Samba Issue
Perez, Eugenio
eugenio.perez at hp.com
Wed Apr 21 19:36:41 MDT 2010
Hello Samba Team
I was wondering if you have a patch available for the vulnerability mentioned below or maybe you can direct me to some site that can help to find the available patches that address this vulnerabilities:
Platforms: AIX, HP-UX, Solaris 9,10 and SuSE
Samba Versions affected: v 3.0.13, v 3.0.28, v 3.0.32, v3.0.34
Your help on this matter is greatly appreciated. Thank you in advance.
http://www.securityfocus.com/bid/36250/discuss
Samba 3.x Multiple Unspecified Remote Vulnerabilities
Samba is prone to multiple unspecified remote vulnerabilities, including:
- An error in 'smbd' that can be exploited to cause a heap-based overflow.
- An error when Samba is compiled with '--enable-developer' can lead to a heap-based overflow.
- Multiple unspecified stack overflows.
- An unspecified heap-based buffer overflow.
Attackers can exploit these issues to execute code within the context of the affected server. Failed exploit attempts will result in a denial-of-service condition.
Cheers
Eugenio Perez
Technology Consultant
IE - GM AP
HP Enterprise Services
Telephone +64 9 4872202
Email: eugenio.perez at hp.com<mailto:jeremy.davidson at hp.com>
74 Taharoto Road
Level2 Smales Farm
Takapuna
Auckland, NZ 0622
More information about the samba-technical
mailing list