‘Samba 3.3.12 Memory Corruption Vulnerability’


Remote exploitation of a buffer overflow vulnerability within Samba Project’s Samba could allow an attacker to execute arbitrary code with root privileges.’


‘The information has been provided by Jun Mao.
The original article can be found at: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=873


Vulnerable Systems:
 * Samba version 3.3.12

This vulnerability exists in a certain function within Samba, where an attacker could trigger a memory corruption by sending specially crafted SMB requests resulting in heap memory overwritten with attacker supplied data, which can allow attackers to execute code remotely.

Patch Availability:
Samba has released patches to address this issue. Information about downloadable vendor updates can be found by clicking on the following URL:

Firewalls should be utilized to prevent unauthorized connections to samba ports.

CVE Information:

Disclosure Timeline:
06/04/2010 Initial Vendor Notification
06/04/2010 Initial Vendor Reply
06/16/2010 Coordinated Public Disclosure’

Categories: UNIX