Samba 'call_trans2open' Remote Buffer Overflow Vulnerability

CORE has developed a working commercial exploit for their IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.

Reports indicate that this vulnerability is being exploited actively in the wild.

An exploit has been made available by H D Moore of Digital Defense and is available from the following location:

http://www.digitaldefense.net/labs/tools/trans2root.pl

A new exploit (sambal.c) has been released by eSDee of Netric Security.

A new exploit (0x82-Remote.54AAb4.xpl.c) has been released by "you dong-hun"(Xpl017Elz), <szoahc@hotmail.com>.

A new exploit (0x333hate.c) has been released by c0wboy <c0wboy@tiscali.it>.

An exploit (samba_trans2open.pm) has been released as part of the MetaSploit Framework 2.0.

An exploit for Mac OS X has been released as part of the MetaSploit Framework 2.3.


 

Privacy Statement
Copyright 2010, SecurityFocus