securityadmin's blog

CVE-2010-3069 Samba: Stack-based buffer overflow by processing specially-crafted SID records

https://www.redhat.com/security/data/cve/CVE-2010-3069.html

"A missing array boundary checking flaw was found in the way Samba parsed
the binary representation of Windows security identifiers (SIDs). A
malicious client could send a specially-crafted SMB request to the Samba
server, resulting in arbitrary code execution with the privileges of the
Samba server (smbd). (CVE-2010-3069)"

Pages