Nortel Response to Sun Alert 249086 - Security Vulnerability in Solaris samba(7) Specially Crafted Packet
| Description: |
Sun Microsystems has recently released Sun Alert 249086 - Security Vulnerability in samba(7) Specially Crafted Packet May Allow Execution of Arbitrary Code With Root Privileges. According to Sun, a heap-based buffer overflow in the Samba client (SMBCLIENT(1)) may allow a remote unprivileged user to execute arbitrary code using a crafted SMB response. Since the Samba daemon (smbd(1M)) can also act as the client during operations such as printer notification and domain authentication, this issue affects both the Samba client and server. Some Nortel products contain this software as a component and thus are potentially affected by the vulnerabilities addressed. This bulletin provides a multi-product consolidated response for the Nortel products which are potentially affected. Sun Alert 249086 is available at: http://sunsolve.sun.com/search/document.do?assetkey=1-66-249086-1 This bulletin addresses the following CVE: 1. CVE-2008-1105 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1105 Heap-based buffer overflow in the receive_smb_raw function in util/sock.c in Samba 3.0.0 through 3.0.29 allows remote attackers to execute arbitrary code via a crafted SMB response. Before taking any action please ensure that you are viewing the latest official version of this security advisory by referencing http://www.nortel.com/securityadvisories |
| Type: |
Security Advisories |
| Number: |
2009009315, Rev 1 |
| Status: |
Retired |
| Date: |
2009-08-27 |
