[Samba] samba wins and MS11-035

Noël Köthe noel at debian.org
Thu Dec 22 12:09:47 UTC 2016

Hello Andrew,

Am Mittwoch, den 21.12.2016, 07:49 +1300 schrieb Andrew Bartlett:

> > OpenVAS reports the following security problem against the samba
> > wins server:
> > 
> > Microsoft Windows WINS Remote Code Execution Vulnerability
> > (2524426)
> It isn't a banner issue, it is a difference in behaviour when sending
> a padded packet.  We need a test written showing that we don't match
> modern windows here, and then the Samba server patched to match. 
> You can file a bug, but this area hasn't had interest for a very long
> time, so unless these items are included in a patch, I don't think a
> false-positive OpenVAS report will get very far.

Thanks for your answer. I submitted it
https://bugzilla.samba.org/show_bug.cgi?id=12481 and with the CC: to
greenbone, maybe they will change something on the plugin for this.

thx again.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part
URL: <http://lists.samba.org/pipermail/samba/attachments/20161222/a28ae26d/signature.sig>

More information about the samba mailing list