Samba.Send.Mailslot.Buffer.Overflow
Description
This indicates an attempt to exploit a boundry error vulnerability in Samba server.
The vulnerability is caused by a boundary error in the "send_mailslot()" function. It can be exploited via a GETDC mailslot request following an offset username in a SAMLOGON logon request. Successful exploitation requires that the "domain logons" option is enabled. As a result of exploiting this, remote attackers can cause a denial of service or execute arbitrary code.
Affected Products
Samba 2.x
Samba 3.x
Impact
Denial of service.
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Update to version 3.0.28 or apply patch.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |