Samba 3.3.5 - Format String / Security Bypass

EDB-ID:

33053




Platform:

Linux

Date:

2009-05-19


source: https://www.securityfocus.com/bid/35472/info

Samba is prone to multiple vulnerabilities.

Attackers can leverage these issues to execute arbitrary code within the context of the vulnerable application or to bypass certain security restrictions.

Samba 3.0.31 through 3.3.5 are affected.

The following proof of concept is available:

smb: \> put aa%3Fbb