[jcifs] Samba SMB password buffer overflow
Girish
girish at fusion-software.com
Sat Nov 27 11:09:29 MST 2010
I am getting an error on Production Server.
Every thing works perfectly on UAT.
How do i update samba
version or what setting i have to do.
<filter>
<filter-name>NtlmHttpFilter</filter-name>
<filter-class>jcifs.http.NtlmHttpFilter</filter-class>
<init-param>
<param-name>jcifs.http.domainController</param-name>
<param-value>xxx</param-value>
</init-param>
<init-param>
<param-name>jcifs.smb.client.domain</param-name>
<param-value>xxx</param-value>
</init-param>
<init-param>
<param-name>jcifs.smb.client.username</param-name>
<param-value>xxx</param-value>
</init-param>
<init-param>
<param-name>jcifs.smb.client.password</param-name>
<param-value>xxx</param-value>
</init-param>
<init-param>
<param-name>jcifs.util.loglevel</param-name>
<param-value>10</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>NtlmHttpFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
Samba SMB password buffer overflow
(SMB password overflow)
About this signature or vulnerability
BlackICE:
http://www.networkice.com/advice/Intrusions/2000504
Default risk level
High
Sensors that have this signature
BlackICE: 1.0
Systems affected
IBM AIX, WindRiver BSDOS, SGI IRIX, Linux Kernel,
Sun Solaris, Samba Samba, IBM OS2, Microsoft
Windows 95, Data General DG/UX,
Microsoft Windows NT: 4.0,
Microsoft Windows 98, Novell NetWare,
SCO SCO Unix, Microsoft Windows 98SE,
Microsoft Windows 2000, Cisco IOS,
Microsoft Windows Me,
Compaq Tru64, Microsoft Windows XP,
SCO Caldera OpenLinux Lite: 1.1,
SCO Caldera OpenLinux Base:
1.1, SCO Caldera OpenLinux Standard: 1.1,
Apple Mac OS,
Microsoft Windows 2003 Server
Type
Unauthorized Access Attempt
Vulnerability description
Samba NetBIOS is vulnerable to a buffer overflow attack.
By submitting a specially formatted password
that exceeds the length expected by Samba,
an attacker can overflow a buffer and cause the server to
execute arbitrary code on the system with root privileges.
In order for an attacker to do this, a valid SMB
session must be negotiated and
a valid username must be used.
How to remove this vulnerability
Upgrade to the latest version of Samba (2.0.7 or later),
available from the Samba Web site.
See
References.
For Caldera OpenLinux Base 1.1, Lite 1.1 and Standard 1.1:
Upgrade to the latest samba package (1.9.16p7-1 or later)
as listed in Caldera Systems, Inc.
Security
Advisory SA-1997.24. See References.
— OR —
Upgrade to the lastest version of Samba (1.9.17p2 or later),
as listed in CERT Vendor-Initiated Bulletin
97.10. See References.
For other distributions:
Contact your vendor for upgrade or patch information.
More information about the jCIFS
mailing list