Samba 3.3.5 - Format String / Security Bypass

EDB-ID:

33053




Platform:

Linux

Date:

2009-05-19


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux , the course required to become an Offensive Security Certified Professional (OSCP)

GET CERTIFIED

source: https://www.securityfocus.com/bid/35472/info

Samba is prone to multiple vulnerabilities.

Attackers can leverage these issues to execute arbitrary code within the context of the vulnerable application or to bypass certain security restrictions.

Samba 3.0.31 through 3.3.5 are affected.

The following proof of concept is available:

smb: \> put aa%3Fbb