Intrusion Prevention

HTTP.Authorization.Basic.Null

Description

A buffer overflow in the Samba Web Administration Tool (SWAT), in Samba 3.0.2 to 3.0.4, allows remote attackers to execute arbitrary code via an invalid base-64 character during HTTP basic authentication.

Affected Products

Samba version 3.0.4 and prior.

Impact

System Compromise.

Recommended Actions

Upgrade to Samba version 3.0.5 or newer.

CVE References

CVE-2004-0600