Intrusion Prevention

Samba.Receive.Smb.Raw.Remote.Buffer.Overflow

Description

This indicates an attempt to exploit a Buffer Overflow vulnerability in Samba.
The vulnerability is due to the "receive_smb_raw()" function's failure to properly bounds check user supplied data when processing SMB packets. A remote attacker may be able to exploit this by sending overly large SMB packets.

Affected Products

Samba 3.0 through 3.0.29

Impact

System Compromise: Remote attackers may gain control of vulnerable systems.
Denial of Service.

Recommended Actions

Apply the latest update from the vendor:
http://www.samba.org

CVE References

CVE-2008-1105