Samba call_trans2open buffer overflow

2006-06-02T00:00:00
ID SAINT:D8C30097FDE4F240080C1E664EBDE2B4
Type saint
Reporter SAINT Corporation
Modified 2006-06-02T00:00:00

Description

Added: 06/02/2006
CVE: CVE-2003-0201
BID: 7294
OSVDB: 4469

Background

Samba is a software package which implements the SMB protocol on a variety of platforms, providing compatibility with Windows systems.

Problem

A buffer overflow in the **call_trans2open** function allows anonymous remote attackers to execute arbitrary commands.

Resolution

Upgrade to Samba 2.2.8a or higher.

References

<http://www.kb.cert.org/vuls/id/267873>
<http://archives.neohapsis.com/archives/bugtraq/2003-04/0100.html>

Limitations

Exploit works on Samba 2.2.x.

Platforms

Linux
FreeBSD
SunOS / SunOS 5 / SunOS 5.9 / Solaris 9
SunOS / SunOS 5 / SunOS 5.7 / SunOS 5.8 / Solaris 7 / Solaris 8
SunOS / SunOS 5 / SunOS 5.6 / Solaris 2.6
Mac OS