Metasploit mailing list archives

Previous By Date Next
Previous By Thread Next

Samba NTTRANS

From: Craig Freyman <craigfreyman () gmail com>
Date: Fri, 8 Oct 2010 15:01:42 -0600
I'm unable to set any payloads for the samba nttrans exploit:

msf exploit(nttrans) > info

       Name: Samba 2.2.2 - 2.2.6 nttrans Buffer Overflow
    Version: 9167
   Platform:
 Privileged: Yes
    License: Metasploit Framework License (BSD)
       Rank: Average

Provided by:
  hdm <hdm () metasploit com>

Available targets:
  Id  Name
  --  ----
  0   Samba 2.2.x Linux x86

Basic options:
  Name   Current Setting  Required  Description
  ----   ---------------  --------  -----------
  RHOST  xxxx   yes       The target address
  RPORT  139              yes       The target port

Payload information:
  Space: 1024
  Avoid: 1 characters

Description:
  This module attempts to exploit a buffer overflow vulnerability
  present in versions 2.2.2 through 2.2.6 of Samba. The Samba
  developers report this as: "Bug in the length checking for encrypted
  password change requests from clients." The bug was discovered and
  reported by the Debian Samba Maintainers.

References:
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=2003-0085
  http://www.osvdb.org/6323
  http://www.securityfocus.com/bid/7106
  http://www.samba.org/samba/history/samba-2.2.7a.html

msf exploit(nttrans) > show payloads
msf exploit(nttrans) >

Any ideas?

_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework
Previous By Date Next
Previous By Thread Next

Current thread: