samba: potential buffer overruns [LWN.net]

Package(s):

samba

CVE #(s):

CAN-2004-0600 CAN-2004-0686

Created:

July 22, 2004

Updated:

September 2, 2004

Description:

According to this Samba advisory, Evgeny Demidov discovered that the Samba SMB/CIFS server has a buffer overflow bug in the Samba Web Administration Tool (SWAT) on decoding Base64 data during HTTP Basic Authentication. Samba versions between 3.0.2 through 3.0.4 are affected. (CAN-2004-0600)

Another buffer overflow bug has been located in the Samba code used to support the "mangling method = hash" functionality. The default setting for this parameter is "mangling method = hash2" and therefore Samba is not vulnerable by default. Samba versions between 2.2.0 through 2.2.9 and 3.0.0 through 3.0.4 are affected. (CAN-2004-0686)

Alerts:

Fedora	FEDORA-2004-285	2004-09-02
Fedora	FEDORA-2004-284	2004-09-02
Whitebox	WBSA-2004:259-01	2004-08-19
Conectiva	CLA-2004:854	2004-07-30
Gentoo	200407-21	2004-07-29
Trustix	TSLSA-2004-0039	2004-01-05
Red Hat	RHSA-2004:404-01	2004-07-26
Slackware	SSA:2004-207-01	2004-07-25
tinysofa	TSSA-2004-014	2004-07-23
SuSE	SUSE-SA:2004:022	2004-07-23
Netwosix	NW-2004-0015	2004-07-23
Mandrake	MDKSA-2004:071	2004-07-22
Conectiva	CLA-2004:851	2004-07-22
Red Hat	RHSA-2004:259-01	2004-07-22
OpenPKG	OpenPKG-SA-2004.033	2004-07-22

(Log in to post comments)

samba: potential buffer overruns

Posted Jul 30, 2004 23:28 UTC (Fri) by abartlet (subscriber, #3928) [Link]

To be clear - the default setting in Samba 3.0 is 'hash2', but in Samba 2.2 it is 'hash' (the one with the problem).

Andrew Bartlett
Samba Team