module

Samba 2.2.2 - 2.2.6 nttrans Buffer Overflow

Disclosed	Created
Apr 7, 2003	May 30, 2018

Disclosed

Apr 7, 2003

Created

May 30, 2018

Description

This module attempts to exploit a buffer overflow vulnerability present in
versions 2.2.2 through 2.2.6 of Samba.

The Samba developers report this as:
"Bug in the length checking for encrypted password change requests from clients."

The bug was discovered and reported by the Debian Samba Maintainers.

Author

hdm [email protected]

Platform

Linux

Architectures

x86

References

Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':


    msf > use exploit/multi/samba/nttrans
    msf exploit(nttrans) > show targets
        ...targets...
    msf exploit(nttrans) > set TARGET < target-id >
    msf exploit(nttrans) > show options
        ...show and set options...
    msf exploit(nttrans) > exploit

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report