Vulnerabilities in Samba, Skype and QuickTime
January 10th, 2008
The Sourcefire VRT is aware of vulnerabilities affecting Samba, Skype and Apple QuickTime.
Samba Buffer Overflow (CVE-2007-6015): A stack based buffer overflow condition is present in nmbd in certain versions of Samba. A remote attacker may be able to execute code on an affected system via a GETDC mailslot request.
A rule to detect attacks targeting this vulnerability is included in this release and is identified as SID 13291.
Skype Technologies Heap Corruption (CVE-2007-5989): A programming error in the Skype URI handler may allow a remote attacker to cause memory corruption which may lead to code execution.
A rule to detect attacks targeting this vulnerability is included in this release and is identified as SID 13292.
Apple QuickTime Buffer Overflow (CVE-2007-4675): Apple QuickTime does not perform adequate checks on user supplied data in QuickTime Virtual Reality movie files. A remote attacker may use this flaw to cause a buffer overflow and execute code on an affected system.
A rule to detect attacks targeting this vulnerability is included in this release and is identified as SID 13293.
This SEU also contains an updated UI component package.
For Assistance
- Visit the Sourcefire Customer Support site at https://support.sourcefire.com.
- Email Sourcefire Customer Support at support@sourcefire.com.
- Call Sourcefire Customer Support at 410.423.1901 or 1.800.917.4134.