lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: 31 Aug 2004 20:33:28 -0000
From: "Jérôme" ATHIAS <jerome.athias@...amail.com>
To: bugtraq@...urityfocus.com
Subject: Samba FindNextPrintChangeNotify() Error Lets Remote Authenticated
    Users Crash smbd




Date:  Mon, 30 Aug 2004 23:42:49 -0400
Subject:  http://samba.org/samba/history/samba-2.2.11.html
 
The Samba 2.2.11 release addresses the following bug:
 
  o Crashes in smbd triggered by a Windows XP SP2 client sending
    a FindNextPrintChangeNotify() request without previously
    issuing FindFirstPrintChangeNotify().


Impact:  Denial of service via network
 
Fix Available:  Yes   Exploit Included:  Yes   Vendor Confirmed:  Yes   
 
Version(s): prior to 3.0.6, prior to 2.2.11 
 
Description:  A vulnerability was reported in Samba. A remote authenticated user can cause smbd to crash. 

The vendor reported that a remote authenticated user can send a FindNextPrintChangeNotify() request without having previously sent a corresponding FindFirstPrintChangeNotify() requeste to cause smbd to crash.

This behavior can be triggered by a Windows XP SP2 client.

The flaw resides in printer_notify_info() in 'rpc_server/srv_spoolss_nt.c'.

Craig Huegen reported this flaw to the vendor. 
 
Impact:  A remote authenticated user can cause smbd to crash.
 
Solution:  The vendor has released a fixed version (3.0.6 and 2.2.11), available at:

http://samba.org/samba/download/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ