Samba Remote Procedure Call Remote Memory Corruption Vulnerability
Last Update Date:
12 Apr 2012 10:37
Release Date:
12 Apr 2012
5466
Views
RISK: Medium Risk
TYPE: Servers - Other Servers
A vulnerability has been identified in Samba. A remote user can execute arbitrary code on the target system.
A remote user can send a specially crafted RPC call to trigger a buffer overflow in the Network Data Representation (NDR) marshalling code and execute arbitrary code on the target system. The code will run with root privileges.
Impact
- Remote Code Execution
System / Technologies affected
- Samba version 3.6.3 or before
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- The vendor has issued a fix (3.6.4).
http://www.samba.org/samba/history/samba-3.6.4.html
Vulnerability Identifier
Source
Related Link
Share with