Samba.Send.Mailslot.Buffer.Overflow

description-logoDescription

This indicates an attempt to exploit a boundry error vulnerability in Samba server.
The vulnerability is caused by a boundary error in the "send_mailslot()" function. It can be exploited via a GETDC mailslot request following an offset username in a SAMLOGON logon request. Successful exploitation requires that the "domain logons" option is enabled. As a result of exploiting this, remote attackers can cause a denial of service or execute arbitrary code.

affected-products-logoAffected Products

Samba 2.x
Samba 3.x

Impact logoImpact

Denial of service.
System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Update to version 3.0.28 or apply patch.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)