SecurityFocus

BugTraq

Re: FreeRadius 1.1.3 SMB_Handle_Type SMB_Connect_Server arbitrary code execution Jan 03 2007 12:34PM
3APA3A (3APA3A SECURITY NNOV RU)

Dear sapheal (at) hack (dot) pl [email concealed],

Please correct me, if I wrong, but as far as I can see, 'server'
parameter is taken from module configuration.

static CONF_PARSER module_config[] = {
{ "server", PW_TYPE_STRING_PTR, offsetof(rlm_smb_t,server), NULL, NULL},
{ "backup", PW_TYPE_STRING_PTR, ...

[ more ]