Samba 'AndX' Request Heap-Based Buffer Overflow

critical Nessus Plugin ID 58327


The remote Samba service is vulnerable to a heap overflow attack.


The remote Samba install is prone to a heap-based buffer overflow attack.

An attacker can exploit this issue to execute arbitrary code with the privileges of the application. Failed exploit attempts will result in a denial of service condition.


Apply patches from the vendor.

See Also

Plugin Details

Severity: Critical

ID: 58327

File Name: samba_andx_heap_overflow.nbin

Version: 1.164

Type: remote

Family: Misc.

Published: 3/13/2012

Updated: 5/24/2022

Risk Information


Risk Factor: Medium

Score: 5.9


Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:samba:samba

Required KB Items: SMB/NativeLanManager, SMB/samba

Exploit Ease: No known exploits are available

Patch Publication Date: 2/21/2012

Vulnerability Publication Date: 2/21/2012

Reference Information

CVE: CVE-2012-0870

BID: 52103