paul Posted November 30, 2007 Report Share Posted November 30, 2007 The samba developers discovered that nmbd could be made to overrun a buffer during the processing of GETDC logon server requests. If samba is configured as a Primary or Backup Domain Controller, this could be used by a remote attacker to send malicious logon requests and possibly cause a denial of service (CVE-2007-4572). As well, Alin Rad Pop of Secunia Research found that nmbd did not properly check the length of netbios packets. If samba is configured as a WINS server, this could be used by a remote attacker able to send multiple crafted requests to nmbd, resulting in the execution of arbitrary code with root privileges (CVE-2007-5398). Update: This update corrects all known regressions with previous Samba updates due to the security fixes to correct CVE-2007-4572. Link to comment Share on other sites More sharing options...
Recommended Posts