svn commit: samba-web r328 - in trunk: history news/releases
deryck at samba.org
deryck at samba.org
Mon Sep 13 14:09:47 GMT 2004
Author: deryck
Date: 2004-09-13 14:09:46 +0000 (Mon, 13 Sep 2004)
New Revision: 328
WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=samba-web&path=/trunk&rev=328&nolog=1
Log:
Add news item and announcement for 3.0 DoS security patch.
Added:
trunk/history/3.0_DOS_sept04_announce.txt
trunk/news/releases/3.0_DOS_sept04.html
Changeset:
Added: trunk/history/3.0_DOS_sept04_announce.txt
===================================================================
--- trunk/history/3.0_DOS_sept04_announce.txt 2004-09-13 13:49:56 UTC (rev 327)
+++ trunk/history/3.0_DOS_sept04_announce.txt 2004-09-13 14:09:46 UTC (rev 328)
@@ -0,0 +1,63 @@
+Subject: Samba 3.0.x Denial of Service Flaw
+
+Summary: (i) A DoS bug in smbd may allow an
+ unauthenticated user to cause smbd to
+ spawn new processes each one entering
+ an infinite loop. After sending a sufficient
+ amount of packets it is possible to exhaust
+ the memory resources on the server.
+
+ (ii) A DoS bug in nmbd may allow an attacker
+ to remotely crash the nmbd daemon.
+
+Affected
+Versions: Defect (i) affects Samba 3.0.x prior to and
+ including v3.0.6.
+
+ Defect (ii) affects Samba 3.0.x prior to
+ and including v3.0.6.
+
+Patch
+Availability: The patch file for Samba 3.0.5 addressing both
+ bugs (samba-3.0.5-DoS.patch) can be downloaded
+ from
+ http://download.samba.org/samba/ftp/patches/security/
+
+
+Description
+-----------
+
+CAN-2004-0807: A defect in smbd's ASN.1 parsing allows an
+attacker to send a specially crafted packet during the
+authentication request which will send the newly spawned
+smbd process into an infinite loop. Given enough of these
+packets, it is possible to exhaust the available memory
+on the server.
+
+CAN-2004-0808: A defect in nmbd's process of mailslot packets
+can allow an attacker to anonymously crash nmbd.
+
+
+Protecting Unpatched Servers
+----------------------------
+
+The Samba Team always encourages users to run the latest stable
+release as a defense of against attacks. However, under certain
+circumstances it may not be possible to immediately upgrade
+important installations. In such cases, administrators should
+read the "Server Security" documentation found at
+http://www.samba.org/samba/docs/server_security.html.
+
+
+Credits
+--------
+
+Both security issues were reported to Samba developers by
+iDEFENSE (http://www.idefense.com/). The defect discovery
+was anonymously reported to iDEFENSE via their Vulnerability
+Contributor Program (http://www.idefense.com/poi/teams/vcp.jsp).
+
+
+-- Our Code, Our Bugs, Our Responsibility.
+
+ -- The Samba Team
Added: trunk/news/releases/3.0_DOS_sept04.html
===================================================================
--- trunk/news/releases/3.0_DOS_sept04.html 2004-09-13 13:49:56 UTC (rev 327)
+++ trunk/news/releases/3.0_DOS_sept04.html 2004-09-13 14:09:46 UTC (rev 328)
@@ -0,0 +1,20 @@
+ <h3><a name="3.0_DOS_sept04">Samba 3.0 DoS Vulnerabilities</a></h3>
+
+ <div class="article">
+ <p>The following Denial of Service Flaw was reported in Samba 3.0 versions prior to and including v3.0.6:</p>
+
+ <ul>
+ <li>(i) A DoS bug in smbd may allow an
+ unauthenticated user to cause smbd to
+ spawn new processes each one entering
+ an infinite loop. After sending a sufficient
+ amount of packets it is possible to exhaust
+ the memory resources on the server.</li>
+ <li>(ii) A DoS bug in nmbd may allow an attacker
+ to remotely crash the nmbd daemon.</li>
+ </ul>
+
+ <p>For full details please see the <a href="/samba/history/3.0_DOS_sept04_announce.txt">security patch announcement</a>. The patch file for Samba 3.0.5 addressing both bugs (samba-3.0.5-DoS.patch) can be downloaded <a href=http://download.samba.org/samba/ftp/patches/security/">here</a>.</p>
+ </div>
+
+
Property changes on: trunk/news/releases/3.0_DOS_sept04.html
___________________________________________________________________
Name: svn:executable
+ *
More information about the samba-cvs
mailing list