[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Vulnerability in Samba 2.2.10 and older
On Wed, Sep 01, 2004 at 05:02:04PM +0900, Takahiro Kambe wrote:
> > > We might even be able to remove that entry if we know for sure that
> > > this bug doesn't crash the main Samba server process.
> > I don't know in detail and I don't want to read (or understand)
> > Samba's codes. ;-p
> This problem is caused by authenticated user only.
Ok, I've removed the entry. A client crashing its own server process
isn't a Denial Of Service attack as long as the main process is
still arround for forking more server processes.
Matthias Scheler http://scheler.de/~matthias/