Tech

Samba dinged by 'highly critical' flaw

Researchers at Secunia have flagged a "highly critical" vulnerability in Samba, the widely deployed open-source software for networked file sharing and printing.According to an advisory from Secunia, the vulnerability affects Samba versions 3.

Written by Ryan Naraine, Contributor May 28, 2008 at 9:41 a.m. PT

Researchers at Secunia have flagged a "highly critical" vulnerability in Samba, the widely deployed open-source software for networked file sharing and printing.

According to an advisory from Secunia, the vulnerability affects Samba versions 3.0.28a and 3.0.29 and can be exploited by malicious people to compromise a vulnerable system.

Technical details:

The vulnerability is caused due to a boundary error within the "receive_smb_raw()" function in lib/util_sock.c when parsing SMB packets. This can be exploited to cause a heap-based buffer overflow via an overly large SMB packet received in a client context.

Successful exploitation allows execution of arbitrary code by tricking a user into connecting to a malicious server (e.g. by clicking an "smb://" link) or by sending specially crafted packets to an "nmbd" server configured as a local or domain master browser.

Samba maintainers have issued a separate alert to warn that specially crafted SMB responses can result in a heap overflow in the Samba client code.

Because the server process, smbd, can itself act as a client during operations such as printer notification and domain authentication, this issue affects both Samba client and server installations.

A high-priority patch is available from the Samba.org security center.

Editorial standards

Show Comments

The Apple Watch Ultra 2 with an Atlantic Blue Nomad Rugged Band.

Samba dinged by 'highly critical' flaw

Related

6 reasons to buy an Apple Watch, according to a wearables expert

Linus Torvalds takes on evil developers, hardware errors and 'hilarious' AI hype

The best AI image generators to try right now