[Samba] Regarding the code Change for CVE-2010-3069 ( Buffer Overrun Vulnerability )

ssamba321 s321 ssamba321 at gmail.com
Wed Sep 29 04:21:01 MDT 2010

Hi All,

We are trying to fix the  CVE-2010-3069 ( Buffer Overrun Vulnerability ) in
the  Samba 3.0.28a Source code.
According to  Samba-3.3.13-CVE-2010-3069 patch, we have changed  the code
of  Samba 3.0.28a.We are unable to modify
samba-3.0.28a(source/smbd/nttrance.c ) code due to following reason.

In the Samba-3.3-13 /source/smbd/nttrance.c   we  are using "req" that of
"struct smb_request" type as a parameter in the call_nt_transact_ioctl ,
call_nt_transact_get_user_quota and call_nt_transact_set_user_quota
functions.But there is no "req" in the 3.0.28a code.We are facing the
problem where we have to change the code of Samba 3.0.28.a.

Any suggestions please help us...

More information about the samba mailing list