Samba Vulnerability Could Allow Harmful Code Injection
Secunia, the provider of security service, has reported that it has found a flaw in the Samba open source folder as well as in its print server. The vulnerability causes a stack-based buffer overflow that could let attackers inject an arbitrary code.
According to the Security Researchers at Secunia, the code insertion could be accomplished if Samba users are convinced to click on an e-mail link such as the smb:// link that leads to a specially crafted Samba server. By sending manipulated packets to the print server, the stack-based buffer overflow could be provoked.
Secunia also reports that the vulnerability exists in the client software but, according to an advisory from Samba, since the smbd server also behaves like a client sometimes, therefore both server and client ins...
» SPAMfighter News - 12-06-2008