://api.first.org/data/v1/epss?cve=CVE-2012-1182
epss 0.76396 https://api.first.org/data/v1/epss?cve=CVE-2012-1182
epss 0.76396 https://api.first.org/data/v1/epss?cve=CVE-2012-1182
epss 0.76396 https://api.first.org/data/v1/epss?cve=CVE-2012-1182
epss 0.76396 https://api.first.org/data/v1/epss?cve=CVE-2012-1182
epss 0.76396 https://api.first.org/data/v1/epss?cve=CVE-2012-1182
epss 0.76396 https://api.first.org/data/v1/epss?cve=CVE-2012-1182
epss 0.76396 https://api.first.org/data/v1/epss?cve=CVE-2012-1182
epss 0.76396 https://api.first.org/data/v1/epss?cve=CVE-2012-1182
epss 0.76396 https://api.first.org/data/v1/epss?cve=CVE-2012-1182
epss 0.76396 https://api.first.org/data/v1/epss?cve=CVE-2012-1182
epss 0.76396 https://api.first.org/data/v1/epss?cve=CVE-2012-1182
epss 0.78172 https://api.first.org/data/v1/epss?cve=CVE-2012-1182
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1182.json
https://api.first.org/data/v1/epss?cve=CVE-2012-1182
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1182
668309 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668309
804093 https://bugzilla.redhat.com/show_bug.cgi?id=804093
CVE-2012-1182;OSVDB-81303 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/21850.rb
CVE-2012-1182;OSVDB-81303 Exploit http://www.zerodayinitiative.com/advisories/ZDI-12-069/
RHSA-2012:0465 https://access.redhat.com/errata/RHSA-2012:0465
RHSA-2012:0466 https://access.redhat.com/errata/RHSA-2012:0466
RHSA-2012:0478 https://access.redhat.com/errata/RHSA-2012:0478
RHSA-2013:0506 https://access.redhat.com/errata/RHSA-2013:0506
RHSA-2013:0515 https://access.redhat.com/errata/RHSA-2013:0515
USN-1423-1 https://usn.ubuntu.com/1423-1/
Data source Metasploit
Description This module triggers a vulnerability in the LSA RPC service of the Samba daemon because of an error on the PIDL auto-generated code. Making a specially crafted call to SetInformationPolicy to set a PolicyAuditEventsInformation allows to trigger a heap overflow and finally execute arbitrary code with root privileges. The module uses brute force to guess the stackpivot/rop chain or the system() address and redirect flow there in order to bypass NX. The start and stop addresses for brute forcing have been calculated empirically. On the other hand the module provides the StartBrute and StopBrute which allow the user to configure his own addresses.
Note 
Stability:
  - crash-service-restarts
Reliability:
  - unreliable-session
SideEffects:
  - ioc-in-logs
Ransomware campaign use Unknown
Source publication date April 10, 2012
Platform Linux,Unix
Source URL https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/linux/samba/setinfopolicy_heap.rb
Data source Exploit-DB
Date added Oct. 10, 2012
Description Samba 3.4.16/3.5.14/3.6.4 - SetInformationPolicy AuditEventsInfo Heap Overflow (Metasploit)
Ransomware campaign use Known
Source publication date Oct. 10, 2012
Exploit type remote
Platform linux
Source update date Dec. 1, 2016
Source URL http://www.zerodayinitiative.com/advisories/ZDI-12-069/
There are no known vectors.
Exploit Prediction Scoring System (EPSS)
Percentile 0.98879
EPSS Score 0.76396
Published At July 30, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:41:57.050556+00:00 Ubuntu USN Importer Import https://usn.ubuntu.com/1423-1/ 37.0.0