Published: 29/05/2008 Updated: 29/08/2022

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Heap-based buffer overflow in the receive_smb_raw function in util/sock.c in Samba 3.0.0 up to and including 3.0.29 allows remote malicious users to execute arbitrary code via a crafted SMB response.

Vulnerable Product	Search on Vulmon	Subscribe to Product
samba samba
canonical ubuntu linux 7.04
canonical ubuntu linux 7.10
canonical ubuntu linux 8.04
canonical ubuntu linux 6.06
debian debian linux 4.0

Debian Bug report logs - #483410 CVE-2008-1105: Boundary failure when parsing SMB responses can result in a buffer overrun Package: samba; Maintainer for samba is Debian Samba Maintainers <pkg-samba-maint@listsaliothdebianorg>; Source for samba is src:samba (PTS, buildd, popcon) Reported by: Christian Perrier <bubulle@ ...

Samba developers discovered that nmbd could be made to overrun a buffer during the processing of GETDC logon server requests When samba is configured as a Primary or Backup Domain Controller, a remote attacker could send malicious logon requests and possibly cause a denial of service (CVE-2007-4572) ...

USN-617-1 fixed vulnerabilities in Samba The upstream patch introduced a regression where under certain circumstances accessing large files might cause the client to report an invalid packet length error This update fixes the problem ...

Alin Rad Pop discovered that Samba contained a buffer overflow condition when processing certain responses received while acting as a client, leading to arbitrary code execution (CVE-2008-1105) For the stable distribution (etch), this problem has been fixed in version 3024-6etch10 For the unstable distribution (sid), this problem has been fixed ...

#!/usr/bin/perl # 06/01/2008 - k`sOSe # # ~ # smbclient //localhost/w00t # *** glibc detected *** smbclient: free(): invalid next size (fast): 0x0823c2d8 *** # use warnings; use strict; use IO::Socket; my $sock = IO::Socket::INET->new(LocalAddr => '0000', LocalPort => '445', Listen => 1, Reuse => 1) || die($!); while(my $csock ...

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2008-1105

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect