module
Samba lsa_io_trans_names Heap Overflow
| Disclosed | Created |
|---|---|
| 05/14/2007 | 05/30/2018 |
Disclosed
05/14/2007
Created
05/30/2018
Description
This module triggers a heap overflow in the LSA RPC service
of the Samba daemon. This module uses the szone_free() to overwrite
the size() or free() pointer in initial_malloc_zones structure.
of the Samba daemon. This module uses the szone_free() to overwrite
the size() or free() pointer in initial_malloc_zones structure.
Authors
Ramon de C Valle Adriano Lima hdm
Platform
OSX
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:
msf > use exploit/osx/samba/lsa_transnames_heap
msf /(p) > show actions
...actions...
msf /(p) > set ACTION < action-name >
msf /(p) > show options
...show and set options...
msf /(p) > run
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.