• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Samba Directory Access Control List Remote Integer Overflow Vulnerability

A remotely exploitable integer-overflow vulnerability affects Samba's directory access control list (DACL) processing functionality. This issue is due to the application's failure to properly perform sanity checking on calculated data sizes before copying data into static process buffers.

An attacker with access to an SMB share may leverage this issue to overwrite the heap of the affected process, facilitating code execution with superuser privileges.