Bugtraq mailing list archives
Samba 3.x swat preauthentication buffer overflow
From: "Evgeny Demidov" <demidov () gleg net>
Date: Thu, 22 Jul 2004 19:05:55 +0400
Name: Samba 3.x swat preauthentication buffer overflow
Date: 22 Jule 2004 CVE candidate: CAN-2004-0600 Author: Evgeny Demidov Description:There exists a remote preauthentication buffer overflow in Samba 3.x swat administration service. All version of Samba 3.0.2-3.0.4 are vulnerable to our knowledge.
Fix:Samba 3.0.5 which fixes this problem is available: http://www.samba.org/samba/whatsnew/samba-3.0.5.html
History:28 April 2004 - vulnerability has been discovered during Samba source code audit by Evgeny Demidov 29 April 2004 - vulnerability details has been made available to VulnDisco clients 14 Jule 2004 - vulnerability has been reported to Samba Team
22 Jule 2004 - public release of the advisory
Current thread:
- Samba 3.x swat preauthentication buffer overflow Evgeny Demidov (Jul 22)