 |
Name:
Samba.NDR.RPC.Request.Buffer.Overflow
|
Released Date:
May 28 2007
|
Severity:
high
|
CVE:
2007-2446
|
|
|
Bugtraq:
24195
|
|
|
|
|
FortiGuard Center
> Vulnerability Encyclopedia
In-Depth Analysis
|
Description
|
Samba server is vulnerable to a heap based buffer overflow, caused by improper bounds checking in the lsa_io_privilege_set function. By sending a specially crafted RPC request to the LSA RPC interface, a remote attacker could overflow a buffer and execute arbitrary code on a vulnerable system.
|
|
|
|
Impact
|
|
System Compromise.
|
|
|
|
Affected Products
|
|
Samba 3.0.25rc3 and prior versions.
|
|
Aliases
|
Samba.NDR.RPC.Request.Buffer.Overflow
-Tag.Samba.NDR.RPC.Request.Bind
-Tag.Samba.NDR.RPC.Request.Trans.Bind
|
|
References
|
http://www.securityfocus.com/bid/24195
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2007-2446
|
|
Recommended Actions
|
Apply the patch for this vulnerability or upgrade to the latest version of Samba (3.0.25 or later).
Please refer to http://www.samba.org/samba/history/security.html.
|
|
