Intrusion Prevention

Samba.NDR.RPC.Request.Buffer.Overflow

Description

This indicates an attack attempt against a heap-based buffer-overflow
vulnerability in Samba server.
The vulnerability is caused by improper bounds checking in the
"lsa_io_privilege_set" function. By sending a specially crafted RPC request
to the LSA RPC interface, a remote attacker could overflow a buffer and
execute arbitrary code on a vulnerable system.

Affected Products

Samba 3.0.25rc3 and prior versions.

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the patch for this vulnerability or upgrade to the latest version of Samba (3.0.25 or later).
http://www.samba.org/samba/history/security.html.

CVE References

CVE-2007-2446