[jcifs] Samba SMB password buffer overflow

Girish girish at fusion-software.com
Sat Nov 27 11:09:29 MST 2010

I am getting an error on Production Server. 
Every thing works perfectly on UAT. 
How do i update samba 
version or what setting i have to do.


Samba SMB password buffer overflow 
(SMB password overflow) 
About this signature or vulnerability

Default risk level


Sensors that have this signature

BlackICE: 1.0

Systems affected

IBM AIX, WindRiver BSDOS, SGI IRIX, Linux Kernel, 
Sun Solaris, Samba Samba, IBM OS2, Microsoft
 Windows 95, Data General DG/UX, 
Microsoft Windows NT: 4.0, 
Microsoft Windows 98, Novell NetWare, 
SCO SCO Unix, Microsoft Windows 98SE, 
Microsoft Windows 2000, Cisco IOS,
Microsoft Windows Me, 
Compaq Tru64, Microsoft Windows XP, 
SCO Caldera OpenLinux Lite: 1.1, 
SCO Caldera OpenLinux Base: 
1.1, SCO Caldera OpenLinux Standard: 1.1, 
Apple Mac OS,
Microsoft Windows 2003 Server


Unauthorized Access Attempt

Vulnerability description

Samba NetBIOS is vulnerable to a buffer overflow attack. 
By submitting a specially formatted password 
that exceeds the length expected by Samba,
 an attacker can overflow a buffer and cause the server to 
execute arbitrary code on the system with root privileges. 
In order for an attacker to do this, a valid SMB 
session must be negotiated and 
a valid username must be used.

How to remove this vulnerability

Upgrade to the latest version of Samba (2.0.7 or later), 
available from the Samba Web site. 

For Caldera OpenLinux Base 1.1, Lite 1.1 and Standard 1.1:
Upgrade to the latest samba package (1.9.16p7-1 or later) 
as listed in Caldera Systems, Inc. 
Advisory SA-1997.24. See References.

— OR —

Upgrade to the lastest version of Samba (1.9.17p2 or later), 
as listed in CERT Vendor-Initiated Bulletin 
97.10. See References.

For other distributions:
Contact your vendor for upgrade or patch information.

More information about the jCIFS mailing list