Samba is a software package which implements the SMB protocol on a variety of platforms, providing compatibility with Windows systems.
A vulnerability in the LSA RPC interface allows a remote attacker to execute arbitrary commands by sending a specially crafted
**LsarLookupSids/LsarLookupSids2** request, which causes a buffer overflow in the
Exploit works on Samba 3.0.24 on Sun SPARC Solaris 9 and Samba 3.0.22 on SuSE Linux Enterprise Server 10.
Since the exploit uses a brute force method, extra time may be required before the exploit succeeds.
The Crypt::DES, Digest::MD4, and Digest::MD5 packages are required for this exploit. These packages are available from <http://cpan.org/modules/by-module/>.
SunOS / Solaris