Samba server heap buffer overflow

Oct 10, 2023

Summary

A heap-based buffer overflow vulnerability in the Heimdal GSSAPI library could allow a remote attacker to cause a denial of service or execute arbitrary code.

Vulnerability ID Vulnerability Overview

CVE-2022-3437 A heap-based buffer overflow was discovered in the Heimdal implementation of the GSSAPI library (libgssapi_krb5), specifically within the DES and Triple-DES decryption routines. An unauthenticated, remote attacker could exploit this flaw by sending a specially crafted malicious GSS-API token to an application functioning as a GSS-API acceptor (such as a Samba server). Successful exploitation could lead to an application crash (denial of service) or potentially allow the execution of arbitrary code with the privileges of the affected service.

Vulnerability ID	Vulnerability Overview
CVE-2022-3437	A heap-based buffer overflow was discovered in the Heimdal implementation of the GSSAPI library (`libgssapi_krb5`), specifically within the DES and Triple-DES decryption routines. An unauthenticated, remote attacker could exploit this flaw by sending a specially crafted malicious GSS-API token to an application functioning as a GSS-API acceptor (such as a Samba server). Successful exploitation could lead to an application crash (denial of service) or potentially allow the execution of arbitrary code with the privileges of the affected service.

Affected Supported TeraStations

TS7010
TS6000
TS5020 / TS5010
TS3020 / TS3010

Back to Security Notices

Date	Description
10/10/2023	Initial release

Back to Security Notices

Network Attached Storage

Portable Solid State Drive (SSD)

External Hard Drives

While Supplies Last

Optical Drives

Multi-Gigabit Switches

Accessories

View All

Latest Article

Buffalo Americas Product Life Cycle Status Change Notice - BS-MP2008 & BS-MP2012 Business Switches

Samba server heap buffer overflow