Samba call_trans2open buffer overflow

2006-06-02T00:00:00
ID SAINT:85D8FA14816A177813ABE4DD366C47F4
Type saint
Reporter SAINT Corporation
Modified 2006-06-02T00:00:00

Description

Added: 06/02/2006
CVE: CVE-2003-0201
BID: 7294
OSVDB: 4469

Background

Samba is a software package which implements the SMB protocol on a variety of platforms, providing compatibility with Windows systems.

Problem

A buffer overflow in the **call_trans2open** function allows anonymous remote attackers to execute arbitrary commands.

Resolution

Upgrade to Samba 2.2.8a or higher.

References

<http://www.kb.cert.org/vuls/id/267873>
<http://archives.neohapsis.com/archives/bugtraq/2003-04/0100.html>

Limitations

Exploit works on Samba 2.2.x.

Platforms

Linux
FreeBSD
SunOS / SunOS 5 / SunOS 5.9 / Solaris 9
SunOS / SunOS 5 / SunOS 5.7 / SunOS 5.8 / Solaris 7 / Solaris 8
SunOS / SunOS 5 / SunOS 5.6 / Solaris 2.6
Mac OS