"Samba.Receive.Smb.Raw.Buffer.Overflow"
- 特征库ID:
15625
- 漏洞级别:
high
- CVE ID:
CVE-2008-1105
- 建议的动作:
pass
- 受影响的系统:
All
- 协议:
tcp
攻击漏洞描述
这表明试图利用 Samba 中的缓冲区溢出漏洞。此漏洞是由于“receive_smb_raw()”[lib/util_sock.c] 函数在处理 SMB 数据包时未能正确检查用户提供的数据的边界。远程攻击者可以通过发送过大的 SMB 数据包来利用这一点。
影响范围
Slackware Linux 10.2
Slackware Linux 10.1
Slackware Linux 10.0
Slackware Linux 12.1
Slackware Linux 12.0
Slackware Linux 11.0
Slackware Linux -current
Samba Samba 3.0.29
Samba Samba 3.0.28 a
rPath rPath Linux 2
rPath rPath Linux 1
rPath Appliance Platform Linux Service 1
RedHat Fedora 9 0
RedHat Fedora 8 0
RedHat Fedora 7 0
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux WS 3
RedHat Enterprise Linux WS 2.1 IA64
RedHat Enterprise Linux WS 2.1
RedHat Enterprise Linux ES 4.5.z
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux ES 3
RedHat Enterprise Linux ES 2.1 IA64
RedHat Enterprise Linux ES 2.1
RedHat Enterprise Linux Desktop 5 client
RedHat Enterprise Linux AS 4.5.z
RedHat Enterprise Linux AS 4
RedHat Enterprise Linux AS 3
RedHat Enterprise Linux AS 2.1 IA64
RedHat Enterprise Linux AS 2.1
RedHat Enterprise Linux 5 server
RedHat Desktop 4.0
RedHat Desktop 3.0
RedHat Advanced Workstation for the Itanium Processor 2.1 IA64
MandrakeSoft Linux Mandrake 2008.1 x86_64
MandrakeSoft Linux Mandrake 2008.1
MandrakeSoft Linux Mandrake 2008.0 x86_64
MandrakeSoft Linux Mandrake 2008.0
MandrakeSoft Linux Mandrake 2007.1 x86_64
MandrakeSoft Linux Mandrake 2007.1
MandrakeSoft Corporate Server 4.0 x86_64
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
MandrakeSoft Corporate Server 4.0
Gentoo Linux
Debian Linux 4.0 sparc
Debian Linux 4.0 s/390
Debian Linux 4.0 powerpc
Debian Linux 4.0 mipsel
Debian Linux 4.0 mips
Debian Linux 4.0 m68k
Debian Linux 4.0 ia-64
Debian Linux 4.0 ia-32
Debian Linux 4.0 hppa
Debian Linux 4.0 arm
Debian Linux 4.0 amd64
Debian Linux 4.0 alpha
Debian Linux 4.0
解决办法
应用来自供应商的最新更新:http://www.samba.org/samba/ftp/stable/samba-3.0.30.tar.gz。
文档评价
