Samba < 3.0.30 'receive_smb_raw' Buffer Overflow Vulnerability
High Nessus Network Monitor Plugin ID 4522
SynopsisThe remote Samba server may be affected by a buffer overflow vulnerability.
DescriptionAccording to its banner, the version of the Samba server on the remote host is reportedly affected by a boundary error in 'nmbd' within the 'receive_smb_raw' function in 'lib/util_sock.c' when parsing SMB packets received in a client context. By sending specially-crafted packets to an 'nmbd' server configured as a local or domain master browser, an attacker can leverage this issue to produce a heap-based buffer overflow and execute arbitrary code with system privileges.
SolutionUpgrade to Samba version 3.0.30 or later or apply the patch referenced in the project's advisory.