Samba Repels Three Bugs with New Release

May 16, 2007

Vulnerabilities have been uncovered in Samba, the popular file-and-print software.

The makers of Samba have patched a serious flaw in their open-source software that could be exploited remotely by hackers to inject code with nobody user privileges.

Samba is a suite of software for Unix and Linux operating systems that allows Windows clients to print files using a Linux or Unix machine.

The bug, as well as two other vulnerabilities, are addressed in Monday's release of Samba 3.0.25. In the case of the most critical flaw, Samba officials said in an advisory that unescaped user input parameters are passed as arguments to /bin/sh - a situation that allows for remote command execution.

Successful exploitation of this vulnerability allows an attacker to run arbitrary shell commands with the privileges of the nobody user, according to researchers at iDefense Labs, based in Sterling, Va.

"If the administrator has configured the Samba server to translate Windows account names to Unix account names, an unauthenticated user can run arbitrary shell commands," said Richard Howard, director of security intelligence at VeriSign. "The vulnerability is trivial to exploit even on systems that employ NX and ASLR."

Officials at iDefense noted that the vulnerability occurs within a non-default configuration of Samba. Specifically, the "username map script" option must be defined in the smb.conf file, officials said.

A second problem is that Samba's NDR parsing can allow a user to send Microsoft Remote Procedure Call requests that will overwrite the heap space with user defined data, Samba officials warned in an advisory.

The final flaw patched in the release is a bug in the local SID/Name translation routines that can result in an attacker issuing SMB/CIFS protocol operations as root.

Copyright 2007 by Ziff Davis Media, Distributed by United Press International

Explore further: Detecting and blocking leaky Android apps

Related Stories

Supercomputers a hidden power center of Silicon Valley

15 minutes ago

Silicon Valley is famed for spawning the desktop, mobile and cloud computing revolutions. What is less well known is that it's one of the nerve centers for building the world's fastest number-crunchers.

Recommended for you

NSA winds down once-secret phone-records collection program

11 hours ago

The National Security Agency has begun winding down its collection and storage of American phone records after the Senate failed to agree on a path forward to change or extend the once-secret program ahead of its expiration ...

Uber drivers fined in Hungary

11 hours ago

The Hungarian tax authority fined Uber drivers in its first probe against the ride-sharing service which the economy ministry said Saturday "ignores passenger safety" and must be made to follow regulations.

Architects to hatch Ecocapsule as low-energy house

May 23, 2015

Where people call home depends on varied factors, from poverty level to personal philosophy to vanity to community pressure. Ecocapsule appears to be the result of special factors, a team of architects applying ...

Apple may deliver ways to rev up the iPad, report says

May 23, 2015

MacRumors last month said that the latest numbers from market research firm IDC's Worldwide Quarterly Tablet Tracker revealed Apple stayed on as the largest vendor in a declining tablet market. The iPad ...

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.