Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 SMB:EXPLOIT:SMB1-CHAINING-MC

Severity

 Critical

Recommended

 Yes

Recommended Action

 Drop

Category

 SMB

Keywords

 Samba SMB1 Packets Chaining Memory Corruption

Release Date

 2010/10/01

Update Number

 1784

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

SMB: Samba SMB1 Packets Chaining Memory Corruption


This signature detects attempts to exploit a known memory corruption vulnerability in Samba. It is due to improper validation when chaining SMB1 packets. Remote attackers can exploit this by sending a crafted SMB message to a target SMB server. A successful attack can result in remote code execution with root privileges.

Extended Description

Samba is prone to an unspecified memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the application. Failed attacks may cause a denial-of-service condition. Samba versions prior to 3.3.13 are vulnerable.

Affected Products

  • Apple Mac OS X 10.5
  • Apple Mac OS X 10.5.0
  • Apple Mac OS X 10.5.1
  • Apple Mac OS X 10.5.2
  • Apple Mac OS X 10.5.3
  • Apple Mac OS X 10.5.4
  • Apple Mac OS X 10.5.5
  • Apple Mac OS X 10.5.6
  • Apple Mac OS X 10.5.7
  • Apple Mac OS X 10.5.8
  • Apple Mac OS X 10.6
  • Apple Mac OS X 10.6.1
  • Apple Mac OS X 10.6.2
  • Apple Mac OS X 10.6.3
  • Apple Mac OS X 10.6.4
  • Apple Mac OS X Server 10.5
  • Apple Mac OS X Server 10.5.0
  • Apple Mac OS X Server 10.5.1
  • Apple Mac OS X Server 10.5.2
  • Apple Mac OS X Server 10.5.3
  • Apple Mac OS X Server 10.5.4
  • Apple Mac OS X Server 10.5.5
  • Apple Mac OS X Server 10.5.6
  • Apple Mac OS X Server 10.5.7
  • Apple Mac OS X Server 10.5.8
  • Apple Mac OS X Server 10.6
  • Apple Mac OS X Server 10.6.1
  • Apple Mac OS X Server 10.6.2
  • Apple Mac OS X Server 10.6.3
  • Apple Mac OS X Server 10.6.4
  • Avaya Message Networking 3.1
  • Avaya Message Networking 5.2
  • Avaya Message Networking MN 3.1
  • Avaya Message Networking
  • Avaya Messaging Storage Server 1.0
  • Avaya Messaging Storage Server 2.0
  • Avaya Messaging Storage Server 3.1
  • Avaya Messaging Storage Server 3.1 SP1
  • Avaya Messaging Storage Server 4.0
  • Avaya Messaging Storage Server 5.0
  • Avaya Messaging Storage Server 5.1
  • Avaya Messaging Storage Server 5.2
  • Avaya Messaging Storage Server MM3.0
  • Avaya Messaging Storage Server
  • Avaya Voice Portal 3.0
  • Avaya Voice Portal 4.0
  • Avaya Voice Portal 4.1
  • Avaya Voice Portal 4.1 SP1
  • Avaya Voice Portal 4.1 SP2
  • Avaya Voice Portal 5.0
  • Avaya Voice Portal 5.0 SP1
  • Avaya Voice Portal 5.0 SP2
  • Avaya Voice Portal 5.1
  • Debian Linux 5.0
  • Debian Linux 5.0 Alpha
  • Debian Linux 5.0 Amd64
  • Debian Linux 5.0 Arm
  • Debian Linux 5.0 Armel
  • Debian Linux 5.0 Hppa
  • Debian Linux 5.0 Ia-32
  • Debian Linux 5.0 Ia-64
  • Debian Linux 5.0 M68k
  • Debian Linux 5.0 Mips
  • Debian Linux 5.0 Mipsel
  • Debian Linux 5.0 Powerpc
  • Debian Linux 5.0 S/390
  • Debian Linux 5.0 Sparc
  • Gentoo Linux
  • HP CIFS-Server A.02.03.05
  • HP CIFS-Server A.02.04.01
  • HP HP-UX B.11.11
  • HP HP-UX B.11.11
  • HP HP-UX B.11.23
  • HP HP-UX B.11.23
  • HP HP-UX B.11.31
  • Mandriva Corporate Server 4.0
  • Mandriva Corporate Server 4.0.0 X86 64
  • Mandriva Enterprise Server 5
  • Mandriva Enterprise Server 5 X86 64
  • Mandriva Linux Mandrake 2008.0
  • Mandriva Linux Mandrake 2008.0 X86 64
  • Mandriva Linux Mandrake 2009.0
  • Mandriva Linux Mandrake 2009.0 X86 64
  • Mandriva Linux Mandrake 2009.1
  • Mandriva Linux Mandrake 2009.1 X86 64
  • Pardus Linux 2009
  • Red Hat Desktop 3.0.0
  • Red Hat Enterprise Linux 5.3.Z Server
  • Red Hat Enterprise Linux 5.4.Z Server
  • Red Hat Enterprise Linux 5 Server
  • Red Hat Enterprise Linux Desktop Version 4
  • Red Hat Enterprise Linux AS 3
  • Red Hat Enterprise Linux AS 4
  • Red Hat Enterprise Linux AS 4.7.Z
  • Red Hat Enterprise Linux Desktop 5 Client
  • Red Hat Enterprise Linux ES 3
  • Red Hat Enterprise Linux ES 4
  • Red Hat Enterprise Linux ES 4.7.Z
  • Red Hat Enterprise Linux WS 3
  • Red Hat Enterprise Linux WS 4
  • rPath Appliance Platform Linux Service 2
  • rPath rPath Linux 2
  • Samba 3.0.0
  • Samba 3.0.0 Alpha
  • Samba 3.0.1
  • Samba 3.0.10
  • Samba 3.0.11
  • Samba 3.0.12
  • Samba 3.0.13
  • Samba 3.0.14
  • Samba 3.0.14A
  • Samba 3.0.2
  • Samba 3.0.20
  • Samba 3.0.20A
  • Samba 3.0.20B
  • Samba 3.0.21
  • Samba 3.0.21A
  • Samba 3.0.21B
  • Samba 3.0.21C
  • Samba 3.0.22
  • Samba 3.0.23A
  • Samba 3.0.23B
  • Samba 3.0.23C
  • Samba 3.0.23D
  • Samba 3.0.24
  • Samba 3.0.25
  • Samba 3.0.25A
  • Samba 3.0.25B
  • Samba 3.0.25C
  • Samba 3.0.25 Pre1
  • Samba 3.0.25 Pre2
  • Samba 3.0.25 Rc1
  • Samba 3.0.25 Rc2
  • Samba 3.0.25 Rc3
  • Samba 3.0.26
  • Samba 3.0.26A
  • Samba 3.0.27
  • Samba 3.0.27A
  • Samba 3.0.28
  • Samba 3.0.28A
  • Samba 3.0.29
  • Samba 3.0.2 A
  • Samba 3.0.3
  • Samba 3.0.30
  • Samba 3.0.32
  • Samba 3.0.33
  • Samba 3.0.34
  • Samba 3.0.35
  • Samba 3.0.36
  • Samba 3.0.37
  • Samba 3.0.4
  • Samba 3.0.4 -R1
  • Samba 3.0.5
  • Samba 3.0.6
  • Samba 3.0.7
  • Samba 3.0.8
  • Samba 3.0.9
  • Samba 3.2.0
  • Samba 3.2.1
  • Samba 3.2.12
  • Samba 3.2.13
  • Samba 3.2.14
  • Samba 3.2.15
  • Samba 3.2.2
  • Samba 3.2.3
  • Samba 3.2.4
  • Samba 3.2.5
  • Samba 3.3.10
  • Samba 3.3.11
  • Samba 3.3.12
  • Samba 3.3.5
  • Samba 3.3.6
  • Samba 3.3.7
  • Samba 3.3.8
  • Slackware Linux 10.0.0
  • Slackware Linux 10.1.0
  • Slackware Linux 10.2.0
  • Slackware Linux 11.0
  • Slackware Linux 12.0
  • Slackware Linux 12.1
  • Slackware Linux 12.2
  • Slackware Linux 13.0
  • Slackware Linux 13.0 X86 64
  • Sun OpenSolaris Build Snv 111B
  • Sun Solaris 10 Sparc
  • Sun Solaris 10 X86
  • Sun Solaris 9 Sparc
  • Sun Solaris 9 X86
  • SuSE Novell Linux POS 9
  • SuSE Open-Enterprise-Server
  • SuSE openSUSE 11.0
  • SuSE openSUSE 11.1
  • SuSE SUSE Linux Enterprise 10 SP3
  • SuSE SUSE Linux Enterprise 11
  • SuSE SUSE Linux Enterprise Desktop 10 SP3
  • SuSE SUSE Linux Enterprise Desktop 11
  • SuSE SUSE Linux Enterprise SDK 10 SP3
  • SuSE SUSE Linux Enterprise Server 10 SP3
  • SuSE SUSE Linux Enterprise Server 11
  • SuSE SUSE Linux Enterprise Server 9
  • SuSE SUSE Linux Enterprise Software Development Kit 11
  • Ubuntu Ubuntu Linux 6.06 LTS Amd64
  • Ubuntu Ubuntu Linux 6.06 LTS I386
  • Ubuntu Ubuntu Linux 6.06 LTS Powerpc
  • Ubuntu Ubuntu Linux 6.06 LTS Sparc
  • Ubuntu Ubuntu Linux 8.04 LTS Amd64
  • Ubuntu Ubuntu Linux 8.04 LTS I386
  • Ubuntu Ubuntu Linux 8.04 LTS Lpia
  • Ubuntu Ubuntu Linux 8.04 LTS Powerpc
  • Ubuntu Ubuntu Linux 8.04 LTS Sparc
  • Ubuntu Ubuntu Linux 9.04 Amd64
  • Ubuntu Ubuntu Linux 9.04 I386
  • Ubuntu Ubuntu Linux 9.04 Lpia
  • Ubuntu Ubuntu Linux 9.04 Powerpc
  • Ubuntu Ubuntu Linux 9.04 Sparc
  • VMWare ESX Server 3.5
  • Xerox WorkCentre 5735
  • Xerox WorkCentre 5740
  • Xerox WorkCentre 5740
  • Xerox WorkCentre 5745
  • Xerox WorkCentre 5755
  • Xerox WorkCentre 5755
  • Xerox WorkCentre 5765
  • Xerox WorkCentre 5765
  • Xerox WorkCentre 5775
  • Xerox WorkCentre 5775
  • Xerox WorkCentre 5790
  • Xerox WorkCentre 5790

References

  • BugTraq: 40884
  • CVE: CVE-2010-2063
  • URL: http://www.samba.org/samba/security/CVE-2010-2063.html

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out