Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

USN-556-1: Samba vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) USN-556-1: Samba vulnerability
# 1  
Old 12-24-2007
USN-556-1: Samba vulnerability
Referenced CVEs:
CVE-2007-6015


Description:
=========================================================== Ubuntu Security Notice USN-556-1 December 18, 2007samba vulnerabilityCVE-2007-6015===========================================================A security issue affects the following Ubuntu releases:Ubuntu 6.06 LTSUbuntu 6.10Ubuntu 7.04Ubuntu 7.10This advisory also applies to the corresponding versions ofKubuntu, Edubuntu, and Xubuntu.The problem can be corrected by upgrading your system to thefollowing package versions:Ubuntu 6.06 LTS: libsmbclient 3.0.22-1ubuntu3.6 samba 3.0.22-1ubuntu3.6Ubuntu 6.10: libsmbclient 3.0.22-1ubuntu4.5 samba 3.0.22-1ubuntu4.5Ubuntu 7.04: libsmbclient 3.0.24-2ubuntu1.5 samba 3.0.24-2ubuntu1.5Ubuntu 7.10: libsmbclient 3.0.26a-1ubuntu2.3 samba 3.0.26a-1ubuntu2.3In general, a standard system upgrade is sufficient to effect thenecessary changes.Details follow:Alin Rad Pop discovered that Samba did not correctly check the sizeof reply packets to mailslot requests. If a server was configuredwith domain logon enabled, an unauthenticated remote attacker could senda specially crafted domain logon packet and execute arbitrary code orcrash the Samba service. By default, domain logon is disabled in Ubuntu.





More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT OSX

openpam_free_data

OPENPAM_FREE_DATA(3)					   BSD Library Functions Manual 				      OPENPAM_FREE_DATA(3)

NAME

     openpam_free_data -- generic cleanup function

LIBRARY

     Pluggable Authentication Module Library (libpam, -lpam)

SYNOPSIS

     #include <sys/types.h>
     #include <security/pam_appl.h>
     #include <security/openpam.h>

     void
     openpam_free_data(pam_handle_t *pamh, void *data, int status);

DESCRIPTION

     The openpam_free_data function is a cleanup function suitable for passing to pam_set_data(3).  It simply releases the data by passing its
     data argument to free(3).

SEE ALSO

     free(3), pam(3), pam_set_data(3)

STANDARDS

     The openpam_free_data function is an OpenPAM extension.

AUTHORS

     The openpam_free_data function and this manual page were developed for the FreeBSD Project by ThinkSec AS and Network Associates Laborato-
     ries, the Security Research Division of Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 (``CBOSS''), as part of the
     DARPA CHATS research program.

BSD
								 December 21, 2007							       BSD