In association with heise online

15 May 2007, 13:12

Samba 3.0.25 fixes multiple security vulnerabilities

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The developers of the open source Samba server have, with the latest version 3.0.25, fixed multiple vulnerabilities, some of which could be exploited by attackers to execute arbitrary malicious code on the server. The Samba developers have also released patches for the previous version.

One of the vulnerabilities fixed permitted an attacker to execute arbitrary code in a shell, as Samba failed to filter user entries received via MS-RPC and passed these to the /bin/sh command line interpreter on calling scripts executed in the smb.conf. In addition, crafted MS-RPC calls could cause a buffer overflow, allowing execution of injected malicious code. A further security vulnerability affected the translation of Windows SIDs in local user accounts. Under certain unspecified circumstances, translation could fail resulting in the user acquiring root privileges.

The bugs affect Samba version 3.0.0 to 3.0.25rc3. The translation errors affect versions 3.0.23d to 3.0.25pre2. The developers have fixed the problems in the newly released version 3.0.25.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit