[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Vulnerability in Samba 2.2.10 and older
On Mon, Aug 30, 2004 at 10:21:10PM +0900, Takahiro Kambe wrote:
> > That's good news. Can you please update the entry for this vulnerability
> > in "localsrc/security/advisories/pkg-vulnerabilities"?
> I didn't think the problem the security related problem since it would
> crash forked smbd for the client and it wouldn't stop service for
> other (none Windows XP SP2) clients; the problem is Windows XP SP2
> clients only.
Are you sure that the "smbd" was already forked at that point of time?
I've read that it happens during an incomplete authentification.
> If it is worth adding as a pkg-vulnerabilities entry, what is the type
> of exploit? (The security fix by Samba 2.2.10 is fixed by ja-samba
> 220.127.116.11.0nb1 package and it is already described in pkg-vulnerabilities.)
Yes, definitely. Even if only a forked "smbd" crashes there must have
been a buffer overflow which can be abused to execute something on
the samba server.
Matthias Scheler http://scheler.de/~matthias/