Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#7176 - Security bugs in samba server 3.0.24
Attached to Project:
Arch Linux
Opened by Hussam Al-Tayeb (hussam) - Wednesday, 16 May 2007, 16:43 GMT
Last edited by Tobias Powalowski (tpowa) - Saturday, 19 May 2007, 17:25 GMT
Opened by Hussam Al-Tayeb (hussam) - Wednesday, 16 May 2007, 16:43 GMT
Last edited by Tobias Powalowski (tpowa) - Saturday, 19 May 2007, 17:25 GMT
|
DetailsSamba sever contains the following security bugs that were fixed in 3.0.25:
* CVE-2007-2444 (Samba 3.0.23d - 3.0.25pre2): Local SID/Name translation bug can result in user privilege elevation. * CVE-2007-2446 (Samba 3.0.0 - 3.0.25rc3): Multiple heap overflows allow remote code execution. * CVE-2007-2447 (Samba 3.0.0 - 3.0.25rc3): Unescaped user input parameters are passed as arguments to /bin/sh allowing for remote command execution. Can we get an update to 3.0.25? |
