[jcifs] Samba SMB password buffer overflow

Sat Nov 27 11:09:29 MST 2010

I am getting an error on Production Server. 
Every thing works perfectly on UAT. 
How do i update samba 
version or what setting i have to do.

<filter>
	    <filter-name>NtlmHttpFilter</filter-name>
	    <filter-class>jcifs.http.NtlmHttpFilter</filter-class>

	    <init-param>
	        <param-name>jcifs.http.domainController</param-name>
	        <param-value>xxx</param-value>
	    </init-param>
	    <init-param>
	        <param-name>jcifs.smb.client.domain</param-name>
	        <param-value>xxx</param-value>
	    </init-param>
	    <init-param>
	        <param-name>jcifs.smb.client.username</param-name>
	        <param-value>xxx</param-value>
	    </init-param>
	    <init-param>
	        <param-name>jcifs.smb.client.password</param-name>
	        <param-value>xxx</param-value>
	    </init-param>
	    <init-param>
	        <param-name>jcifs.util.loglevel</param-name>
	        <param-value>10</param-value>

	    </init-param>

</filter>

	<filter-mapping>

	    <filter-name>NtlmHttpFilter</filter-name>

	    <url-pattern>/*</url-pattern>

	</filter-mapping>

Samba SMB password buffer overflow 
(SMB password overflow) 
About this signature or vulnerability
BlackICE: 
http://www.networkice.com/advice/Intrusions/2000504

Default risk level

 High

Sensors that have this signature

BlackICE: 1.0

Systems affected

IBM AIX, WindRiver BSDOS, SGI IRIX, Linux Kernel, 
Sun Solaris, Samba Samba, IBM OS2, Microsoft
 Windows 95, Data General DG/UX, 
Microsoft Windows NT: 4.0, 
Microsoft Windows 98, Novell NetWare, 
SCO SCO Unix, Microsoft Windows 98SE, 
Microsoft Windows 2000, Cisco IOS,
Microsoft Windows Me, 
Compaq Tru64, Microsoft Windows XP, 
SCO Caldera OpenLinux Lite: 1.1, 
SCO Caldera OpenLinux Base: 
1.1, SCO Caldera OpenLinux Standard: 1.1, 
Apple Mac OS,
Microsoft Windows 2003 Server

Type

Unauthorized Access Attempt

Vulnerability description

Samba NetBIOS is vulnerable to a buffer overflow attack. 
By submitting a specially formatted password 
that exceeds the length expected by Samba,
 an attacker can overflow a buffer and cause the server to 
execute arbitrary code on the system with root privileges. 
In order for an attacker to do this, a valid SMB 
session must be negotiated and 
a valid username must be used.

How to remove this vulnerability

Upgrade to the latest version of Samba (2.0.7 or later), 
available from the Samba Web site. 
See 
References.

For Caldera OpenLinux Base 1.1, Lite 1.1 and Standard 1.1:
Upgrade to the latest samba package (1.9.16p7-1 or later) 
as listed in Caldera Systems, Inc. 
Security 
Advisory SA-1997.24. See References.

— OR —

Upgrade to the lastest version of Samba (1.9.17p2 or later), 
as listed in CERT Vendor-Initiated Bulletin 
97.10. See References.

For other distributions:
Contact your vendor for upgrade or patch information.