lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
From: martin.pitt at (Martin Pitt)
Subject: [USN-41-1] Samba vulnerability

Ubuntu Security Notice USN-41-1		  December 17, 2004
samba vulnerability

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)

The following packages are affected:


The problem can be corrected by upgrading the affected package to
version 3.0.7-1ubuntu6.3. In general, a standard system upgrade is
sufficient to effect the necessary changes.

Details follow:

Greg MacManus discovered an integer overflow in Samba's smbd daemon.
Requesting a very large number of access control descriptors from the
server caused an integer overflow, which resulted in a memory
allocation being too short, thus causing a buffer overflow. By sending
carefully crafted data, an attacker could exploit this to execute
arbitrary code on the server with full root permissions.

Source archives:
      Size/MD5:   374667 ce3dde42bd70c426634839cf54782e0a
      Size/MD5:      937 a8a5ff93eedc6ea1679149b4f069e3f3
      Size/MD5: 15012667 5906341429e64214909865a4be92e4ab

  Architecture independent packages:
      Size/MD5: 11604286 39702eae0c00e0c3bd78fa1c6b99620e

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)
      Size/MD5:   370810 e5e8868af27b6e4d8ffc44bf9fe1ed1e
      Size/MD5:   762814 636deea4ededb8cc8de09397187ddf7f
      Size/MD5:   575488 8f47e7277392604c5555b3e0c4058021
      Size/MD5:  5018166 4c21f61021372d2c733452365d5c96c9
      Size/MD5:  2090898 d10d1211d3225f0d6b22d6be2011bb48
      Size/MD5:  2667600 6702caa1600427d6b2d73c54f3b2bdc8
      Size/MD5:  2710742 aa35b3cd3c7abc558bee8af18e611beb
      Size/MD5:   361416 fe47fc6ef1c2481491014340da3b3490
      Size/MD5:  4027140 3273db2b3afaef0d9b2c9e72479b6a59
      Size/MD5:  1527704 252e4e5bd8d10e9f4c4e9c88d4de22e0

  i386 architecture (x86 compatible Intel/AMD)
      Size/MD5:   327364 630f7d24ee6cfc37f7243a407e4a1267
      Size/MD5:   687708 c458ee0029d72a3654fb712e9739b2b3
      Size/MD5:   510324 e6da157c33a4b765728e4615163985f1
      Size/MD5:  4418918 d52eaee2504ffae81278721b0ccea558
      Size/MD5:  1836502 41d3d3c8e0683ab554a8032568f675f7
      Size/MD5:  2299824 4cbe8d86b4f61f6eb056baa2fb6f3152
      Size/MD5:  2302160 be1e26f821bc43835ddce7054758adb3
      Size/MD5:   309120 c7bc13d8b6eb2bd12fe39a63c9c0cc2a
      Size/MD5:  3938838 f43e590aca75c1e51397dc5db26f7f81
      Size/MD5:  1300364 0cb13bb316158c620587910c07c5286c

  powerpc architecture (Apple Macintosh G3/G4/G5)
      Size/MD5:   356442 1fcbf302736e3a25c25f075263ab5876
      Size/MD5:   706168 b3cc80d1417a167e0a6e3ff7470818eb
      Size/MD5:   566350 aa443355cc2e4d87d3eb0f03b2c7a144
      Size/MD5:  4811490 18553dbc7c5816a647dca8a13842fbfa
      Size/MD5:  2045052 ccce36d9d07ebcaa017e15cae5cb6fc1
      Size/MD5:  2620790 12cb87e420932b735ce3d691a136566a
      Size/MD5:  2656812 e38917838372c2c2580ffa50035e40d4
      Size/MD5:   353458 ad5f350383324d2b9b109ced4a249f06
      Size/MD5:  4016148 30fa677d4c19833873d1bab4c83acb16
      Size/MD5:  1482364 33132688997e5e72759c8f85e61d2a9c
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url :

Powered by blists - more mailing lists