• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Samba Server Encrypted Password Buffer Overrun Vulnerability

A buffer overrun condition has been discovered in the password change request routine used in Samba. Due to insufficient bounds checking of user supplied input, is possible to trigger this condition by passing smbd an encrypted password of excessive length.

It has been reported that applications implementing the pam_smbpass PAM module are locally exploitable. It may also be possible to trigger this condition remotely, potentially resulting in the execution of arbitrary code with super user privileges.