[SAMBA-SECURITY] CVE-2007-2446: Multiple Heap Overflows Allow Remote Code Execution

Gerald (Jerry) Carter jerry at samba.org
Sun May 13 22:52:52 GMT 2007

Spam detection software, running on the system "mail.montanhydraulik.com", has
identified this incoming email as possible spam.  The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email.  If you have any questions, see
postmaster for details.

Content preview:  -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
  ========================================================== == ==
  Subject: Multiple Heap Overflows Allow Remote == Code Execution == CVE
  ID#: CVE-2007-2446 == == Versions: Samba 3.0.0 - 3.0.25rc3 (inclusive)
  == == Summary: Various bugs in Samba's NDR parsing == can allow a user
  to send specially == crafted MS-RPC requests that will == overwrite the
  heap space with user == defined data. ==
  ========================================================== [...] 

Content analysis details:   (5.4 points, 5.0 required)

 pts rule name              description
---- ---------------------- --------------------------------------------------
 0.1 FORGED_RCVD_HELO       Received: contains a forged HELO
 1.2 DATE_IN_PAST_12_24     Date: is 12 to 24 hours before Received: date
 2.0 RCVD_IN_SORBS_DUL      RBL: SORBS: sent directly from dynamic IP address
                            [ listed in dnsbl.sorbs.net]
 1.9 RCVD_IN_NJABL_DUL      RBL: NJABL: dialup sender did non-local SMTP
                            [ listed in combined.njabl.org]

-------------- next part --------------
An embedded message was scrubbed...
From: "Gerald (Jerry) Carter" <jerry at samba.org>
Subject: [SAMBA-SECURITY] CVE-2007-2446: Multiple Heap Overflows Allow Remote
	Code Execution
Date: Sun, 13 May 2007 17:52:52 -0500
Size: 5760
Url: http://lists.samba.org/archive/samba-announce/attachments/20070513/517b268c/attachment.eml

More information about the samba-announce mailing list