Ticket #256 (closed Fehler: Erledigt)
samba vulnerability CVE-2010-2063
| Reported by: | schmitt@… | Owned by: | tschmitt |
|---|---|---|---|
| Priority: | major | Milestone: | 4.0.5 |
| Component: | Base | Version: | 4.0.0 |
| Keywords: | samba | Cc: |
Description
Buffer overflow in the SMB1 packet chaining implementation in the chain_reply function in process.c in smbd in Samba 3.0.x before 3.3.13, which allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a crafted field in a packet. (CVE-2010-2063)
Siehe http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2063
Change History
comment:1 Changed 20 months ago by tschmitt
- Owner set to tschmitt
- Status changed from new to accepted
comment:2 Changed 20 months ago by tschmitt
- Status changed from accepted to closed
- Resolution set to Erledigt
Mit diesem Patch gefixte Samba-Pakete der Version 3.0.24-6etch10.1 sind nun in paedml40-testing.
Note: See
TracTickets for help on using
tickets.
