1 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
2 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3 <html xmlns="http://www.w3.org/1999/xhtml">
6 <title>Samba - Security Announcement Archive</title>
11 <H2>CAN-2004-0882: Possible Buffer Overrun in smbd 3.0.x <= 3.0.7</H2>
15 Subject: Possible Buffer Overrun in smbd
18 Versions: Samba 3.0.x <= 3.0.7
20 Summary: A possible buffer overrun in smbd could
21 lead to code execution by a remote user
27 A patch for Samba 3.0.7 (samba-3.0.7-CAN-2004-0882.patch) is
28 available from http://www.samba.org/samba/ftp/patches/security/.
29 The patch has been signed with the "Samba Distribution Verification
36 Invalid bounds checking in reply to certain trans2 requests
37 could result in a buffer overrun in smbd. In order to exploit
38 this defect, the attacker must be able to create files with very
39 specific Unicode filenames on the Samba share.
42 Protecting Unpatched Servers
43 ----------------------------
45 The Samba Team always encourages users to run the latest stable
46 release as a defense of against attacks. However, under certain
47 circumstances it may not be possible to immediately upgrade
48 important installations. In such cases, administrators should
49 read the "Server Security" documentation found at
50 http://www.samba.org/samba/docs/server_security.html.
56 This security issue was reported to Samba developers by Stefan
57 Esser from e-matters Security (http://security.e-matters.de/).
61 -- Our Code, Our Bugs, Our Responsibility.