Samba.Receive.Smb.Raw.Buffer.Overflow

description-logoDescription

This indicates an attempt to exploit a buffer-overflow vulnerability in Samba.
This vulnerability is due to the "receive_smb_raw()" [lib/util_sock.c] function's failure to properly check the bounds of user-supplied data when processing SMB packets. A remote attacker may be able to exploit this by sending overly large SMB packets.

affected-products-logoAffected Products

Slackware Linux 10.2
Slackware Linux 10.1
Slackware Linux 10.0
Slackware Linux 12.1
Slackware Linux 12.0
Slackware Linux 11.0
Slackware Linux -current
Samba Samba 3.0.29
Samba Samba 3.0.28 a
rPath rPath Linux 2
rPath rPath Linux 1
rPath Appliance Platform Linux Service 1
RedHat Fedora 9 0
RedHat Fedora 8 0
RedHat Fedora 7 0
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux WS 3
RedHat Enterprise Linux WS 2.1 IA64
RedHat Enterprise Linux WS 2.1
RedHat Enterprise Linux ES 4.5.z
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux ES 3
RedHat Enterprise Linux ES 2.1 IA64
RedHat Enterprise Linux ES 2.1
RedHat Enterprise Linux Desktop 5 client
RedHat Enterprise Linux AS 4.5.z
RedHat Enterprise Linux AS 4
RedHat Enterprise Linux AS 3
RedHat Enterprise Linux AS 2.1 IA64
RedHat Enterprise Linux AS 2.1
RedHat Enterprise Linux 5 server
RedHat Desktop 4.0
RedHat Desktop 3.0
RedHat Advanced Workstation for the Itanium Processor 2.1 IA64
MandrakeSoft Linux Mandrake 2008.1 x86_64
MandrakeSoft Linux Mandrake 2008.1
MandrakeSoft Linux Mandrake 2008.0 x86_64
MandrakeSoft Linux Mandrake 2008.0
MandrakeSoft Linux Mandrake 2007.1 x86_64
MandrakeSoft Linux Mandrake 2007.1
MandrakeSoft Corporate Server 4.0 x86_64
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
MandrakeSoft Corporate Server 4.0
Gentoo Linux
Debian Linux 4.0 sparc
Debian Linux 4.0 s/390
Debian Linux 4.0 powerpc
Debian Linux 4.0 mipsel
Debian Linux 4.0 mips
Debian Linux 4.0 m68k
Debian Linux 4.0 ia-64
Debian Linux 4.0 ia-32
Debian Linux 4.0 hppa
Debian Linux 4.0 arm
Debian Linux 4.0 amd64
Debian Linux 4.0 alpha
Debian Linux 4.0

Impact logoImpact

System Compromise
Denial of Service

recomended-action-logoRecommended Actions

Apply the latest update from the vendor:

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2019-09-27 14.696 Sig Added