Subject: Potential Buffer Overrun in SWAT CVE #: CAN-2004-0600 Affected Versions: Samba 3.0.2 - 3.0.4 Description ----------- The internal routine used by the Samba Web Administration Tool (SWAT v3.0.2 and later) to decode the base64 data during HTTP basic authentication is subject to a buffer overrun caused by an invalid base64 character. It is recommended that all Samba v3.0.2 or later installations running SWAT either (a) upgrade to v3.0.5, or (b) disable the swat administration service as a temporary workaround. This same code is used internally to decode the sambaMungedDial attribute value when using the ldapsam passdb backend. While we do not believe that the base64 decoding routines used by the ldapsam passdb backend can be exploited, sites using an LDAP directory service with Samba are strongly encouraged to verify that the DIT only allows write access to sambaSamAccount attributes by a sufficiently authorized user. Credits -------- The Samba Team would like to heartily thank Evgeny Demidov for analyzing and reporting this bug. -- Our Code, Our Bugs, Our Responsibility. -- The Samba Team