AOH :: HP Unsorted B :: BX3345.HTM

Boundary failure when parsing SMB responses
CVE-2008-1105 - Boundary failure when parsing SMB responses
CVE-2008-1105 - Boundary failure when parsing SMB responses

Hash: SHA1

============================================================ Subject:     Boundary failure when parsing SMB responses
==              can result in a buffer overrun
=== CVE ID#:     CVE-2008-1105
=== Versions:    Samba 3.0.0 - 3.0.29 (inclusive)
=== Summary:     Specifically crafted SMB responses can result
==              in a heap overflow in the Samba client code.
==              Because the server process, smbd, can itself
==              act as a client during operations such as
==              printer notification and domain authentication,
==              this issue affects both Samba client and server
==              installations.
Secunia Research reported a vulnerability that allows for
the execution of arbitrary code in smbd.  This defect is
is a result of an incorrect buffer size when parsing SMB
replies in the routine receive_smb_raw().

=================Patch Availability
A patch addressing this defect has been posted to 

Additionally, Samba 3.0.30 has been issued as a security
release to correct the defect.  Samba administrators are
advised to upgrade to 3.0.30 or apply the patch as soon
as possible.

This vulnerability was reported to Samba developers by
Alin Rad Pop, Secunia Research.

The time line is as follows:

* May 15, 2008: Initial report to 
* May 15, 2008: First response from Samba developers confirming
  the bug along with a proposed patch.
* May 28, 2008: Public security advisory made available.

=========================================================== Our Code, Our Bugs, Our Responsibility.
== The Samba Team
=========================================================-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - 


The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH
We do not send spam. If you have received spam bearing an email address, please forward it with full headers to