Gerald (Jerry) Carter
2004-Nov-15 13:06 UTC
[SECURITY] CAN-2004-0882: Possible Buffer Overrun in smbd
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Subject: Possible Buffer Overrun in smbd CVE #: CAN-2004-0882 Affected Versions: Samba 3.0.x <= 3.0.7 Summary: A possible buffer overrun in smbd could lead to code execution by a remote user Patch Availability - ------------------ A patch for Samba 3.0.7 (samba-3.0.7-CAN-2004-0882.patch) is available from http://www.samba.org/samba/ftp/patches/security/. The patch has been signed with the "Samba Distribution Verification Key" (ID F17F9772). Description - ----------- Invalid bounds checking in reply to certain trans2 requests could result in a buffer overrun in smbd. In order to exploit this defect, the attacker must be able to create files with very specific Unicode filenames on the Samba share. Protecting Unpatched Servers - ---------------------------- The Samba Team always encourages users to run the latest stable release as a defense of against attacks. However, under certain circumstances it may not be possible to immediately upgrade important installations. In such cases, administrators should read the "Server Security" documentation found at http://www.samba.org/samba/docs/server_security.html. Credits - -------- This security issue was reported to Samba developers by Stefan Esser from e-matters Security (http://security.e-matters.de/). - -- Our Code, Our Bugs, Our Responsibility. -- The Samba Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQFBmKk0IR7qMdg1EfYRAljEAKCzJaOh90yiegN9oVRLIX4yOlKfbwCfaX3u T98V1eCge6mPnokD3/BXD0U=ptXT -----END PGP SIGNATURE-----
Possibly Parallel Threads
- CAN-2004-1154 : Integer overflow could lead to remote code execution in Samba 2.x, 3.0.x <= 3.0.9
- [SECURITY] CAN-2004-0930: Potential Remote Denial of Service Vulnerability in Samba 3.0.x <= 3.0.7
- CAN-2004-1154 : Integer overflow could lead to remote code execution in Samba 2.x, 3.0.x <= 3.0.9
- Samba 3.0 DoS Vulberabilities (CAN-2004-0807 & CAN-2004-0808)
- Samba 3.0 DoS Vulberabilities (CAN-2004-0807 & CAN-2004-0808)