[Bug 235912] [NEW] [CVE-2008-1105] Samba: boundary failure when parsing SMB responses

Alexander Konovalenko alexkon at gmail.com
Fri May 30 01:10:39 BST 2008


*** This bug is a security vulnerability ***

Public security bug reported:

Binary package hint: samba

CVE-2008-1105 description:

"Heap-based buffer overflow in the receive_smb_raw function in
util/sock.c in Samba 3.0.0 through 3.0.29 allows remote attackers to
execute arbitrary code via a crafted SMB response."

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2008-1105
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1105

"Boundary failure when parsing SMB responses can result in a buffer
overrun

Specifically crafted SMB responses can result in a heap overflow in the Samba client code.
Because the server process, smbd, can itself act as a client during operations such as
printer notification and domain authentication, this issue affects both Samba client and 
server installations."

http://www.samba.org/samba/security/CVE-2008-1105.html

Patch:
http://www.samba.org/samba/ftp/patches/security/samba-3.0.29-CVE-2008-1105.patch

** Affects: samba (Ubuntu)
     Importance: Undecided
         Status: New

** Visibility changed to: Public

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-1105

-- 
[CVE-2008-1105] Samba: boundary failure when parsing SMB responses
https://bugs.launchpad.net/bugs/235912
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to samba in ubuntu.



More information about the Ubuntu-server-bugs mailing list