SMB: Mangling File Buffer Overflow

This signature detects attempts to exploit a known vulnerability in the mangling functionality in Samba. A successful attacker can execute arbitrary code with Samba process privileges.

Extended Description

Samba is reported prone to an undisclosed buffer overrun vulnerability, the buffer overrun is reported to exist when Samba is handling file name mangling with the "hash" method. It is conjectured that this vulnerability may present itself when the affected server handles a filename that is sufficient to trigger the vulnerability. To exploit this vulnerability, an attacker may require sufficient access so that they may write a file to a published samba share. It is reported that the vulnerability does not exist in default Samba configurations; by default, Samba is configured to employ "hash2" name mangling. The "hash2" method is not vulnerable. This vulnerability is reported to affect Samba version 3.0.0 and later.

Affected Products

Sun solaris

Short Name
SMB:OF:MANGLING-FILE-OF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
SMB
Keywords
Buffer CVE-2004-0686 File Mangling Overflow bid:10781
Release Date
05/23/2005
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3375
False Positive
Unknown
Vendors

Red_hat

Samba

Trustix

Sun

Hp

Conectiva

CVSS Score

5.0

Found a potential security threat?