SMB: Samba SID Parsing Stack Buffer Overflow
A buffer overflow vulnerability has been reported in Samba. The vulnerability is due to a boundary error when parsing the Security ID (SID) in SMB packets. Remote attackers could exploit this vulnerability by sending a crafted SMB message to a target SMB server. Successful exploitation would allow for arbitrary code injection and execution which might allow the attacker to take complete control of a target host. Code injection that does not result in execution could crash the vulnerable service, and result in a Denial of Service condition.
Extended Description
Samba is prone to a remote stack-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. An attacker can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in a denial of service. Samba versions prior to 3.5.5 are vulnerable.
Affected Products
Samba samba
Short Name
SMB:SAMBA:SID-QUOTA
Severity
Major
Recommended
False
Recommended Action
Drop
Category
SMB
Keywords
Buffer CVE-2010-3069 Overflow Parsing SID Samba Stack bid:43212
Release Date
07/18/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3339
False Positive
Unknown
Vendors
Red_hat
Samba
Suse
Apple
Gentoo
Sun
Rpath
Avaya
Oracle
Slackware
Ubuntu
Mandriva
Debian
Vmware
CVSS Score
7.5