On May 14, 2007 a number of interesting heap-corruptionvulnerabilities were disclosed in Samba 3.0.25rc3 and earlier. On thesame day, Immunity released a private exploit for one of the issues on Solaris. A few days later, an exploit modulewas released for the Metasploit framework that reliably exploited theissue on a number of Linux distributions. The module specificallytargeted the flaw in the lsa_io_trans_names function.
Over the past few years, the discovery of high profilevulnerabilities in widespread Unix applications seems to be decreasing.Additionally, a variety of security mechanisms are more commonlydeployed on Linux distributions, such as non-executable stacks, stackcanaries, and secure heaps, all of which make the release of publicexploits this reliable more rare,...
