[Pkg-samba-maint] (forw) [SECURITY] Samba 3.0.1 - 3.0.22: memory exhaustion DoS against smbd

Christian Perrier bubulle at debian.org
Tue Jul 11 05:26:52 UTC 2006


Guys, it seems we have work for our sarge version. From the
announcement, a patch exists that we should only need to apply on
3.0.14a

Who does the work and talks to the security team? To be clear, I'd
actually prefer this *not* being me..:-)

----- Forwarded message from "Gerald (Jerry) Carter" <jerry at samba.org> -----

Date: Mon, 10 Jul 2006 15:21:36 -0500
From: "Gerald (Jerry) Carter" <jerry at samba.org>
To: samba-announce at samba.org
Subject: [SECURITY] Samba 3.0.1 - 3.0.22: memory exhaustion DoS against smbd

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

==========================================================
==
== Subject:     Memory exhaustion DoS against smbd
== CVE ID#:     CAN-2006-1059
==
== Versions:    Samba Samba 3.0.1 - 3.0.22 (inclusive)
==
== Summary:     smbd may allow internal structures
==              maintaining state for share connections
==              to grow unbounded.
==
==========================================================


===========
Description
===========

The smbd daemon maintains internal data structures used track
active connections to file and printer shares.  In certain
circumstances an attacker may be able to continually increase
the memory usage of an smbd process by issuing a large number
of share connection requests.  This defect affects all Samba
configurations.



==================
Patch Availability
==================

A patch for Samba 3.0.1 - 3.0.22 has been posted at
http://www.samba.org/samba/security/.

Guidelines for securing Samba hosts are listed at
http://www.samba.org/docs/server_security.html


=======
Credits
=======

This security issue discovered during an internal security
audit of the Samba source code by the Samba Team.


==========================================================
== Our Code, Our Bugs, Our Responsibility.
== The Samba Team
==========================================================


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org

iD8DBQFEsrbQIR7qMdg1EfYRAtQqAJ9E17cqTxRq91dctS2YmdEZJ1W2FwCff2lr
hG50W6mAkt1km+xqivzh0/g=
=6yRA
-----END PGP SIGNATURE-----


----- End forwarded message -----

-- 


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-samba-maint/attachments/20060711/f577bbd1/attachment.pgp


More information about the Pkg-samba-maint mailing list