FS#7176 : Security bugs in samba server 3.0.24

FS#7176 - Security bugs in samba server 3.0.24

Attached to Project: Arch Linux
Opened by Hussam Al-Tayeb (hussam) - Wednesday, 16 May 2007, 16:43 GMT
Last edited by Tobias Powalowski (tpowa) - Saturday, 19 May 2007, 17:25 GMT

Task Type	Bug Report
Category	Security
Status	Closed
Assigned To	Tobias Powalowski (tpowa)
Architecture	All
Severity	Medium
Priority	Normal
Reported Version	0.8 Voodoo
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	0
Private	No

Details

Samba sever contains the following security bugs that were fixed in 3.0.25:
* CVE-2007-2444 (Samba 3.0.23d - 3.0.25pre2): Local SID/Name translation bug can result in user privilege elevation.
* CVE-2007-2446 (Samba 3.0.0 - 3.0.25rc3): Multiple heap overflows allow remote code execution.
* CVE-2007-2447 (Samba 3.0.0 - 3.0.25rc3): Unescaped user input parameters are passed as arguments to /bin/sh allowing for remote command execution.

Can we get an update to 3.0.25?

This task depends upon
~~FS#7187 - Warning on samba~~

Closed by Tobias Powalowski (tpowa)
Saturday, 19 May 2007, 17:25 GMT
Reason for closing: Fixed

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#7176 - Security bugs in samba server 3.0.24

Details

Loading...