oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Fwd: [Full-disclosure] stratsec Security Advisory SS-2010-005: Samba Multiple DoS Vulnerabilities

From: Thomas Biege <thomas () suse de>
Date: Wed, 26 May 2010 11:23:35 +0200
Am Mittwoch 26 Mai 2010 09:46:44 schrieb Tomas Hoger:

On Tue, 25 May 2010 17:10:04 +0200 Thomas Biege wrote:

So far no assignments were made, right?


Do you have any public bug report with further details about these
flaws?


I am just aware of this posting to FD.



According to our samba maintainers, this code is only executed
in per-connection smbd child and one can only DoS own connection. It
seems upstream has not handled this as security either.


That would be good. One samba update less.

Cheers,
Thomas


-- 
 Thomas Biege <thomas () suse de>, SUSE LINUX, Security Support & Auditing
 SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)
--
  Wer aufhoert besser werden zu wollen, hoert auf gut zu sein.
                            -- Marie von Ebner-Eschenbach
Previous By Date Next
Previous By Thread Next

Current thread: