Buffer overflow?

Benjamin Kuit bj at it.uts.edu.au
Sun Jan 20 21:26:02 GMT 2002

I've been playing with samba for a couple of weeks now, and recently
in the browse lists a funny looking domain/workgroup has been appearing,
funny in the sense that it's name contains nothing but 8 bit chars.

The respective line in browse.dat looks like this:
"\261\350\310\361\274\261"                   80001000  "\261\350\310\361\274\261"                      "\261\350\310\361\274\261"

I've used smbclient -L <server> on browse masters that I know of, to
try and find the source of this name, but only browse lists coming from
samba servers has this entry in them.

I've tried snoop and tcpdump to find the source, but to no avail.

Just wondering though, would this entry be the result of a buffer

Any tests that I could try to prove or disprove it?

Samba 2.2 cvs on solaris2.8.

Thanks in advance


|      Benjamin (Bj) Kuit       |  Building 4, 447                     |
|      Systems Programmer       |  Faculty of Information Technology   |
|      Phone: 02 9514 1841      |  University of Technology, Sydney    |
|      Mobile: 0416 184 972     |  Email: bj at it.uts.edu.au             |

More information about the samba-technical mailing list