Check Point Advisories

Update Protection against SAMBA SMBI Packets Chaining Memory Corruption

Check Point Reference:	CPAI-2010-143
Date Published:	6 Aug 2010
Severity:	Critical
Last Updated:	Friday 01 January, 2010
Source:	Secunia Advisory SA40145
Industry Reference:	CVE-2010-2063
Protection Provided by:
Who is Vulnerable?	Samba Project Samba 3.0.x - 3.3.12
Vulnerability Description	A vulnerability has been reported in Samba, an open-source implementation of Server Message Block/Common Internet File System (SMB/CIFS). The vulnerability is due to improper validation when chaining SMB1 packets. Remote attackers could exploit this vulnerability by sending a crafted SMB message to a target SMB server.
Update/Patch Avaliable	Samba has released an advisory to address this vulnerability.
Vulnerability Details	A buffer overflow exists in the SMB1 packet chaining implementation in the chain_reply function in Samba. The vulnerability allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted field in a SMB1 packet.