[SECURITY] Samba 3.0.1 - 3.0.22: memory exhaustion DoS against smbd

Gerald (Jerry) Carter jerry at samba.org
Mon Jul 10 22:18:34 GMT 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Gerald (Jerry) Carter wrote:
> ==========================================================
> ==
> == Subject:     Memory exhaustion DoS against smbd
> == CVE ID#:     CAN-2006-1059
> ==
> == Versions:    Samba Samba 3.0.1 - 3.0.22 (inclusive)
> ==
> == Summary:     smbd may allow internal structures
> ==              maintaining state for share connections
> ==              to grow unbounded.
> ==
> ==========================================================

This is a cut-n-paste error.  The correct CVE # is
CVE-2006-3403.  Sorry for any confusion. It has been
updated on the web site as well.





cheers, jerry
=====================================================================
Samba                                    ------- http://www.samba.org
Centeris                         -----------  http://www.centeris.com
"What man is a man who does not make the world better?"      --Balian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org

iD8DBQFEstI6IR7qMdg1EfYRAl0IAKCxE03jkTx+HWC5aMT3es/S6xYsBgCZAYZw
NjoFczlXBVtTgWUtStrMM5E=
=8N2b
-----END PGP SIGNATURE-----


More information about the samba-technical mailing list