Buffer Overrun in Sambar Server
Reported June 1 by
Delphis Consulting Internet Security Team

VERSIONS EFFECTED
Sambar Server 4.3

DESCRIPTION

It possible to crash the Sambar server by using the default finger and whois scripts provided with the Sambar server software. By sending a long string of 32290 characters to either of the scripts, an unchecked buffer in the sambar.dll file can be overflowed where arbitrary code could be run on the machine.

VENDOR RESPONSE

The vendor, Sambar Technologies, is aware of the problem however no fix was available at the time of this writing. According to the vendor, version 4.4 to be released sometime in June.

CREDITS
Discovered and reported by Delphis Consulting Internet Security Team