FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Multiple Potential Buffer Overruns in Samba

Affected packages
3.* < samba < 3.0.5
3.*,1 < samba < 3.0.5,1
samba < 2.2.10
ja-samba < 2.2.10.j1.0

Details

VuXML ID 2de14f7a-dad9-11d8-b59a-00061bc2ad93
Discovery 2004-07-14
Entry 2004-07-21
Modified 2008-09-26

Evgeny Demidov discovered that the Samba server has a buffer overflow in the Samba Web Administration Tool (SWAT) on decoding Base64 data during HTTP Basic Authentication. Versions 3.0.2 through 3.0.4 are affected.

Another buffer overflow bug has been found in the code used to support the "mangling method = hash" smb.conf option. The default setting for this parameter is "mangling method = hash2" and therefore not vulnerable. Versions between 2.2.0 through 2.2.9 and 3.0.0 through 3.0.4 are affected.

References

CVE Name CVE-2004-0600
CVE Name CVE-2004-0686
Message web-53121174@cgp.agava.net
Message 200407222031.25086.bugtraq@beyondsecurity.com
URL http://secunia.com/advisories/12130
URL http://www.osvdb.org/8190
URL http://www.osvdb.org/8191
URL http://www.samba.org/samba/whatsnew/samba-2.2.10.html
URL http://www.samba.org/samba/whatsnew/samba-3.0.5.html