[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Vulnerability in Samba 2.2.10 and older



On Wed, Sep 01, 2004 at 05:02:04PM +0900, Takahiro Kambe wrote:
> > > We might even be able to remove that entry if we know for sure that
> > > this bug doesn't crash the main Samba server process.
> > I don't know in detail and I don't want to read (or understand)
> > Samba's codes.  ;-p
> This problem is caused by authenticated user only.

Ok, I've removed the entry. A client crashing its own server process
isn't a Denial Of Service attack as long as the main process is
still arround for forking more server processes.

	Kind regards

-- 
Matthias Scheler                                  http://scheler.de/~matthias/