oss-sec mailing list archives
Re: pam_cifscreds stack overflow
From: cve-assign () mitre org
Date: Thu, 10 Apr 2014 14:16:50 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
We are tracking a patch at: https://bugzilla.novell.com/show_bug.cgi?id=870168 Fixing buffer overflow in cifskey, maybe also used in samba itself?
This seems potentially applicable: https://git.samba.org/?p=cifs-utils.git;a=blob;f=cifskey.c Does anyone from Samba or Red Hat want to comment on whether this issue already has a CVE ID? CVE IDs for Samba vulnerabilities typically originate from the Red Hat CNA, but the specific process -- and how far in advance a CVE ID might be allocated for Samba -- is not something visible to MITRE. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (SunOS) iQEcBAEBAgAGBQJTRt+TAAoJEKllVAevmvms5ZgH/2jMjO0xCgD7By2xsk9Ox/5e 3JW2rph7Zdnl3lm0OMVa+mJkyuw9gV/CMTsfLYb8ct5Boe+j4FoVLL/EdyPS3GAF ZXTfLWsZ+7gaONWn0sxXltWQ++/vv0stOgJxuRH7PGmX2eiug3y6M+9RoxztQe3v 3RhcLpiYduYTnFULeEn26J7+Zgv2ZFU7Bo0q9fNSDeUhOby02vqDA7wiUhpfBzfr 5PMWsL4x+EANFFDAlZNtumeRhz/4R7c7q783Ux2Y2zGwflhqvn22JK48vzBNIJEL 0jKtsDw+od3RT45EXcmnBzXSHxn6pMXb1P2lzDBq+vQ1t5IkfI+BtDYL+l7waq4= =XiVs -----END PGP SIGNATURE-----
Current thread:
- pam_cifscreds stack overflow Sebastian Krahmer (Apr 09)
- Re: pam_cifscreds stack overflow cve-assign (Apr 10)
- Re: Re: pam_cifscreds stack overflow Kurt Seifried (Apr 10)
- Re: pam_cifscreds stack overflow cve-assign (Apr 10)
- Re: pam_cifscreds stack overflow Sebastian Krahmer (Apr 13)
- Re: pam_cifscreds stack overflow cve-assign (Apr 10)