Lucene search
UbuntuUSN-617-2HistoryJun 30, 2008 - 12:00 a.m.
Samba regression
2008-06-3000:00:00
ubuntu.com
41
Releases
- Ubuntu 8.04
- Ubuntu 7.10
- Ubuntu 7.04
- Ubuntu 6.06
Packages
- samba -
Details
USN-617-1 fixed vulnerabilities in Samba. The upstream patch
introduced a regression where under certain circumstances accessing
large files might cause the client to report an invalid packet
length error. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
Samba developers discovered that nmbd could be made to overrun
a buffer during the processing of GETDC logon server requests.
When samba is configured as a Primary or Backup Domain Controller,
a remote attacker could send malicious logon requests and possibly
cause a denial of service. (CVE-2007-4572)
Alin Rad Pop of Secunia Research discovered that Samba did not
properly perform bounds checking when parsing SMB replies. A remote
attacker could send crafted SMB packets and execute arbitrary code.
(CVE-2008-1105)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 8.04 | noarch | libsmbclient | < 3.0.28a-1ubuntu4.4 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libpam-smbpass | < 3.0.28a-1ubuntu4.4 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libsmbclient-dev | < 3.0.28a-1ubuntu4.4 | UNKNOWN |
| Ubuntu | 8.04 | noarch | samba | < 3.0.28a-1ubuntu4.4 | UNKNOWN |
| Ubuntu | 8.04 | noarch | samba-common | < 3.0.28a-1ubuntu4.4 | UNKNOWN |
| Ubuntu | 8.04 | noarch | samba-dbg | < 3.0.28a-1ubuntu4.4 | UNKNOWN |
| Ubuntu | 8.04 | noarch | smbclient | < 3.0.28a-1ubuntu4.4 | UNKNOWN |
| Ubuntu | 8.04 | noarch | smbfs | < 3.0.28a-1ubuntu4.4 | UNKNOWN |
| Ubuntu | 8.04 | noarch | swat | < 3.0.28a-1ubuntu4.4 | UNKNOWN |
| Ubuntu | 8.04 | noarch | winbind | < 3.0.28a-1ubuntu4.4 | UNKNOWN |
Related
nessus
nessus
Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : samba regression (USN-617-2)
2008-07-02 00:00:00
Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : samba vulnerabilities (USN-617-1)
2008-06-18 00:00:00
openSUSE 10 Security Update : cifs-mount (cifs-mount-5294)
2008-06-05 00:00:00
ubuntu
ubuntu
Samba vulnerabilities
2008-06-17 00:00:00
Samba vulnerabilities
2007-11-16 00:00:00
Samba regression
2007-11-16 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-617-1)
2009-03-23 00:00:00
Ubuntu: Security Advisory (USN-617-2)
2009-03-23 00:00:00
Ubuntu Update for samba vulnerabilities USN-617-1
2009-03-23 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: samba-3.0.30-0.fc8
2008-05-31 02:12:00
[SECURITY] Fedora 8 Update: samba-3.0.33-0.fc8
2008-12-03 01:24:47
[SECURITY] Fedora 7 Update: samba-3.0.28a-1.fc7
2008-05-31 02:17:57
securityvulns
securityvulns
[SAMBA] CVE-2007-4572 - GETDC mailslot processing buffer overrun in nmbd
2007-11-16 00:00:00
[SAMBA] CVE-2008-1105 - Boundary failure when parsing SMB responses
2008-05-29 00:00:00
Samba buffer overflow
2008-05-29 00:00:00
debiancve
debiancve
CVE-2007-4572
2007-11-16 18:46:00
CVE-2008-1105
2008-05-29 16:32:00
prion
prion
Stack overflow
2007-11-16 18:46:00
Heap overflow
2008-05-29 16:32:00
Design/Logic Flaw
2008-09-23 17:01:00
ubuntucve
ubuntucve
CVE-2007-4572
2007-11-16 00:00:00
CVE-2008-1105
2008-05-29 00:00:00
f5
f5
K9642 : Samba vulnerability CVE-2008-1105
2013-03-25 00:00:00
SOL9642 - Samba vulnerability CVE-2008-1105
2009-01-28 00:00:00
osv
osv
samba - arbitrary code execution
2008-05-30 00:00:00
samba - several vulnerabilities (update)
2007-11-29 00:00:00
samba - several vulnerabilities
2007-11-29 00:00:00
centos
centos
samba security update
2008-05-28 23:35:27
samba security update
2008-05-28 20:10:34
samba security update
2008-06-26 12:32:19
samba
samba
Boundary failure when parsing SMB responses
2008-05-29 00:00:00
Stack buffer overflow in nmbd's logon
2007-11-15 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:29:03
Arbitrary Code Execution
2020-04-10 00:17:29
redhat
redhat
(RHSA-2008:0290) Critical: samba security and bug fix update
2008-05-28 00:00:00
(RHSA-2008:0288) Critical: samba security update
2008-05-28 00:00:00
(RHSA-2008:0289) Critical: samba security update
2008-05-28 00:00:00
oraclelinux
oraclelinux
samba security update
2008-05-28 00:00:00
samba security update
2008-05-28 00:00:00
samba security and bug fix update
2008-06-02 00:00:00
cve
cve
seebug
seebug
Sun Solaris Samba receive_smb_raw()远程缓冲区溢出漏洞
2009-02-02 00:00:00
Samba NMBD登录请求远程溢出漏洞
2007-11-17 00:00:00
Samba receive_smb_raw()函数堆溢出漏洞
2008-05-30 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 5 package samba version 3.0.30-alt1
2008-05-28 00:00:00
suse
suse
remote code execution in samba
2008-06-04 17:18:43
remote code execution in samba
2007-12-05 16:05:59
gentoo
gentoo
Samba: Heap-based buffer overflow
2008-05-29 00:00:00
Samba: Execution of arbitrary code
2007-11-20 00:00:00
checkpoint_advisories
checkpoint_advisories
Samba receive_smb_raw SMB Packets Parsing Buffer Overflow (CVE-2008-1105)
2008-11-18 00:00:00
slackware
slackware
[slackware-security] samba
2008-05-29 03:19:58
[slackware-security] samba
2007-11-17 01:28:32
debian
debian
[SECURITY] [DSA 1590-1] New samba packages fix arbitrary code execution
2008-05-30 20:31:43
[SECURITY] [DSA 1409-1] New samba packages fix several vulnerabilities
2007-11-22 00:00:00
[SECURITY] [DSA 1409-3] New samba packages fix several vulnerabilities
2007-11-29 00:00:00
freebsd
freebsd
samba -- multiple vulnerabilities
2007-11-15 00:00:00