Back to search
CVE-2008-1105
Published: May 29, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
Heap-based buffer overflow in the receive_smb_raw function in util/sock.c in Samba 3.0.0 through 3.0.29 allows remote attackers to execute arbitrary code via a crafted SMB response.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
RHSA-2008:0288
vendor-advisory
x_refsource_REDHAT
30478
third-party-advisory
x_refsource_SECUNIA
FEDORA-2008-4724
vendor-advisory
x_refsource_FEDORA
30396
third-party-advisory
x_refsource_SECUNIA
http://support.apple.com/kb/HT2163
x_refsource_CONFIRM
30489
third-party-advisory
x_refsource_SECUNIA
ADV-2008-2639
vdb-entry
x_refsource_VUPEN
1020123
vdb-entry
x_refsource_SECTRACK
30835
third-party-advisory
x_refsource_SECUNIA
ADV-2008-1981
vdb-entry
x_refsource_VUPEN
30736
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:5733
vdb-entry
signature
x_refsource_OVAL
30385
third-party-advisory
x_refsource_SECUNIA
SSA:2008-149-01
vendor-advisory
x_refsource_SLACKWARE
31911
third-party-advisory
x_refsource_SECUNIA
ADV-2008-1908
vdb-entry
x_refsource_VUPEN
RHSA-2008:0290
vendor-advisory
x_refsource_REDHAT
samba-receivesmbraw-bo(42664)
vdb-entry
x_refsource_XF
HPSBUX02341
vendor-advisory
x_refsource_HP
5712
exploit
x_refsource_EXPLOIT-DB
APPLE-SA-2008-06-30
vendor-advisory
x_refsource_APPLE
ADV-2008-2222
vdb-entry
x_refsource_VUPEN
FEDORA-2008-4797
vendor-advisory
x_refsource_FEDORA
FEDORA-2008-4679
vendor-advisory
x_refsource_FEDORA
SSRT080075
vendor-advisory
x_refsource_HP
249086
vendor-advisory
x_refsource_SUNALERT
30449
third-party-advisory
x_refsource_SECUNIA
MDVSA-2008:108
vendor-advisory
x_refsource_MANDRIVA
30802
third-party-advisory
x_refsource_SECUNIA
33696
third-party-advisory
x_refsource_SECUNIA
30442
third-party-advisory
x_refsource_SECUNIA
30543
third-party-advisory
x_refsource_SECUNIA
20080528 [SAMBA] CVE-2008-1105 - Boundary failure when parsing SMB responses
mailing-list
x_refsource_BUGTRAQ
30228
third-party-advisory
x_refsource_SECUNIA
USN-617-2
vendor-advisory
x_refsource_UBUNTU
http://www.xerox.com/downloads/usa/en/c/cert_XRX08_009.pdf
x_refsource_CONFIRM
USN-617-1
vendor-advisory
x_refsource_UBUNTU
31255
vdb-entry
x_refsource_BID
http://wiki.rpath.com/Advisories:rPSA-2008-0180
x_refsource_CONFIRM
20080529 Secunia Research: Samba "receive_smb_raw()" Buffer OverflowVulnerability
mailing-list
x_refsource_BUGTRAQ
GLSA-200805-23
vendor-advisory
x_refsource_GENTOO
http://secunia.com/secunia_research/2008-20/advisory/
x_refsource_MISC
SUSE-SA:2008:026
vendor-advisory
x_refsource_SUSE
[Security-announce] 20080728 VMSA-2008-00011 Updated ESX service console packages for Samba and vmnix
mailing-list
x_refsource_MLIST
oval:org.mitre.oval:def:10020
vdb-entry
signature
x_refsource_OVAL
xerox-controller-samba-code-execution(45251)
vdb-entry
x_refsource_XF
ADV-2008-1681
vdb-entry
x_refsource_VUPEN
RHSA-2008:0289
vendor-advisory
x_refsource_REDHAT
31246
third-party-advisory
x_refsource_SECUNIA
http://www.samba.org/samba/security/CVE-2008-1105.html
x_refsource_CONFIRM
29404
vdb-entry
x_refsource_BID
DSA-1590
vendor-advisory
x_refsource_DEBIAN
20080602 rPSA-2008-0180-1 samba samba-client samba-server samba-swat
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now