samba security update

2006-07-25T19:41:38
ID CESA-2006:0591
Type centos
Reporter CentOS Project
Modified 2006-08-03T14:18:34

Description

CentOS Errata and Security Advisory CESA-2006:0591

Samba provides file and printer sharing services to SMB/CIFS clients.

A denial of service bug was found in the way the smbd daemon tracks active connections to shares. It was possible for a remote attacker to cause the smbd daemon to consume a large amount of system memory by sending carefully crafted smb requests. (CVE-2006-3403)

Users of Samba are advised to upgrade to these packages, which contain a backported patch to correct this issue.

Merged security bulletin from advisories: http://lists.centos.org/pipermail/centos-announce/2006-August/013101.html http://lists.centos.org/pipermail/centos-announce/2006-August/013102.html http://lists.centos.org/pipermail/centos-announce/2006-July/013055.html http://lists.centos.org/pipermail/centos-announce/2006-July/013056.html http://lists.centos.org/pipermail/centos-announce/2006-July/013057.html http://lists.centos.org/pipermail/centos-announce/2006-July/013062.html http://lists.centos.org/pipermail/centos-announce/2006-July/013063.html http://lists.centos.org/pipermail/centos-announce/2006-July/013064.html http://lists.centos.org/pipermail/centos-announce/2006-July/013065.html

Affected packages: samba samba-client samba-common samba-swat

Upstream details at: https://rhn.redhat.com/errata/RHSA-2006-0591.html