CVE-2008-1105 – Samba 3.0.29 (Client) - 'receive_smb_raw()' Buffer Overflow (PoC)

https://notcve.org/view.php?id=CVE-2008-1105

Heap-based buffer overflow in the receive_smb_raw function in util/sock.c in Samba 3.0.0 through 3.0.29 allows remote attackers to execute arbitrary code via a crafted SMB response. Desbordamiento de búfer basado en montículo en la función receive_smb_raw de util/sock.c en Samba 3.0.0 hasta 3.0.29, permite a atacantes remotos ejecutar código de su elección a través de una respuesta SMB manipulada. • https://www.exploit-db.com/exploits/5712 http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00000.html http://lists.vmware.com/pipermail/security-announce/2008/000023.html http://secunia.com/advisories/30228 http://secunia.com/advisories/30385 http://secunia.com/advisories/30396 http://secunia.com/advisories/30442 http://secunia.com/advisories/30449 http://secunia.com/advisories/30478 http:/&#x • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •