Skip to main content

Samba Remote Procedure Call Remote Memory Corruption Vulnerability

Last Update Date: 12 Apr 2012 10:37 Release Date: 12 Apr 2012 5466 Views

RISK: Medium Risk

TYPE: Servers - Other Servers

TYPE: Other Servers

A vulnerability has been identified in Samba. A remote user can execute arbitrary code on the target system.

 

A remote user can send a specially crafted RPC call to trigger a buffer overflow in the Network Data Representation (NDR) marshalling code and execute arbitrary code on the target system. The code will run with root privileges.


Impact

  • Remote Code Execution

System / Technologies affected

  • Samba version 3.6.3 or before

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.


Vulnerability Identifier


Source


Related Link