Ticket #256 (closed Fehler: Erledigt)

Opened 2 months ago

Last modified 2 months ago

samba vulnerability CVE-2010-2063

Reported by: schmitt@… Owned by: tschmitt
Priority: major Milestone: 4.0.5
Component: Base Version: 4.0.0
Keywords: samba Cc:

Description

Buffer overflow in the SMB1 packet chaining implementation in the chain_reply function in process.c in smbd in Samba 3.0.x before 3.3.13, which allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a crafted field in a packet. (CVE-2010-2063)
Siehe  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2063

Change History

Changed 2 months ago by tschmitt

  • owner set to tschmitt
  • status changed from new to accepted

Changed 2 months ago by tschmitt

  • status changed from accepted to closed
  • resolution set to Erledigt

Mit diesem  Patch gefixte Samba-Pakete der Version 3.0.24-6etch10.1 sind nun in  paedml40-testing.

Note: See TracTickets for help on using tickets.