Samba - Security Announcement Archive

CAN-2004-0686: Potential Buffer Overrun in Samba 3.0.x <= 3.0.4

Subject:	Potential Buffer Overrun in smbd
CVE #:		CAN-2004-0686
Affected
Versions:	Samba 3.0.x <= 3.0.4


Description
-----------

A buffer overrun has been located in the code used to support
the 'mangling method = hash' smb.conf option.  Please be aware
that the default setting for this parameter is 'mangling method
= hash2' and therefore not vulnerable.

Affected Samba 3 installations can avoid this possible security
bug by using the default hash2 mangling method.  Server
installations requiring the hash mangling method are encouraged
to upgrade to Samba 3.0.5.


Protecting Unpatched Servers
----------------------------

The Samba Team always encourages users to run the latest stable
release as a defense of against attacks.  However, under certain
circumstances it may not be possible to immediately upgrade
important installations.  In such cases, administrators should
read the "Server Security" documentation found at
http://www.samba.org/samba/docs/server_security.html.


Credits
--------

This defect was located by Samba developers during a routine
code audit.


--
Our Code, Our Bugs, Our Responsibility.

				-- The Samba Team