Samba Repels Three Bugs with New Release

May 16, 2007

Vulnerabilities have been uncovered in Samba, the popular file-and-print software.

The makers of Samba have patched a serious flaw in their open-source software that could be exploited remotely by hackers to inject code with nobody user privileges.

Samba is a suite of software for Unix and Linux operating systems that allows Windows clients to print files using a Linux or Unix machine.

The bug, as well as two other vulnerabilities, are addressed in Monday's release of Samba 3.0.25. In the case of the most critical flaw, Samba officials said in an advisory that unescaped user input parameters are passed as arguments to /bin/sh - a situation that allows for remote command execution.

Successful exploitation of this vulnerability allows an attacker to run arbitrary shell commands with the privileges of the nobody user, according to researchers at iDefense Labs, based in Sterling, Va.

"If the administrator has configured the Samba server to translate Windows account names to Unix account names, an unauthenticated user can run arbitrary shell commands," said Richard Howard, director of security intelligence at VeriSign. "The vulnerability is trivial to exploit even on systems that employ NX and ASLR."

Officials at iDefense noted that the vulnerability occurs within a non-default configuration of Samba. Specifically, the "username map script" option must be defined in the smb.conf file, officials said.

A second problem is that Samba's NDR parsing can allow a user to send Microsoft Remote Procedure Call requests that will overwrite the heap space with user defined data, Samba officials warned in an advisory.

The final flaw patched in the release is a bug in the local SID/Name translation routines that can result in an attacker issuing SMB/CIFS protocol operations as root.

Copyright 2007 by Ziff Davis Media, Distributed by United Press International

Explore further: Body by smartphone

add to favorites email to friend print save as pdf

Related Stories

Serious Samba Problems

May 17, 2007

Three critical bugs in the popular open-source program allow for system compromise.

Recommended for you

Body by smartphone

17 hours ago

We love our smartphones. Since they marched out of the corporate world and into the hands of consumers about 10 years ago, we've relied more and more on our iPhone and Android devices to organize our schedules, ...

Breakthrough elastic cloud-to cloud networking

19 hours ago

Scientists from AT&T, IBM and Applied Communication Sciences (ACS) announced a proof-of-concept technology that reduces set up times for cloud-to-cloud connectivity from days to seconds. This advance is a major step forward ...

Security CTO to detail Android Fake ID flaw at Black Hat

Jul 29, 2014

Where have you heard this before: A team of security researchers discover a security flaw in Android devices. This is, however, news. This time, experts are talking about a flaw that involves a widespread ...

Software provides a clear overview in long documents

Jul 25, 2014

In the future, a software will help users better analyze long texts such as the documents for calls for bids, which are often more than one thousand pages long. Experts at Siemens' global research unit Corporate ...

User comments : 0