Samba NDR RPC Request NetSetFileSecurity Heap-Based Buffer Overflow Vulnerability

Samba is prone to a remote heap-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it to an insufficiently sized memory buffer.

An attacker can exploit this issue to execute arbitrary code with superuser privileges, facilitating the complete remote compromise of affected computers. Failed exploit attempts will result in a denial of service.

This issue affects Samba 3.0.25rc3 and prior versions.


 

Privacy Statement
Copyright 2010, SecurityFocus