In association with heise online

« previous | next »
25 June 2009, 12:40

Security updates for Samba

The developers of the free file and print server Samba have released versions 3.0.35, 3.2.13 and 3.3.6 to address two vulnerabilities, one in the smbclient and one in the server. The smbclient tool has a format string vulnerability which can be triggered when the put command is used with malicious file names. In rare cases this could lead to the execution of unwanted code in Samba versions 3.0.31 to 3.3.5.

The server vulnerability can be found in smbd version 3.2.0 and 3.2.12 and allows the unauthorised change of permissions of a writeable file. The problem in this case is caused by missing initialisation for certain data. In addition to the new versions, there are patches for 3.35, for 3.2.12's smbclient, for 3.2.12's smbd and for 3.0.34.

See also:

(djwm)

Add your comment

« previous | next »
Print Version | Send by email | Permalink: http://h-online.com/-742201

Also on The H:

  • Share this article
  • Twitter
  • Facebook
  • digg this
  • submit to slashdot
  • post to delicious
  • StumbleUpon
  • submit to reddit
The H Open Headlines

Price Insight Top 10 powered by Skinflint

  1. Samsung Galaxy S2 i9100 16GB schwarz
  2. Crucial m4 SSD 128GB
  3. Intel Core i5-2500K
  4. TeamGroup Elite DIMM Kit 8GB PC3-10667U CL9-9-9-24 (DDR3-1333)
  5. Intel Core i7-2600K
  6. ASUS EAH6870 DC/2DI2S/1GD5
  7. ASRock Z68 Pro3
  8. Samsung Galaxy S Plus i9001 schwarz 8GB
  9. Samsung EcoGreen F4 2000GB
  10. Samsung Galaxy S i9000 schwarz 8GB

The H

The H open source

The H Security

The H Internet Toolkit