Samba *NOT* vulnerable. MS security bug - Microsoft Server Message Block Remote Code Execution / MS05-011

Jeremy Allison jra at samba.org
Sun Jun 26 20:36:07 GMT 2005


Hi all,

	Now that someone has published exploit code for this bug, I've finally
been able to take a look at it and I've confirmed that Samba is not vulnerable
to this. It's actually an exploit which takes place on the client side by causing
an SMB server to return a trans2 packet that causes a memcpy overflow in the
Microsoft client code.

Just before someone asks (I knew someone was going to :-).

Jeremy.


More information about the samba-technical mailing list