thr3ads.net - samba - [Samba] Samba-2.2.x and CAN-2004-0930 & CAN-2004-0882 ? [Nov 2004]

If this information is useful, please help other people find it:
Share via:

Ville Herva

2004-Nov-17 07:30 UTC

[Samba] Samba-2.2.x and CAN-2004-0930 & CAN-2004-0882 ?

Can someone confirm that Samba 2.2.x is not vulnerable to the recently
announced vulnerabilities CAN-2004-0930 and CAN-2004-0882?

The 0882 advisory 
  http://security.e-matters.de/advisories/132004.html
appears to imply 2.2.x is not vulnerable, but I couldn't find such
information for 0930 from the advisory
 
http://www.idefense.com/application/poi/display?id=156&type=vulnerabilities&flashstatus=true


-- v --

v@iki.fi

Ville Herva

2004-Nov-19 21:41 UTC

head link

[Samba] Re: Samba-2.2.x and CAN-2004-0930 & CAN-2004-0882 ?

On Wed, Nov 17, 2004 at 09:29:07AM +0200, you [Ville Herva]
wrote:> Can someone confirm that Samba 2.2.x is not vulnerable to the recently
> announced vulnerabilities CAN-2004-0930 and CAN-2004-0882?
Judging from http://rhn.redhat.com/errata/RHSA-2004-632.html 2.2.12 is
vulnerable - at least RH includes patches for both issues in their new
RHEL2.1 errata package (I don't know if they researched whether or not both
are exploitable with 2.2.x code base.)


-- v --

v@iki.fi

samba - Nov 2004 - Samba-2.2.x and CAN-2004-0930 & CAN-2004-0882 ?

[Samba] Samba-2.2.x and CAN-2004-0930 & CAN-2004-0882 ?

[Samba] Re: Samba-2.2.x and CAN-2004-0930 & CAN-2004-0882 ?