|
|
Info |
Last Modified |
| about 1 year ago |
|
|
|
|
Keywords |
HPSBTU02218,SSRT071424 HPSBTU02233,SSRT071424,c01091459
|
|
Description |
A remote overflow exists in Samba. The application fails to properly verify user-suplied input when parsing RPC requests to the SPOOLSS RPC interface resulting in a heap-based overflow. With a specially crafted request to RFNPCNEX, an attacker can cause heap space to be overwritten and possible trigger the execution of arbitrary code resulting in a loss of integrity or availability.
|
|
Classification |
Location:
Remote/Network Access Required
Attack Type:
Input Manipulation
Impact:
Loss of Integrity
Exploit:
Exploit Unknown
Disclosure:
OSVDB Verified
|
|
Solution |
Upgrade to version 3.0.25 or higher, as it has been reported to fix this vulnerability. In addition, Samba has released a patch for some older versions.
|
|
Products |
|
Samba
 |
3.0.4 |
3.0.3 |
3.0.2 |
3.0.1 |
3.0.0 |
3.0.6 |
3.0.5 |
3.0.2a |
3.0.8 |
3.0.21 |
3.0.21a |
3.0.21b |
3.0.21c |
3.0.7 |
3.0.9 |
3.0.10 |
3.0.11 |
3.0.12 |
3.0.13 |
3.0.14 |
3.0.14a |
3.0.20 |
3.0.20a |
3.0.20b |
3.0.22 |
3.0.23 |
3.0.23a |
3.0.23b |
3.0.23c |
3.0.23d |
3.0.24 |
3.0.25rc3 |
|
|
|
|
|
|
Credit |
Unknown or Incomplete
|
|
BlogsProvided by Technorati
|
None found at this time
|
|
|
