Stack-based buffer overflow in the send_mailslot function in nmbd in Samba 3.0.0 up to and including 3.0.27a, when the "domain logons" option is enabled, allows remote malicious users to execute arbitrary code via a GETDC mailslot request composed of a long GETDC string following an offset username in a SAMLOGON logon request.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
samba samba 2.0.1 |
||
samba samba 2.0.7 |
||
samba samba 2.0.8 |
||
samba samba 2.2.3 |
||
samba samba 2.2.3a |
||
samba samba 2.2.8a |
||
samba samba 2.2.9 |
||
samba samba 3.0.13 |
||
samba samba 3.0.14 |
||
samba samba 3.0.21b |
||
samba samba 3.0.21c |
||
samba samba 3.0.25 |
||
samba samba 3.0.25c |
||
samba samba 3.0.26 |
||
samba samba 2.0.3 |
||
samba samba 2.0.4 |
||
samba samba 2.2.0a |
||
samba samba 2.2.11 |
||
samba samba 2.2.6 |
||
samba samba 2.2.7 |
||
samba samba 3.0.1 |
||
samba samba 3.0.10 |
||
samba samba 3.0.20 |
||
samba samba 3.0.20a |
||
samba samba 3.0.20b |
||
samba samba 3.0.23b |
||
samba samba 3.0.23c |
||
samba samba 2.0.10 |
||
samba samba 2.0.2 |
||
samba samba 2.0.9 |
||
samba samba 2.2.0 |
||
samba samba 2.2.4 |
||
samba samba 2.2.5 |
||
samba samba 3.0.0 |
||
samba samba 3.0.14a |
||
samba samba 3.0.2 |
||
samba samba 3.0.22 |
||
samba samba 3.0.23a |
||
samba samba 3.0.26a |
||
samba samba 3.0.27 |
||
samba samba 3.0.2a |
||
samba samba 2.0.5 |
||
samba samba 2.0.6 |
||
samba samba 2.2.12 |
||
samba samba 2.2.1a |
||
samba samba 2.2.2 |
||
samba samba 2.2.7a |
||
samba samba 2.2.8 |
||
samba samba 3.0.11 |
||
samba samba 3.0.12 |
||
samba samba 3.0.21 |
||
samba samba 3.0.21a |
||
samba samba 3.0.23d |
||
samba samba 3.0.24 |
||
samba samba 3.0.25a |
||
samba samba 3.0.25b |