• This forum has a zero tolerance policy regarding spam. If you register here to publish advertising, your user account will be deleted without further questions.

Samba CAN-2004-0930

Thorsten

SSF Facilitymanagement
Staff member
Release: 20041112
Obsoletes: none

Indications

Install this update if you use Samba as a file server.

Problem description

A remote attacker could cause and smbd process to consume
abnormal amounts of system resources due to an input
validation error when matching filenames containing wildcard
characters. (CVE id CAN-2004-0930)

With this version we've also fixed the roundup problem
(returning 1mb roundup) for non-Windows clients.

You find a detailed overview about all Samba Security
Releases at:
http://www.Samba.org/samba/history/security.html

The Samba Team provides also a general "Server Security"
documentation at:
http://www.Samba.org/samba/docs/server_security.html

Solution

Please install the updates provided at the location noted
below.

Installation notes

This update is provided as an RPM package that can easily be
installed onto a running system by using this command:

rpm -Fhv samba.rpm
 
Back
Top