Vulnerability Note VU#680260

pam_smb module contains remote buffer overflow

Overview

The pam_smb module contains a remotely exploitable buffer overflow vulnerability. This module is used to authenticate users using an external Server Message Block (SMB) server. A remote attacker may be able to exploit this vulnerability to run arbitrary commands on the system.

I. Description

The pam_smb module versions 1.1.6 and prior contain a remotely exploitable buffer overflow vulnerability in the processing of the password buffer. This module is used when a system is configured to authenticate users using an external Server Message Block (SMB) server.

II. Impact

An unauthenticated remote attacker may be able to exploit this vulnerability to run arbitrary commands on the system.

III. Solution

This problem is reportedly resolved in version 1.1.7 of the pam_smb module. Upgrade, or apply the patches provided by your vendor.

Systems Affected

Vendor	Status	Date Notified
Debian	Vulnerable	29-Aug-2003
Red Hat Inc.	Vulnerable	29-Aug-2003
Samba Team	Vulnerable	29-Aug-2003

References

http://www.secunia.com/advisories/9611/
http://us1.samba.org/samba/ftp/pam_smb/
https://rhn.redhat.com/errata/RHSA-2003-261.html

Credit

The Red Hat Security Team has recognized Dave Airlie of the Samba team for reporting this vulnerability.

This document was written by Jason A Rafail.

Other Information

Date Public:	2003-08-26
Date First Published:	2003-08-29
Date Last Updated:	2003-08-29
CERT Advisory:
CVE-ID(s):	CAN-2003-0686
NVD-ID(s):	CAN-2003-0686
US-CERT Technical Alerts:
Metric:	8.44
Document Revision:	6

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Get Adobe Reader