[Samba] [Samba 3.0.37] EnumPrinters memory consumption
Rowland Penny
rowlandpenny at googlemail.com
Mon May 18 12:52:44 MDT 2015
On 18/05/15 19:40, Gabriele Avosani wrote:
> Hello, i discovered a bug in EnumPrinters.
> It seems that it allocates many mega of memory, corrupting memory and
> taking control of a memcpy in parse_prs.c:398
>
> It leads to memory corruption, fatal (and fast) exhaustion of resources
> and, probably, remote code execution.
>
> I attach a file that can be used as a proof of concept.
>
>
> Gabriele Avosani
>
> (looking for remote work as programmer, if in need, email me at
> g.avosani at gmail.com (PHP, Perl, C/C++, Java and more))
>
>
I do not think you will get this fixed, 3.0.x went EOL at the end of
2009. If you are still using 3.0.37, can I suggest that you upgrade to a
later maintained release.
Rowland
More information about the samba
mailing list