Signature Detail
Short Name |
SMB:OF:MAL-QFILEPATHINFO |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
SMB |
Keywords |
Samba Malformed QFILEPATHINFO Attack |
Release Date |
2005/05/19 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
SMB: Samba Malformed QFILEPATHINFO Attack
This signature detects attempts to exploit a known vulnerability against a Samba server. Attackers can send malformed QFILEPATHINFO responses to a Samba server, which can cause a denial of service (DoS) or allow them to execute arbitrary code on the server.
Extended Description
Samba is reported prone to a remote buffer overflow vulnerability. This issue presents itself because the application does not perform proper boundary checks before copying user-supplied data into finite sized process buffers. This issue can allow an attacker to execute arbitrary code on a vulnerable computer to gain unauthorized access. This vulnerability is reported to affect Samba versions 3.0.0 to 3.0.7.
Affected Products
- Conectiva Linux 10.0.0
- Red Hat Advanced Workstation for the Itanium Processor 2.1.0
- Red Hat Advanced Workstation for the Itanium Processor 2.1.0 IA64
- Red Hat Desktop 3.0.0
- Red Hat Enterprise Linux AS 2.1
- Red Hat Enterprise Linux AS 2.1 IA64
- Red Hat Enterprise Linux AS 3
- Red Hat Enterprise Linux ES 2.1
- Red Hat Enterprise Linux ES 2.1 IA64
- Red Hat Enterprise Linux ES 3
- Red Hat Enterprise Linux WS 2.1
- Red Hat Enterprise Linux WS 2.1 IA64
- Red Hat Enterprise Linux WS 3
- Red Hat Fedora Core2
- Red Hat Fedora Core3
- Samba 3.0.0
- Samba 3.0.0 Alpha
- Samba 3.0.1
- Samba 3.0.2
- Samba 3.0.2 A
- Samba 3.0.3
- Samba 3.0.4
- Samba 3.0.4 -R1
- Samba 3.0.5
- Samba 3.0.6
- Samba 3.0.7
- SCO Unixware 7.1.4
- Ubuntu Ubuntu Linux 4.1.0 Ia32
- Ubuntu Ubuntu Linux 4.1.0 Ia64
- Ubuntu Ubuntu Linux 4.1.0 Ppc
References