In association with heise online

06 February 2007, 11:13

Samba team remedies three flaws

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The Samba team has released security advisories for three holes found over the course of the past two months; patches have now been provided. The first flaw is found in the program logic of the smbd server service, which may get caught in an infinite loop, causing the server to freeze.

The other two flaws theoretically allow code to be remotely injected and executed, although only under very specific conditions. On specially configured Solaris systems using winbindd, name resolution queries can cause a buffer overflow. In addition, a flaw in Samba servers that share AFS file systems and are set up to use the ACL plug-in, can be exploited by means of special filenames. When snprintf() is called, it is used directly as a format string, a situation that attackers can almost always exploit.

All three flaws have been remedied in version 3.0.24 of Samba. In addition, the team of developers has also provided individual source code patches so that users can manually upgrade older versions affected, up to and including 3.0.23d. Some distributors are already offering upgraded packets.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit