Skip to main content

Samba Heap Overflow Vulnerability

Last Update Date: 6 Aug 2014 Release Date: 4 Aug 2014 4295 Views

RISK: High Risk

TYPE: Servers - Other Servers

TYPE: Other Servers

A vulnerability was identified in Samba, which can be exploited by remote user to execute arbitrary code on the target system.

A remote user can send specially crafted packets to trigger a heap overflow in the target nmbd NetBIOS name services daemon and execute arbitrary code on the target system. The code will run with root privileges.


Impact

  • Remote Code Execution

System / Technologies affected

  • Samba 4.0.0 to 4.1.10

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update to version 4.0.21 or 4.1.11.

Vulnerability Identifier


Source


Related Link