Samba Patches Buffer Overflows
Page 1 of 1
The Samba Project has issued a fix for a pair of buffer overflow flaws that could lead to a malicious system compromise.
The flaws, which have been rated by research firm Secunia as "moderately critical," affect Samba versions 2.x and Samba 3.x. Both issues have been fixed in Samba 3.0.5, which can be downloaded here.
In an online advisory,
the project said the first vulnerability was caused due to a boundary error when decoding
base64 data during HTTP basic authentication. This could be exploited to cause a buffer
The second flaw, which could also cause a buffer overflow, was discovered in the code used to handle "mangling method = hash".
Buffer overflows are the most common cause of malicious hacker break-ins. Attackers typically launch buffer overflows wherein data with instructions to corrupt a system are purposely written into a file in full knowledge that the data will overflow a buffer and cause data corruption.