Intrusion Prevention

Samba.smbd.Packet.Chaining.AndX.Buffer.Overflow

Description

This indicates an attack attempt to exploit a Stack Overflow vulnerability in Samba.
The vulnerability is due to insufficient sanitizing of maliciously crafted requests of AndX offset in the application. A remote attacker can exploit this to execute arbitrary code within the context of the application or possibly cause a denial of service condition.

Affected Products

Samba Team Samba 3.4.0 and earlier versions

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
http://www.samba.org/samba/history/security.html

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date	Version	Status	Detail
2024-07-22	28.830	Modified	Name:Samba. smbd. Packet. Chaining. AndX. Stack. Overflow:Samba. smbd. Packet. Chaining. AndX. Buffer. Overflow

ID	31493
Created	Apr 11, 2012
Updated	Jul 18, 2024
CVE ID
Risk
Exploit Prediction Score	46.88%
Default Action	drop
Active
Affected OS	All
Affected App	Samba
Profile Type	Buffer Errors

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Intrusion Prevention

Samba.smbd.Packet.Chaining.AndX.Buffer.Overflow

Description

Affected Products

Impact

Recommended Actions

Coverage

Version Updates

Research Center

Services

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Threat Intelligence Center

Support Center

Resource Center

About

Intrusion Prevention

Samba.smbd.Packet.Chaining.AndX.Buffer.Overflow

Description

Affected Products

Impact

Recommended Actions

Coverage

Version Updates

Threat Intelligence
Center