1 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
2 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3 <html xmlns="http://www.w3.org/1999/xhtml">
6 <title>Samba - Security Announcement Archive</title>
11 <H2>CVE-2012-0870:</H2>
15 ===========================================================
16 == Subject: Remote code execution vulnerability in smbd
18 == CVE ID#: CVE-2012-0870
20 == Versions: Samba pre-3.4.0
22 == Summary: Ensure AndX offsets are increasing strictly monotonically
23 == in pre-3.4 versions
25 ===========================================================
31 Samba versions up to 3.4.0 do not ensure that AndX offsets of the smb daemon
32 (smbd) are increasing strictly monotonically.
34 Therefore a remote code execution vulnerability exists in the smbd service.
35 A remote attacker could use the vulnerability to launch an exploit over a
48 A patch addressing this defect has been posted to
50 http://www.samba.org/samba/security/
52 As all pre-3.4.0 versions are discontinued at least since August 9, 2011 even
53 for security patches, the patches are provided as an extra service to our
54 community, users, and vendors.
60 The vulnerability was discovered by Andy Davis of NGS Secure¹ and reported to
63 The patches were written by Volker Lendecke of the Samba Team.
69 ¹ http://www.ngssecure.com/research/research-overview.aspx
70 ² http://www.blackberry.com/btsc/KB29565