Samba < 3.0.30 'receive_smb_raw' Buffer Overflow Vulnerability

high Nessus Network Monitor Plugin ID 4522


The remote Samba server may be affected by a buffer overflow vulnerability.


According to its banner, the version of the Samba server on the remote host is reportedly affected by a boundary error in 'nmbd' within the 'receive_smb_raw' function in 'lib/util_sock.c' when parsing SMB packets received in a client context. By sending specially-crafted packets to an 'nmbd' server configured as a local or domain master browser, an attacker can leverage this issue to produce a heap-based buffer overflow and execute arbitrary code with system privileges.


Upgrade to Samba version 3.0.30 or later or apply the patch referenced in the project's advisory.

See Also

Plugin Details

Severity: High

ID: 4522

Family: Samba

Published: 5/29/2008

Updated: 3/6/2019

Dependencies: 8740

Nessus ID: 32476

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 7.5

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C

CVSS v3.0

Base Score: 7.3

Temporal Score: 6.6

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*

Patch Publication Date: 5/29/2008

Vulnerability Publication Date: 5/29/2008

Reference Information

CVE: CVE-2008-1105

BID: 29404