Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Samba 2.2.x < 2.2.10 / 3.0.x < 3.0.5 Buffer Overflow

Medium

Synopsis

The remote Samba server is affected by a buffer overflow attack vector.

Description

According to its banner, the version of Samba is 2.2.x earlier than 2.2.10, or 3.0.x earlier than 3.0.5, and is therefore affected by a flaw related to setting the option 'mangling method' to 'hash' in 'smb.conf' (which is not the default setting), and may allow an attacker to cause a buffer overflow. No further details have been provided.

Solution

Upgrade Samba to version 3.0.5 or later. If version 3.0.x cannot be obtained, version 2.2.10 has also been patched for this issue.