Bugtraq mailing list archives

Re: [ANNOUNCEMENT] Samba 3.0.1 - 3.0.22: memory exhaustion DoS against smbd

From: "Gerald (Jerry) Carter" <jerry () samba org>
Date: Mon, 10 Jul 2006 18:47:38 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Gerald (Jerry) Carter wrote:

==========================================================
==
== Subject:     Memory exhaustion DoS against smbd
== CVE ID#:     CAN-2006-1059

  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

==
== Versions:    Samba Samba 3.0.1 - 3.0.22 (inclusive)
==
== Summary:     smbd may allow internal structures
==              maintaining state for share connections
==              to grow unbounded.
==
==========================================================


This is a cut-n-paste error.  The correct CVE # is
CVE-2006-3403.  Sorry for any confusion. It has been
updated on the web site as well.  All other information
is correct.






cheers, jerry
=====================================================================
Samba                                    ------- http://www.samba.org
Centeris                         -----------  http://www.centeris.com
"What man is a man who does not make the world better?"      --Balian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org

iD8DBQFEsucaIR7qMdg1EfYRAiQgAKC/hRB8FFMkKYTUD3P3qSLAxXAo/wCg7n+j
6z+13jxmSlgZaA9WKenkMB0=
=W8Nz
-----END PGP SIGNATURE-----

Current thread:

[ANNOUNCEMENT] Samba 3.0.1 - 3.0.22: memory exhaustion DoS against smbd Gerald (Jerry) Carter (Jul 10)
- Re: [ANNOUNCEMENT] Samba 3.0.1 - 3.0.22: memory exhaustion DoS against smbd Gerald (Jerry) Carter (Jul 12)