-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == == Subject: Boundary failure when parsing SMB responses == can result in a buffer overrun == == CVE ID#: CVE-2008-1105 == == Versions: Samba 3.0.0 - 3.0.29 (inclusive) == == Summary: Specifically crafted SMB responses can result == in a heap overflow in the Samba client code. == Because the server process, smbd, can itself == act as a client during operations such as == printer notification and domain authentication, == this issue affects both Samba client and server == installations. == ==========================================================
=========== Description =========== Secunia Research reported a vulnerability that allows for the execution of arbitrary code in smbd. This defect is is a result of an incorrect buffer size when parsing SMB replies in the routine receive_smb_raw(). ================== Patch Availability ================== A patch addressing this defect has been posted to http://www.samba.org/samba/security/ Additionally, Samba 3.0.30 has been issued as a security release to correct the defect. Samba administrators are advised to upgrade to 3.0.30 or apply the patch as soon as possible. ======= Credits ======= This vulnerability was reported to Samba developers by Alin Rad Pop, Secunia Research. The time line is as follows: * May 15, 2008: Initial report to [EMAIL PROTECTED] * May 15, 2008: First response from Samba developers confirming the bug along with a proposed patch. * May 28, 2008: Public security advisory made available. ========================================================== == Our Code, Our Bugs, Our Responsibility. == The Samba Team ========================================================== -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIPXJ/IR7qMdg1EfYRAue5AKDa9zke1fUfAK8+PkGAHPPI+HOGAgCgyAdy 95siCUO1D5/qxy4h4qf/flY= =sf+i -----END PGP SIGNATURE----- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
