FreeBSD : samba -- format string bug in afsacl.so VFS plugin (57ae52f7-b9cc-11db-bf0f-0013720b182d)

The Samba Team reports : NOTE: This security advisory only impacts Samba servers that share AFS file systems to CIFS clients and which have been explicitly instructed in smb.conf to load the afsacl.so VFS module. The source defect results in the name of a file stored on disk being used as the...

Samba服务器VFS插件afsacl.so远程格式串处理漏洞

Samba是一套实现SMB（Server Messages Block）协议、跨平台进行文件共享和打印共享服务的程序。 Samba的VFS插件afsacl.so库在处理文件名时存在格式串漏洞，攻击者可能利用此漏洞诱使用户处理恶意的VFS分区控制服务器。 Samba在调用snprintf时将磁盘上所储存的文件名用作了格式串，如果用户能够写入的共享使用Samba的afsacl.so库对AFS文件系统上的文件设置Windows NT访问控制列表的话，就可能通过文件名中的格式串标识符导致执行任意代码。 这个漏洞仅影响与CIFS共享了AFS文件系统并在smb.conf中明确要求加载afsacl.s...

Format string bug in afsacl.so VFS plugin.

Description NOTE: This security advisory only impacts Samba servers that share AFS file systems to CIFS clients and which have been explicitly instructed in smb.conf to load the afsacl.so VFS module. The source defect results in the name of a file stored on disk being used as the format string in...

Samba file server multiple security vulnerabilities

Solaris nsswinbind.so.1 gethostbyname and nsswinbind.so.1 functions buffer overflow. Remote DoS in smbd with infinite loop. Format string vulnerability in VFS afsacl.so plugin...

samba -- format string bug in afsacl.so VFS plugin

The Samba Team reports: NOTE: This security advisory only impacts Samba servers that share AFS file systems to CIFS clients and which have been explicitly instructed in smb.conf to load the afsacl.so VFS module. The source defect results in the name of a file stored on disk being used as the form...