[Security Problem] --with-tdbsam

Jeremy Allison jra at samba.org
Mon Jul 1 14:09:02 GMT 2002

On Mon, Jul 01, 2002 at 09:39:46PM +0900, Yasuma Takeda wrote:
> In Samba-JP, "buffer overflow" problem was reported.
> If samba is configured with "--with-tdbsam", init_sam_from_buffer function
> contains a buffer overflow vulnerability.
> In a certain case, user can use this vulnerability by changing his password.
> Please examine this security problem and take measures to be necessary.

Can you send more details please to samba-security at samba.org, and CC:
samba-team at samba.org.

I don't immediately see the problem this patch is fixing and need to
understand it before I can apply it.

Thanks for pointing this out,


More information about the samba-technical mailing list