Samba call_trans2open buffer overflow

Added: 06/02/2006
CVE: CVE-2003-0201
BID: 7294
OSVDB: 4469

Background

Samba is a software package which implements the SMB protocol on a variety of platforms, providing compatibility with Windows systems.

Problem

A buffer overflow in the call_trans2open function allows anonymous remote attackers to execute arbitrary commands.

Resolution

Upgrade to Samba 2.2.8a or higher.

References

http://www.kb.cert.org/vuls/id/267873
http://archives.neohapsis.com/archives/bugtraq/2003-04/0100.html

Limitations

Exploit works on Samba 2.2.x.

Platforms

Linux
FreeBSD
SunOS / SunOS 5 / SunOS 5.9 / Solaris 9
SunOS / SunOS 5 / SunOS 5.7 / SunOS 5.8 / Solaris 7 / Solaris 8
SunOS / SunOS 5 / SunOS 5.6 / Solaris 2.6
Mac OS

Back to exploit index