search for: fsctl_srv_enumerate_snapshot

...ious client could send packets that may set up the stack in such a way that the freeing of memory in a subsequent anonymous netlogon packet could allow execution of arbitrary code. This code would execute with root privileges. Samba 3.6.25 also includes a fix for CVE-2014-0178 (Malformed FSCTL_SRV_ENUMERATE_SNAPSHOTS response). o CVE-2014-0178: In preparing a response to an authenticated FSCTL_GET_SHADOW_COPY_DATA or FSCTL_SRV_ENUMERATE_SNAPSHOTS client request, affected versions of Samba do not initialize 8 bytes of the 16 byte SRV_SNAPSHOT_ARRAY response field. The uninitialized buffer is sent...

...ious client could send packets that may set up the stack in such a way that the freeing of memory in a subsequent anonymous netlogon packet could allow execution of arbitrary code. This code would execute with root privileges. Samba 3.6.25 also includes a fix for CVE-2014-0178 (Malformed FSCTL_SRV_ENUMERATE_SNAPSHOTS response). o CVE-2014-0178: In preparing a response to an authenticated FSCTL_GET_SHADOW_COPY_DATA or FSCTL_SRV_ENUMERATE_SNAPSHOTS client request, affected versions of Samba do not initialize 8 bytes of the 16 byte SRV_SNAPSHOT_ARRAY response field. The uninitialized buffer is sent...

...uncements --------------------- This is the latest stable release of Samba 4.0. Please note that this bug fix release also addresses two minor security issues without being a dedicated security release: o CVE-2014-0239: dns: Don't reply to replies (bug #10609). o CVE-2014-0178: Malformed FSCTL_SRV_ENUMERATE_SNAPSHOTS response (bug #10549). For more details including security advisories and patches, please see http://www.samba.org/samba/history/security.html Changes since 4.0.17: --------------------- o Michael Adam <obnox at samba.org> * BUG 10548: build: Fix ordering problems with lib-...

...uncements --------------------- This is the latest stable release of Samba 4.0. Please note that this bug fix release also addresses two minor security issues without being a dedicated security release: o CVE-2014-0239: dns: Don't reply to replies (bug #10609). o CVE-2014-0178: Malformed FSCTL_SRV_ENUMERATE_SNAPSHOTS response (bug #10549). For more details including security advisories and patches, please see http://www.samba.org/samba/history/security.html Changes since 4.0.17: --------------------- o Michael Adam <obnox at samba.org> * BUG 10548: build: Fix ordering problems with lib-...

...uncements --------------------- This is the latest stable release of Samba 4.1. Please note that this bug fix release also addresses two minor security issues without being a dedicated security release: o CVE-2014-0239: dns: Don't reply to replies (bug #10609). o CVE-2014-0178: Malformed FSCTL_SRV_ENUMERATE_SNAPSHOTS response (bug #10549). For more details including security advisories and patches, please see http://www.samba.org/samba/history/security.html Changes since 4.1.7: -------------------- o Michael Adam <obnox at samba.org> * BUG 10548: build: Fix ordering problems with lib-pro...

...uncements --------------------- This is the latest stable release of Samba 4.1. Please note that this bug fix release also addresses two minor security issues without being a dedicated security release: o CVE-2014-0239: dns: Don't reply to replies (bug #10609). o CVE-2014-0178: Malformed FSCTL_SRV_ENUMERATE_SNAPSHOTS response (bug #10549). For more details including security advisories and patches, please see http://www.samba.org/samba/history/security.html Changes since 4.1.7: -------------------- o Michael Adam <obnox at samba.org> * BUG 10548: build: Fix ordering problems with lib-pro...