Samba Repels Three Bugs with New Release

May 16, 2007

Vulnerabilities have been uncovered in Samba, the popular file-and-print software.

The makers of Samba have patched a serious flaw in their open-source software that could be exploited remotely by hackers to inject code with nobody user privileges.

Samba is a suite of software for Unix and Linux operating systems that allows Windows clients to print files using a Linux or Unix machine.

The bug, as well as two other vulnerabilities, are addressed in Monday's release of Samba 3.0.25. In the case of the most critical flaw, Samba officials said in an advisory that unescaped user input parameters are passed as arguments to /bin/sh - a situation that allows for remote command execution.

Successful exploitation of this vulnerability allows an attacker to run arbitrary shell commands with the privileges of the nobody user, according to researchers at iDefense Labs, based in Sterling, Va.

"If the administrator has configured the Samba server to translate Windows account names to Unix account names, an unauthenticated user can run arbitrary shell commands," said Richard Howard, director of security intelligence at VeriSign. "The vulnerability is trivial to exploit even on systems that employ NX and ASLR."

Officials at iDefense noted that the vulnerability occurs within a non-default configuration of Samba. Specifically, the "username map script" option must be defined in the smb.conf file, officials said.

A second problem is that Samba's NDR parsing can allow a user to send Microsoft Remote Procedure Call requests that will overwrite the heap space with user defined data, Samba officials warned in an advisory.

The final flaw patched in the release is a bug in the local SID/Name translation routines that can result in an attacker issuing SMB/CIFS protocol operations as root.

Copyright 2007 by Ziff Davis Media, Distributed by United Press International

Explore further: Android gains in US, basic phones almost extinct

add to favorites email to friend print save as pdf

Related Stories

Serious Samba Problems

May 17, 2007

Three critical bugs in the popular open-source program allow for system compromise.

Recommended for you

Android gains in US, basic phones almost extinct

Apr 18, 2014

The Google Android platform grabbed the majority of mobile phones in the US market in early 2014, as consumers all but abandoned non-smartphone handsets, a survey showed Friday.

Hackathon team's GoogolPlex gives Siri extra powers

Apr 17, 2014

(Phys.org) —Four freshmen at the University of Pennsylvania have taken Apple's personal assistant Siri to behave as a graduate-level executive assistant which, when asked, is capable of adjusting the temperature ...

Microsoft CEO is driving data-culture mindset

Apr 16, 2014

(Phys.org) —Microsoft's future strategy: is all about leveraging data, from different sources, coming together using one cohesive Microsoft architecture. Microsoft CEO Satya Nadella on Tuesday, both in ...

User comments : 0

More news stories

Ex-Apple chief plans mobile phone for India

Former Apple chief executive John Sculley, whose marketing skills helped bring the personal computer to desktops worldwide, says he plans to launch a mobile phone in India to exploit its still largely untapped ...

Airbnb rental site raises $450 mn

Online lodging listings website Airbnb inked a $450 million funding deal with investors led by TPG, a source close to the matter said Friday.

Health care site flagged in Heartbleed review

People with accounts on the enrollment website for President Barack Obama's signature health care law are being told to change their passwords following an administration-wide review of the government's vulnerability to the ...

A homemade solar lamp for developing countries

(Phys.org) —The solar lamp developed by the start-up LEDsafari is a more effective, safer, and less expensive form of illumination than the traditional oil lamp currently used by more than one billion people ...

NASA's space station Robonaut finally getting legs

Robonaut, the first out-of-this-world humanoid, is finally getting its space legs. For three years, Robonaut has had to manage from the waist up. This new pair of legs means the experimental robot—now stuck ...

Filipino tests negative for Middle East virus

A Filipino nurse who tested positive for the Middle East virus has been found free of infection in a subsequent examination after he returned home, Philippine health officials said Saturday.

Egypt archaeologists find ancient writer's tomb

Egypt's minister of antiquities says a team of Spanish archaeologists has discovered two tombs in the southern part of the country, one of them belonging to a writer and containing a trove of artifacts including reed pens ...