Samba update remedies DoS weak point
In an error report, the developers of the free SMB/CIFS server Samba describe a denial-of-service weak point in smdb, which handles the management of the file and printer shares. An excess number of connection queries for shares may increase memory allocation for the process so much that servers no longer respond.
Versions 3.0.1 to 3.0.22 are affected, whereas the flaw has been remedied in version 3.0.23. A patch that limits the number of open connections to 2,048 is also available. Some Linux distributors are supplying Samba packets with this error already remedied.
- Memory exhaustion DoS against smbd, error report at samba.org