[Samba] [Announce] Samba 3.5.7, 3.4.12 and 3.3.15 Security Releases Available

Volker Lendecke Volker.Lendecke at SerNet.DE
Fri Mar 4 01:29:05 MST 2011


On Fri, Mar 04, 2011 at 10:26:50AM +0300, Alexander wrote:
> > Samba 3.5.7, 3.4.12 and 3.3.15 are security releases in order to
> > address CVE-2011-0719.
> >
> > o  CVE-2011-0719:
> >   All current released versions of Samba are vulnerable to
> >   a denial of service caused by memory corruption. Range
> >   checks on file descriptors being used in the FD_SET macro
> >   were not present allowing stack corruption. This can cause
> >   the Samba code to crash or to loop attempting to select
> >   on a bad file descriptor set.
> 
> Hello dear Samba team,
> 
> Could you please clarify one thing here - does that DoS/loop happen
> with _only_ smbd serving that malicious client, or that would crash
> the whole Samba service?

It will affect the smbd doing the service only. But under
heavy load it can also affect winbind.

With best regards,

Volker Lendecke

-- 
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen


More information about the samba-technical mailing list