thr3ads.net - Secure testing team - [Secure-testing-team] Bug#527894: CVE-2008-6800: Race condition in the winbind daemon (aka winbindd) in Samba before 3.0.32 [May 2009]

If this information is useful, please help other people find it:
Share via:

Giuseppe Iuculano

2009-May-09 08:17 UTC

[Secure-testing-team] Bug#527894: CVE-2008-6800: Race condition in the winbind daemon (aka winbindd) in Samba before 3.0.32

Package: samba
Version: 3.0.24-6etch10
Severity: serious
Tags: security etch

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for samba.

CVE-2008-6800[0]:
| Race condition in the winbind daemon (aka winbindd) in Samba before
| 3.0.32 allows attackers to cause a denial of service (crash) via
| unspecified vectors related to an "unresponsive" child process.

If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.

For further information see:

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6800
    http://security-tracker.debian.net/tracker/CVE-2008-6800


Cheers,
Giuseppe.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkoFPDIACgkQNxpp46476apo+wCfT5V/l/VdW36gaUXyHV59WZIf
I30An1DbtApNktLwaj3gaa2MsXxtAXnv
=8f0N
-----END PGP SIGNATURE-----

Secure testing team - May 2009 - Bug#527894: CVE-2008-6800: Race condition in the winbind daemon (aka winbindd) in Samba before 3.0.32

[Secure-testing-team] Bug#527894: CVE-2008-6800: Race condition in the winbind daemon (aka winbindd) in Samba before 3.0.32