Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!

TUCoPS :: Unix :: General :: smbval-1.htm

Smbval library exploitable buffer overflows



    smbval library


    Patrick  Michael  Kane  found  following.   While  working  on his
    Authen::Smb  wrapper,  which  provides  SMB authentication to UNIX
    hosts via  perl, Patrick  discovered that  the library  that it is
    based  on,  smbvalid.a  (originally  written  by  Richard  Sharpe,
    patched by many folks through  time -- available from a  number of
    places  via  http/ftp),  has   a  number  of  exploitable   buffer
    overflows.  The  username and password  arrays, among others,  are
    vulnerable  to  overflow.   Remotely  accessible applications that
    rely on the smbvalid library for authentication may be  vulnerable
    to   remote   attack.    At   this   time,   Apache::AuthenSmb,  a
    mod_perl-based  authentication  module  for  Apache,  is  the only
    formal  application  I  am  aware  of  that is vulnerable.  Custom
    developed   applications   should   be   examined   for   possible

    pam_smb, which is also built around smbvalid, does _not_ apper  to
    be vulnerable to attacks.


    Authen::Smb 0.9 has been released which addresses this problem and
    is available via  CPAN.  No  patches are available  to correct the
    problem in the library itself at this time.

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH