Samba "receive_smb_raw()" Remote Buffer Overflow Vulnerability

Last Update Date: 28 Jan 2011 Release Date: 29 May 2008 5312 Views

RISK: Medium Risk

Medium Risk

A vulnerability has been identified in Samba, which could be exploited by remote attackers to cause a denial of service or compromise a vulnerable system. This issue is caused by a buffer overflow error in the "receive_smb_raw()" [lib/util_sock.c] function when processing overly large SMB packets received in a client context, which could be exploited by attackers to crash an affected application or execute arbitrary code by tricking a user into connecting to a malicious server (e.g. by following an "smb://" link) or by sending specially crafted packets to an "nmbd" server configured as a local or domain master browser.

Impact

  • Denial of Service
  • Remote Code Execution

System / Technologies affected

  • Samba version 3.0.29 and prior
  • Solaris 9 and 10 for SPARC and x86 platform running Samba 3.0.0 through 3.0.29.

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Upgrade to Samba version 3.0.30 :
http://us1.samba.org/samba/download/

Sun Solaris 9 (SPARC) - Apply patch 114684-12 or later
Sun Solaris 10 (SPARC) - Apply patch 119757-13 or later

Sun Solaris 9 (x86) - Apply patch 114685-12 or later
Sun Solaris 10 (x86) - Apply patch 119758-13 or later

Vulnerability Identifier

Source

Share with

Previous

Adobe Flash Player Unspecified Remote Code Execution Vulnerability

28 May 2008 5264 Views

Next

Apple Mac OS XMultiple Vulnerabilities

30 May 2008 5306 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY