• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Samba Pre-2.0.5 Vulnerabilities

There were a number of vulnerabilities in the Samba package pre-2.0.5. The first is a possible denial of service in nmbd (the netbios name service daemon), which resulted in nmbd spinning until killed. The second vulnerability known is a possible buffer overflow problem in smbd which is not exploit in the default install/configuration. A function in the messaging system could be exploited and arbitrary code executed as root if the "message command" was set in smb.conf. There was also a race condition vulnerability which could possible allow an attacker to mount arbitrary points in the filesystem if smbmnt was setuid root (which it is not by default).