samba - Sep 2010 - Regarding the code Change for CVE-2010-3069 ( Buffer Overrun Vulnerability )

Hi All,

We are trying to fix the  CVE-2010-3069 ( Buffer Overrun Vulnerability ) in
the  Samba 3.0.28a Source code.
According to  Samba-3.3.13-CVE-2010-3069 patch, we have changed  the code
of  Samba 3.0.28a.We are unable to modify
samba-3.0.28a(source/smbd/nttrance.c ) code due to following reason.

In the Samba-3.3-13 /source/smbd/nttrance.c   we  are using "req" that
of
"struct smb_request" type as a parameter in the call_nt_transact_ioctl
,
call_nt_transact_get_user_quota and call_nt_transact_set_user_quota
functions.But there is no "req" in the 3.0.28a code.We are facing the
problem where we have to change the code of Samba 3.0.28.a.


Any suggestions please help us...

On Wed, Sep 29, 2010 at 03:51:01PM +0530, ssamba321 s321
wrote:
> We are trying to fix the  CVE-2010-3069 ( Buffer Overrun Vulnerability ) in
> the  Samba 3.0.28a Source code.
> According to  Samba-3.3.13-CVE-2010-3069 patch, we have changed  the code
> of  Samba 3.0.28a.We are unable to modify
> samba-3.0.28a(source/smbd/nttrance.c ) code due to following reason.
> 
> In the Samba-3.3-13 /source/smbd/nttrance.c   we  are using "req"
that of
> "struct smb_request" type as a parameter in the
call_nt_transact_ioctl ,
> call_nt_transact_get_user_quota and call_nt_transact_set_user_quota
> functions.But there is no "req" in the 3.0.28a code.We are facing
the
> problem where we have to change the code of Samba 3.0.28.a.
> 
> 
> Any suggestions please help us...
Sorry, but the Samba Team has discontinued support for 3.0
more than a year ago. However, quite a few distributors like
RedHat and probably debian have backported the security to
their shipped versions of Samba 3.0.

ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/samba-3.0.33-0.19.el4_8.3.src.rpm

is the current RedHat RPM. Contained in that RPM is a file
called samba-3.0.37-CVE-2010-3069.patch, which might be a
bit closer to what you need.

Volker