Samba smbclient Format String Bug May Let Users Execute Arbitrary Code
|
SecurityTracker Alert ID: 1022441 |
SecurityTracker URL: http://securitytracker.com/id/1022441
|
CVE Reference:
CVE-2009-1886
(Links to External Site)
|
Date: Jun 24 2009
|
Impact:
Execution of arbitrary code via network, User access via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 3.2.0 - 3.2.12
|
Description:
A vulnerability was reported in Samba. A remote user may be able to cause arbitrary code to be executed on the target system in certain cases.
In cases where a script passes data supplied by a remote user as a command parameter to smbclient, a remote user may be able to supply a specially crafted value containing format string characters to cause smbclient to execute arbitrary code.
Reinhard Nissl reported this vulnerability.
|
Impact:
A remote user may be able to execute arbitrary code on the target system.
|
Solution:
The vendor has issued a fix (3.2.13).
The vendor's advisory is available at:
http://samba.org/samba/security/CVE-2009-1886.html
|
Vendor URL: samba.org/samba/security/CVE-2009-1886.html (Links to External Site)
|
Cause:
Input validation error, State error
|
Underlying OS: Linux (Any), UNIX (Any)
|
|
Message History:
None.
|
Source Message Contents
|
|
[Original Message Not Available for Viewing]
|
|