Samba 'receive_smb_raw()' Buffer Overflow Vulnerability

Bugtraq ID: 29404
Class: Boundary Condition Error
CVE: CVE-2008-1105
Remote: Yes
Local: No
Published: May 28 2008 12:00AM
Updated: Feb 10 2009 03:18PM
Credit: Alin Rad Pop, Secunia Research
Vulnerable: Xerox WorkCentre Pro 275
Xerox WorkCentre Pro 265
Xerox WorkCentre Pro 255
Xerox WorkCentre Pro 245
Xerox WorkCentre Pro 238
Xerox WorkCentre Pro 232
Xerox WorkCentre 7675 0
Xerox WorkCentre 7665 0
Xerox WorkCentre 7655 0
Xerox WorkCentre 5687
Xerox WorkCentre 5675
Xerox WorkCentre 5665
Xerox WorkCentre 5655
Xerox WorkCentre 5645
Xerox WorkCentre 5635
Xerox WorkCentre 5623
Xerox WorkCentre 275
Xerox WorkCentre 265
Xerox WorkCentre 255
Xerox WorkCentre 245
Xerox WorkCentre 238
Xerox WorkCentre 232
VMWare ESX Server 3.0.2
VMWare ESX Server 3.0.1
VMWare ESX Server 2.5.5
VMWare ESX Server 2.5.4
VMWare ESX Server 3.5
Ubuntu Ubuntu Linux 8.04 LTS sparc
Ubuntu Ubuntu Linux 8.04 LTS powerpc
Ubuntu Ubuntu Linux 8.04 LTS lpia
Ubuntu Ubuntu Linux 8.04 LTS i386
Ubuntu Ubuntu Linux 8.04 LTS amd64
Ubuntu Ubuntu Linux 7.10 sparc
Ubuntu Ubuntu Linux 7.10 powerpc
Ubuntu Ubuntu Linux 7.10 lpia
Ubuntu Ubuntu Linux 7.10 i386
Ubuntu Ubuntu Linux 7.10 amd64
Ubuntu Ubuntu Linux 7.04 sparc
Ubuntu Ubuntu Linux 7.04 powerpc
Ubuntu Ubuntu Linux 7.04 i386
Ubuntu Ubuntu Linux 7.04 amd64
Ubuntu Ubuntu Linux 6.06 LTS sparc
Ubuntu Ubuntu Linux 6.06 LTS powerpc
Ubuntu Ubuntu Linux 6.06 LTS i386
Ubuntu Ubuntu Linux 6.06 LTS amd64
Turbolinux Turbolinux Server 10.0
Turbolinux Turbolinux Server 11 x64
Turbolinux Turbolinux Server 11
Turbolinux Turbolinux Server 10.0.0 x64
Turbolinux FUJI 0
Turbolinux Appliance Server 3.0 x64
Turbolinux Appliance Server 3.0
Turbolinux Appliance Server 2.0
SuSE SUSE Linux Enterprise Server 8
+ Linux kernel 2.4.21
+ Linux kernel 2.4.19
SuSE SUSE Linux Enterprise Server 10 SP2
SuSE SUSE Linux Enterprise Server 10 SP1
SuSE SUSE Linux Enterprise SDK 10.SP1
SuSE SUSE Linux Enterprise SDK 10 SP2
SuSE SUSE Linux Enterprise Desktop 10 SP2
SuSE SUSE Linux Enterprise Desktop 10 SP1
Sun Solaris 9_x86
Sun Solaris 9
Sun Solaris 10.0_x86
Sun Solaris 10.0
Slackware Linux 10.2
Slackware Linux 10.1
Slackware Linux 10.0
Slackware Linux 12.1
Slackware Linux 12.0
Slackware Linux 11.0
Slackware Linux -current
Samba Samba 3.0.29
Samba Samba 3.0.28 a
Samba Samba 3.0.28
Samba Samba 3.0.26a
Samba Samba 3.0.23d
+ Mandriva Linux Mandrake 2007.0 x86_64
+ Mandriva Linux Mandrake 2007.0
S.u.S.E. openSUSE 10.3
S.u.S.E. openSUSE 10.2
S.u.S.E. Open-Enterprise-Server 0
S.u.S.E. Novell Linux POS 9
S.u.S.E. Novell Linux Desktop 9
S.u.S.E. Linux Professional 10.1
S.u.S.E. Linux Personal 10.1
S.u.S.E. Linux Enterprise Server 9
rPath rPath Linux 2
rPath rPath Linux 1
rPath Appliance Platform Linux Service 1
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux WS 3
RedHat Enterprise Linux WS 2.1 IA64
RedHat Enterprise Linux WS 2.1
RedHat Enterprise Linux ES 4.5.z
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux ES 3
RedHat Enterprise Linux ES 2.1 IA64
RedHat Enterprise Linux ES 2.1
RedHat Enterprise Linux 5 server
RedHat Desktop 4.0
RedHat Desktop 3.0
RedHat Advanced Workstation for the Itanium Processor 2.1 IA64
Red Hat Fedora 9
Red Hat Fedora 8
Red Hat Fedora 7
Red Hat Enterprise Linux Desktop 5 client
Red Hat Enterprise Linux AS 4.5.z
Red Hat Enterprise Linux AS 4
Red Hat Enterprise Linux AS 3
Red Hat Enterprise Linux AS 2.1 IA64
Red Hat Enterprise Linux AS 2.1
Nortel Networks Self-Service Peri Workstation 0
Nortel Networks Self-Service Peri Application 0
Nortel Networks Self-Service MPS 1000 0
Nortel Networks Self-Service - CCSS7 0
Mandriva Linux Mandrake 2008.1 x86_64
Mandriva Linux Mandrake 2008.1
Mandriva Linux Mandrake 2008.0 x86_64
Mandriva Linux Mandrake 2008.0
Mandriva Linux Mandrake 2007.1 x86_64
Mandriva Linux Mandrake 2007.1
MandrakeSoft Corporate Server 4.0 x86_64
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
MandrakeSoft Corporate Server 4.0
HP HP-UX B.11.31
HP HP-UX B.11.23
HP HP-UX B.11.11
HP CIFS Server A.2.03
HP CIFS Server A.02.02
HP CIFS Server A.02.01
Gentoo Linux
Debian Linux 4.0 sparc
Debian Linux 4.0 s/390
Debian Linux 4.0 powerpc
Debian Linux 4.0 mipsel
Debian Linux 4.0 mips
Debian Linux 4.0 m68k
Debian Linux 4.0 ia-64
Debian Linux 4.0 ia-32
Debian Linux 4.0 hppa
Debian Linux 4.0 arm
Debian Linux 4.0 amd64
Debian Linux 4.0 alpha
Debian Linux 4.0
Apple Mac OS X Server 10.5.3
Apple Mac OS X Server 10.5.2
Apple Mac OS X Server 10.5.1
Apple Mac OS X Server 10.4.11
Apple Mac OS X Server 10.5
Apple Mac OS X 10.5.3
Apple Mac OS X 10.5.2
Apple Mac OS X 10.5.1
Apple Mac OS X 10.4.11
Apple Mac OS X 10.5
Not Vulnerable: Samba Samba 3.0.30
+ Mandriva Linux Mandrake 2007.1 x86_64
+ Mandriva Linux Mandrake 2007.1
+ Ubuntu Ubuntu Linux 7.04 sparc
+ Ubuntu Ubuntu Linux 7.04 powerpc
+ Ubuntu Ubuntu Linux 7.04 i386
+ Ubuntu Ubuntu Linux 7.04 amd64
HP CIFS Server A.02.03.04
Apple Mac OS X Server 10.5.4
Apple Mac OS X 10.5.4


 

Privacy Statement
Copyright 2010, SecurityFocus