Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-617-2
HistoryJun 30, 2008 - 12:00 a.m.

Samba regression

2008-06-3000:00:00
ubuntu.com
43

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

Low

0.97 High

EPSS

Percentile

99.8%

JSON

Releases

  • Ubuntu 8.04
  • Ubuntu 7.10
  • Ubuntu 7.04
  • Ubuntu 6.06

Packages

  • samba -

Details

USN-617-1 fixed vulnerabilities in Samba. The upstream patch
introduced a regression where under certain circumstances accessing
large files might cause the client to report an invalid packet
length error. This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

Samba developers discovered that nmbd could be made to overrun
a buffer during the processing of GETDC logon server requests.
When samba is configured as a Primary or Backup Domain Controller,
a remote attacker could send malicious logon requests and possibly
cause a denial of service. (CVE-2007-4572)

Alin Rad Pop of Secunia Research discovered that Samba did not
properly perform bounds checking when parsing SMB replies. A remote
attacker could send crafted SMB packets and execute arbitrary code.
(CVE-2008-1105)

OSVersionArchitecturePackageVersionFilename
Ubuntu8.04noarchlibsmbclient< 3.0.28a-1ubuntu4.4UNKNOWN
Ubuntu8.04noarchlibpam-smbpass< 3.0.28a-1ubuntu4.4UNKNOWN
Ubuntu8.04noarchlibsmbclient-dev< 3.0.28a-1ubuntu4.4UNKNOWN
Ubuntu8.04noarchsamba< 3.0.28a-1ubuntu4.4UNKNOWN
Ubuntu8.04noarchsamba-common< 3.0.28a-1ubuntu4.4UNKNOWN
Ubuntu8.04noarchsamba-dbg< 3.0.28a-1ubuntu4.4UNKNOWN
Ubuntu8.04noarchsmbclient< 3.0.28a-1ubuntu4.4UNKNOWN
Ubuntu8.04noarchsmbfs< 3.0.28a-1ubuntu4.4UNKNOWN
Ubuntu8.04noarchswat< 3.0.28a-1ubuntu4.4UNKNOWN
Ubuntu8.04noarchwinbind< 3.0.28a-1ubuntu4.4UNKNOWN
Rows per page:
1-10 of 421

Related

nessus 43
openvas 80
ubuntu 3
fedora 9
osv 4
samba 2
prion 3
centos 7
f5 2
securityvulns 6
oraclelinux 5
ubuntucve 2
cvelist 2
debian 4
debiancve 2
veracode 2
seebug 3
cve 3
nvd 3
redhat 5
suse 2
gentoo 2
altlinux 1
slackware 2
checkpoint_advisories 1
freebsd 1
nessus
nessus
Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : samba regression (USN-617-2)
2008-07-02 00:00:00
Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : samba vulnerabilities (USN-617-1)
2008-06-18 00:00:00
Fedora 9 : samba-3.2.0-1.rc1.14.fc9 (2008-4724)
2008-06-02 00:00:00
openvas
openvas
Ubuntu Update for samba vulnerabilities USN-617-1
2009-03-23 00:00:00
Ubuntu: Security Advisory (USN-617-2)
2009-03-23 00:00:00
Ubuntu: Security Advisory (USN-617-1)
2009-03-23 00:00:00
ubuntu
ubuntu
Samba vulnerabilities
2008-06-17 00:00:00
Samba vulnerabilities
2007-11-16 00:00:00
Samba regression
2007-11-16 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: samba-3.0.30-0.fc8
2008-05-31 02:12:00
[SECURITY] Fedora 8 Update: samba-3.0.33-0.fc8
2008-12-03 01:24:47
[SECURITY] Fedora 9 Update: samba-3.2.0-1.rc1.14.fc9
2008-05-31 02:14:21
osv
osv
samba - arbitrary code execution
2008-05-30 00:00:00
samba - several vulnerabilities
2007-11-29 00:00:00
samba - several vulnerabilities
2007-11-29 00:00:00
samba
samba
Boundary failure when parsing SMB responses
2008-05-29 00:00:00
Stack buffer overflow in nmbd's logon
2007-11-15 00:00:00
prion
prion
Heap overflow
2008-05-29 16:32:00
Stack overflow
2007-11-16 18:46:00
Design/Logic Flaw
2008-09-23 17:01:00
centos
centos
samba security update
2008-05-28 23:35:27
samba security update
2008-05-28 20:10:34
samba security update
2008-06-26 12:32:19
f5
f5
K9642 : Samba vulnerability CVE-2008-1105
2013-03-25 00:00:00
SOL9642 - Samba vulnerability CVE-2008-1105
2009-01-28 00:00:00
securityvulns
securityvulns
[SAMBA] CVE-2008-1105 - Boundary failure when parsing SMB responses
2008-05-29 00:00:00
[SAMBA] CVE-2007-4572 - GETDC mailslot processing buffer overrun in nmbd
2007-11-16 00:00:00
Samba buffer overflow
2008-05-29 00:00:00
oraclelinux
oraclelinux
samba security update
2008-05-28 00:00:00
samba security and bug fix update
2008-06-02 00:00:00
samba security update
2008-05-28 00:00:00
ubuntucve
ubuntucve
CVE-2008-1105
2008-05-29 00:00:00
CVE-2007-4572
2007-11-16 00:00:00
cvelist
cvelist
CVE-2008-1105
2008-05-29 16:00:00
CVE-2007-4572
2007-11-16 18:00:00
debian
debian
[SECURITY] [DSA 1590-1] New samba packages fix arbitrary code execution
2008-05-30 20:31:36
[SECURITY] [DSA 1409-2] New samba packages fix several vulnerabilities
2007-11-26 14:53:41
[SECURITY] [DSA 1409-3] New samba packages fix several vulnerabilities
2007-11-29 14:28:19
debiancve
debiancve
CVE-2007-4572
2007-11-16 18:46:00
CVE-2008-1105
2008-05-29 16:32:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:17:29
Arbitrary Code Execution
2020-04-10 00:29:03
seebug
seebug
Samba NMBD登录请求远程溢出漏洞
2007-11-17 00:00:00
Sun Solaris Samba receive_smb_raw()远程缓冲区溢出漏洞
2009-02-02 00:00:00
Samba receive_smb_raw()函数堆溢出漏洞
2008-05-30 00:00:00
cve
cve
CVE-2007-4572
2007-11-16 18:46:00
CVE-2008-1105
2008-05-29 16:32:00
CVE-2008-4189
2008-09-23 17:01:22
nvd
nvd
CVE-2007-4572
2007-11-16 18:46:00
CVE-2008-1105
2008-05-29 16:32:00
CVE-2008-4189
2008-09-23 17:01:22
redhat
redhat
(RHSA-2008:0290) Critical: samba security and bug fix update
2008-05-28 00:00:00
(RHSA-2008:0288) Critical: samba security update
2008-05-28 00:00:00
(RHSA-2008:0289) Critical: samba security update
2008-05-28 00:00:00
suse
suse
remote code execution in samba
2008-06-04 17:18:43
remote code execution in samba
2007-12-05 16:05:59
gentoo
gentoo
Samba: Heap-based buffer overflow
2008-05-29 00:00:00
Samba: Execution of arbitrary code
2007-11-20 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 5 package samba version 3.0.30-alt1
2008-05-28 00:00:00
slackware
slackware
[slackware-security] samba
2008-05-29 03:19:58
[slackware-security] samba
2007-11-17 01:28:32
checkpoint_advisories
checkpoint_advisories
Samba receive_smb_raw SMB Packets Parsing Buffer Overflow (CVE-2008-1105)
2008-11-18 00:00:00
freebsd
freebsd
samba -- multiple vulnerabilities
2007-11-15 00:00:00

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

Low

0.97 High

EPSS

Percentile

99.8%

JSON
Related for USN-617-2
nessus43openvas80ubuntu3fedora9osv4samba2prion3centos7f52securityvulns6oraclelinux5ubuntucve2cvelist2debian4debiancve2veracode2seebug3cve3nvd3redhat5suse2gentoo2altlinux1slackware2checkpoint_advisories1freebsd1