CVE-2010-3069

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus

SecuriTeam™
Beyond Security®

SecuriTeam™ Home
Ask the Team
Mailing Lists
Advertising Info
Blogs

	SecuriTeam™ in Your Inbox

	E-mail this CVE-2010-3069 to a friend

New vulnerability?
New tool?
Tell us

Credit:
The information has been provided by Andrew Bartlett.

Website Security Scan	Code Vulnerability Test	Network Assessment Tool
Detect hidden vulnerabilities	Exhaustive automated testing	Real-time, continuous security
Get guidance from professionals	of internal or 3rd party code.	scanning for your entire network

Check for CVE-2010-3069

Vulnerability Assessment and Management.
Automated Pen Testing for 50 to 50,000 nodes
beyondsecurity.com/vulnerability-scanner

Vulnerable Systems:
* Samba 3.0.x - 3.5.x (inclusive)

All current released versions of Samba are vulnerable to a buffer overrun vulnerability. The sid_parse() function (and related dom_sid_parse() function in the source4 code) do not correctly check their input lengths when reading a binary representation of a Windows SID (Security ID). This allows a malicious client to send a sid that can overflow the stack variable that is being used to store the SID in the Samba smbd server.

A connection to a file share is needed to exploit this
vulnerability, either authenticated or unauthenticated
(guest connection).

Vendor Status:
Samba had issued an update for this vulnerability.

Patch Availability:
A patch addressing this defect has been posted to

http://www.samba.org/samba/security/

CVE Information:
CVE-2010-3069

Disclosure Timeline:
Date issued: 14 Sep 2010

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus