Signature Detail
Short Name |
SMB:OF:RECV-RAW-BO |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
SMB |
Keywords |
Samba receive_smb_raw SMB Packets Parsing Buffer Overflow |
Release Date |
2013/07/30 |
Update Number |
2286 |
Supported Platforms |
idp-4.1.110110609+, isg-3.4.139899+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
SMB: Samba receive_smb_raw SMB Packets Parsing Buffer Overflow
This signature detects attempts to exploit a known vulnerability in the Samba package. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the affected user.
Extended Description
Samba is prone to a remote heap-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. The issue occurs when the application processes SMB packets in a client context. An attacker can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in a denial of service. The issue affects Samba 3.0.28a and 3.0.29; other versions may also be affected. NOTE: This BID was originally titled 'Samba 'lib/util_sock.c' Buffer Overflow Vulnerability'. The title was changed to better identify the issue.
Affected Products
- Apple Mac OS X 10.4.11
- Apple Mac OS X 10.5
- Apple Mac OS X 10.5.1
- Apple Mac OS X 10.5.2
- Apple Mac OS X 10.5.3
- Apple Mac OS X Server 10.4.11
- Apple Mac OS X Server 10.5
- Apple Mac OS X Server 10.5.1
- Apple Mac OS X Server 10.5.2
- Apple Mac OS X Server 10.5.3
- Debian Linux 4.0
- Debian Linux 4.0 Alpha
- Debian Linux 4.0 Amd64
- Debian Linux 4.0 Arm
- Debian Linux 4.0 Hppa
- Debian Linux 4.0 Ia-32
- Debian Linux 4.0 Ia-64
- Debian Linux 4.0 M68k
- Debian Linux 4.0 Mips
- Debian Linux 4.0 Mipsel
- Debian Linux 4.0 Powerpc
- Debian Linux 4.0 S/390
- Debian Linux 4.0 Sparc
- Gentoo Linux
- HP CIFS Server A.02.01
- HP CIFS Server A.02.02
- HP CIFS Server A.2.03
- HP HP-UX B.11.11
- HP HP-UX B.11.23
- HP HP-UX B.11.31
- Mandriva Corporate Server 3.0.0
- Mandriva Corporate Server 3.0.0 X86 64
- Mandriva Corporate Server 4.0
- Mandriva Corporate Server 4.0.0 X86 64
- Mandriva Linux Mandrake 2007.1
- Mandriva Linux Mandrake 2007.1 X86 64
- Mandriva Linux Mandrake 2008.0
- Mandriva Linux Mandrake 2008.0 X86 64
- Mandriva Linux Mandrake 2008.1
- Mandriva Linux Mandrake 2008.1 X86 64
- Nortel Networks Self-Service - CCSS7
- Nortel Networks Self-Service MPS 1000
- Nortel Networks Self-Service Peri Application
- Nortel Networks Self-Service Peri Workstation
- Red Hat Advanced Workstation for the Itanium Processor 2.1.0 IA64
- Red Hat Desktop 3.0.0
- Red Hat Desktop 4.0.0
- Red Hat Enterprise Linux 5 Server
- Red Hat Enterprise Linux AS 2.1
- Red Hat Enterprise Linux AS 2.1 IA64
- Red Hat Enterprise Linux AS 3
- Red Hat Enterprise Linux AS 4
- Red Hat Enterprise Linux AS 4.5.Z
- Red Hat Enterprise Linux Desktop 5 Client
- Red Hat Enterprise Linux ES 2.1
- Red Hat Enterprise Linux ES 2.1 IA64
- Red Hat Enterprise Linux ES 3
- Red Hat Enterprise Linux ES 4
- Red Hat Enterprise Linux ES 4.5.Z
- Red Hat Enterprise Linux WS 2.1
- Red Hat Enterprise Linux WS 2.1 IA64
- Red Hat Enterprise Linux WS 3
- Red Hat Enterprise Linux WS 4
- Red Hat Fedora 7
- Red Hat Fedora 8
- Red Hat Fedora 9
- rPath Appliance Platform Linux Service 1
- rPath rPath Linux 1
- rPath rPath Linux 2
- Samba 3.0.23D
- Samba 3.0.26A
- Samba 3.0.28
- Samba 3.0.28A
- Samba 3.0.29
- Slackware Linux 10.0.0
- Slackware Linux 10.1.0
- Slackware Linux 10.2.0
- Slackware Linux 11.0
- Slackware Linux 12.0
- Slackware Linux 12.1
- Slackware Linux -Current
- Sun Solaris 10 Sparc
- Sun Solaris 10 X86
- Sun Solaris 9 Sparc
- Sun Solaris 9 X86
- SuSE Linux Personal 10.1
- SuSE Linux Professional 10.1
- SuSE Novell Linux Desktop 9.0.0
- SuSE Novell Linux POS 9
- SuSE Open-Enterprise-Server
- SuSE openSUSE 10.2
- SuSE openSUSE 10.3
- SuSE SUSE Linux Enterprise Desktop 10 SP1
- SuSE SUSE Linux Enterprise Desktop 10 SP2
- SuSE SUSE Linux Enterprise SDK 10.SP1
- SuSE SUSE Linux Enterprise SDK 10 SP2
- SuSE SUSE Linux Enterprise Server 10 SP1
- SuSE SUSE Linux Enterprise Server 10 SP2
- SuSE SUSE Linux Enterprise Server 8
- SuSE SUSE Linux Enterprise Server 9
- Turbolinux Appliance Server 2.0
- Turbolinux Appliance Server 3.0
- Turbolinux Appliance Server 3.0 X64
- Turbolinux FUJI
- Turbolinux Turbolinux Server 10.0.0
- Turbolinux Turbolinux Server 10.0.0 X64
- Turbolinux Turbolinux Server 11
- Turbolinux Turbolinux Server 11 X64
- Ubuntu Ubuntu Linux 6.06 LTS Amd64
- Ubuntu Ubuntu Linux 6.06 LTS I386
- Ubuntu Ubuntu Linux 6.06 LTS Powerpc
- Ubuntu Ubuntu Linux 6.06 LTS Sparc
- Ubuntu Ubuntu Linux 7.04 Amd64
- Ubuntu Ubuntu Linux 7.04 I386
- Ubuntu Ubuntu Linux 7.04 Powerpc
- Ubuntu Ubuntu Linux 7.04 Sparc
- Ubuntu Ubuntu Linux 7.10 Amd64
- Ubuntu Ubuntu Linux 7.10 I386
- Ubuntu Ubuntu Linux 7.10 Lpia
- Ubuntu Ubuntu Linux 7.10 Powerpc
- Ubuntu Ubuntu Linux 7.10 Sparc
- Ubuntu Ubuntu Linux 8.04 LTS Amd64
- Ubuntu Ubuntu Linux 8.04 LTS I386
- Ubuntu Ubuntu Linux 8.04 LTS Lpia
- Ubuntu Ubuntu Linux 8.04 LTS Powerpc
- Ubuntu Ubuntu Linux 8.04 LTS Sparc
- VMWare ESX Server 2.5.4
- VMWare ESX Server 2.5.5
- VMWare ESX Server 3.0.1
- VMWare ESX Server 3.0.2
- VMWare ESX Server 3.5
- Xerox WorkCentre 232
- Xerox WorkCentre 238
- Xerox WorkCentre 245
- Xerox WorkCentre 255
- Xerox WorkCentre 265
- Xerox WorkCentre 275
- Xerox WorkCentre 5623
- Xerox WorkCentre 5635
- Xerox WorkCentre 5645
- Xerox WorkCentre 5655
- Xerox WorkCentre 5665
- Xerox WorkCentre 5675
- Xerox WorkCentre 5687
- Xerox WorkCentre 7655
- Xerox WorkCentre 7665
- Xerox WorkCentre 7675
- Xerox WorkCentre Pro 232
- Xerox WorkCentre Pro 238
- Xerox WorkCentre Pro 245
- Xerox WorkCentre Pro 255
- Xerox WorkCentre Pro 265
- Xerox WorkCentre Pro 275
References
- BugTraq: 29404
- CVE: CVE-2008-1105