Samba update fixes DoS vulnerabilities
Released last week, version 3.4.8 of the free Samba file and print server fixes various holes including two denial of service (DoS) vulnerabilities which allow attackers to remotely crash the Smbd service. One of the problems is caused by a null pointer dereference when processing a certain series of SMB headers that include a specific combination of flags. The other hole involves an uninitialised variable read when processing specially crafted "Session Setup AndX" requests with flawed Security Binary Large Object (security blob) length values.
Both flaws were already fixed in April In version 3.5.2. Users are advised to install one of the new versions as soon as possible because security firm Stratsec, which discovered the holes, released some relevant exploits.at the same time as the details of the vulnerability.
- Samba Multiple DoS Vulnerabilities (SS-2010-005), security advisory from Stratsec.