OSVDB ID: 8190 Title: Samba SWAT HTTP Basic Auth base64 Overflow |
Info |
|
|
Dates |
||||
|
|
Description |
A remote overflow exists in Samba. The Samba Web Administration Tool (SWAT) fails to perform proper bounds checking when decoding base64 data during HTTP basic authentication resulting in a buffer overflow. With a specially crafted request, a remote attacker can cause arbitrary code execution resulting in a loss of integrity. |
Classification |
Location:
Remote / Network Access
Attack Type: Input Manipulation Impact: Loss of Integrity Exploit: Exploit Public Disclosure: OSVDB Verified OSVDB: Web Related |
Solution |
Upgrade to version 3.0.5 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds. |
Products |
|
Credit |
|
gleg.net -