Intrusion Prevention



This indicates an attack attempt against a heap-based buffer-overflow
vulnerability in Samba server.
The vulnerability is caused by improper bounds checking in the
"lsa_io_privilege_set" function. By sending a specially crafted RPC request
to the LSA RPC interface, a remote attacker could overflow a buffer and
execute arbitrary code on a vulnerable system.

Affected Products

Samba 3.0.25rc3 and prior versions.


System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the patch for this vulnerability or upgrade to the latest version of Samba (3.0.25 or later).

CVE References