Samba.NDR.RPC.Request.Buffer.Overflow
Description
This indicates an attack attempt against a heap-based buffer-overflow
vulnerability in Samba server.
The vulnerability is caused by improper bounds checking in the
"lsa_io_privilege_set" function. By sending a specially crafted RPC request
to the LSA RPC interface, a remote attacker could overflow a buffer and
execute arbitrary code on a vulnerable system.
Affected Products
Samba 3.0.25rc3 and prior versions.
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the patch for this vulnerability or upgrade to the latest version of Samba (3.0.25 or later).
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |