linux.debian.announce.security :: debian-security-announce@lists.debian.org (Moderated)

linux.debian.announce.security

May 2008

mo	tu	we	th	fr	sa	su	w
			1	2	3	4	18
5	6	7	8	9	10	11	19
12	13	14	15	16	17	18	20
19	20	21	22	23	24	25	21
26	27	28	29	30	31		22

2008

Jan	Feb	Mar	Apr
May	Jun	Jul	Aug
Sep	Oct	Nov	Dec

linux.debian.announce.security Profile…

RELATED GROUPS

POPULAR GROUPS

more...

[SECURITY] [DSA 1590-1] New samba packages fix arbitrary code execution

Author: Florian Weimer
Date: May 30, 2008 13:40

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1590-1 security@debian.org
http://www.debian.org/security/ Florian Weimer
May 30, 2008 http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package : samba
Vulnerability : buffer overflow
Problem type : remote
Debian-specific: no
CVE Id : CVE-2008-1105
Debian Bug : 483410

Alin Rad Pop discovered that Samba contained a buffer overflow condition
when processing certain responses received while acting as a client,
leading to arbitrary code execution (CVE-2008-1105).

For the stable distribution (etch), this problem has been fixed in version
3.0.24-6etch10.

Show full article (22.42Kb)

no comments