Results 1 to 2 of 2

Thread: Samba "receive_smb_raw()" Buffer Overflow Vulnerability

  1. #1
    Join Date
    Nov 2006
    Location
    Sweden
    Beans
    2,594
    Distro
    Ubuntu Development Release

    Samba "receive_smb_raw()" Buffer Overflow Vulnerability

    http://secunia.com/advisories/30228/

    Critical:
    Highly critical
    Impact: System access
    Where: From remote
    Solution Status: Vendor Patch


    The vulnerability is caused due to a boundary error within the "receive_smb_raw()" function in lib/util_sock.c when parsing SMB packets. This can be exploited to cause a heap-based buffer overflow via an overly large SMB packet received in a client context.

    Successful exploitation allows execution of arbitrary code by tricking a user into connecting to a malicious server (e.g. by clicking an "smb://" link) or by sending specially crafted packets to an "nmbd" server configured as a local or domain master browser.

    The vulnerability is confirmed in versions 3.0.28a and 3.0.29. Prior versions may also be affected.
    http://packages.ubuntu.com/search?su...keywords=samba


  2. #2
    Join Date
    May 2008
    Beans
    1

    Re: Samba "receive_smb_raw()" Buffer Overflow Vulnerability

    Bump. Is an updated package being worked on or should I compile the latest version from source?

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •