Samba < 3.0.30 'receive_smb_raw' Buffer Overflow Vulnerability

High Nessus Network Monitor Plugin ID 4522


The remote Samba server may be affected by a buffer overflow vulnerability.


According to its banner, the version of the Samba server on the remote host is reportedly affected by a boundary error in 'nmbd' within the 'receive_smb_raw' function in 'lib/util_sock.c' when parsing SMB packets received in a client context. By sending specially-crafted packets to an 'nmbd' server configured as a local or domain master browser, an attacker can leverage this issue to produce a heap-based buffer overflow and execute arbitrary code with system privileges.


Upgrade to Samba version 3.0.30 or later or apply the patch referenced in the project's advisory.

See Also

Plugin Details

Severity: High

ID: 4522

File Name: 4522.prm

Family: Samba

Published: 2008/05/29

Modified: 2016/01/21

Dependencies: 8740

Nessus ID: 32476

Risk Information

Risk Factor: High


Base Score: 7.5

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C


Base Score: 7.3

Temporal Score: 6.6


Temporal Vector: CVSS3#E:P/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:samba:samba

Patch Publication Date: 2008/05/29

Vulnerability Publication Date: 2008/05/29

Reference Information

CVE: CVE-2008-1105

BID: 29404

OSVDB: 45657