Displaying 20 results from an estimated 800 matches similar to: "Samba 3.0 DoS Vulberabilities (CAN-2004-0807 & CAN-2004-0808)"
2004 Sep 13
0
Samba 3.0 DoS Vulberabilities (CAN-2004-0807 & CAN-2004-0808)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Subject: Samba 3.0.x Denial of Service Flaw
Summary: (i) A DoS bug in smbd may allow an
unauthenticated user to cause smbd to
spawn new processes each one entering
an infinite loop. After sending a sufficient
amount of packets it is possible to exhaust
the memory resources on the server.
(ii) A DoS bug in nmbd may allow an attacker
to
2004 Dec 16
1
CAN-2004-1154 : Integer overflow could lead to remote code execution in Samba 2.x, 3.0.x <= 3.0.9
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
==========================================================
==
== Subject: Possible remote code execution
== CVE ID#: CAN-2004-1154
==
== Versions: Samba 2.x & 3.0.x <= 3.0.9
==
== Summary: A potential integer overflow when
== unmarshalling specific MS-RPC requests
== from clients could lead to heap
== corruption and remote code execution.
2004 Oct 05
0
ERRATA: Potential Arbitrary File Access (CAN-2004-0815)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
ERRATA
- ------
The original announcement for the Samba vulnerability identified
by CAN-2004-0815 reported that Samba versions 3.0.0 - 3.0.5
inclusive were subject the remote file access bug. Later research
has confirmed that *only* Samba 3.0.x <= 3.0.2a contains the
exploitable code.
The Samba Team expresses sincere apologies for any confusion
2004 Nov 08
0
[SECURITY] CAN-2004-0930: Potential Remote Denial of Service Vulnerability in Samba 3.0.x <= 3.0.7
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Subject: Potential Remote Denial of Service
CVE #: CAN-2004-0930
Affected
Versions: Samba 3.0.x <= 3.0.7
Summary: A remote attacker could cause and smbd process
to consume abnormal amounts of system resources
due to an input validation error when matching
filenames containing wildcard characters.
Patch Availability
- ------------------
A
2004 Dec 16
0
CAN-2004-1154 : Integer overflow could lead to remote code execution in Samba 2.x, 3.0.x <= 3.0.9
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
==========================================================
==
== Subject: Possible remote code execution
== CVE ID#: CAN-2004-1154
==
== Versions: Samba 2.x & 3.0.x <= 3.0.9
==
== Summary: A potential integer overflow when
== unmarshalling specific MS-RPC requests
== from clients could lead to heap
== corruption and remote code execution.
2004 Oct 05
0
ERRATA: Potential Arbitrary File Access (CAN-2004-0815)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
ERRATA
- ------
The original announcement for the Samba vulnerability identified
by CAN-2004-0815 reported that Samba versions 3.0.0 - 3.0.5
inclusive were subject the remote file access bug. Later research
has confirmed that *only* Samba 3.0.x <= 3.0.2a contains the
exploitable code.
The Samba Team expresses sincere apologies for any confusion
2007 May 14
0
[SAMBA-SECURITY] CVE-2007-2447: Remote Command Injection Vulnerability
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
==========================================================
==
== Subject: Remote Command Injection Vulnerability
== CVE ID#: CVE-2007-2447
==
== Versions: Samba 3.0.0 - 3.0.25rc3 (inclusive)
==
== Summary: Unescaped user input parameters are passed
== as arguments to /bin/sh allowing for remote
== command execution
2004 Sep 30
0
Samba Security Announcement -- Potential Arbitrary File Access
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Subject: Potential Arbitrary File Access
Affected
Versions: Samba 2.2.x <= 2.2.11 and Samba 3.0.x <= 3.0.5
Summary: A remote attacker may be able to gain access
to files which exist outside of the share's
defined path. Such files must still be readable
by the account used for the connection.
Patch Availability
- ------------------
2004 Sep 30
0
SECURITY: Samba 2.2.12 Available for Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
######################## SECURITY RELEASE ########################
Summary: Potential Arbitrary File Access
Summary: A remote attacker may be able to gain
to files which exist outside of the share's
defined path. Such files must still be readable
by the account used for the connection.
CVE ID: CAN-2004-0815
2004 Sep 30
0
Samba Security Announcement -- Potential Arbitrary File Access
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Subject: Potential Arbitrary File Access
Affected
Versions: Samba 2.2.x <= 2.2.11 and Samba 3.0.x <= 3.0.5
Summary: A remote attacker may be able to gain access
to files which exist outside of the share's
defined path. Such files must still be readable
by the account used for the connection.
Patch Availability
- ------------------
2004 Sep 30
0
SECURITY: Samba 2.2.12 Available for Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
######################## SECURITY RELEASE ########################
Summary: Potential Arbitrary File Access
Summary: A remote attacker may be able to gain
to files which exist outside of the share's
defined path. Such files must still be readable
by the account used for the connection.
CVE ID: CAN-2004-0815
2004 Feb 18
2
is this mbuf problem real?
BM_207650
MEDIUM
Vulnerability
Version: 1 2/18/2004@03:47:29 GMT
Initial report
<https://ialert.idefense.com/KODetails.jhtml?irId=207650>
ID#207650:
FreeBSD Memory Buffer Exhaustion Denial of Service Vulnerability
(iDEFENSE Exclusive): Remote exploitation of a denial of service (DoS)
vulnerability in FreeBSD's memory buffers (mbufs) could allow attackers
to launch a DoS attack.
2003 Apr 08
0
[labs@idefense.com: iDEFENSE Security Advisory 04.08.03: Denial of Service in Apache HTTP Server 2.x]
FYI
-------------- next part --------------
An embedded message was scrubbed...
From: "iDEFENSE Labs" <labs@idefense.com>
Subject: iDEFENSE Security Advisory 04.08.03: Denial of Service in Apache HTTP
Server 2.x
Date: Tue, 8 Apr 2003 12:44:39 -0400
Size: 4554
Url: http://lists.freebsd.org/pipermail/freebsd-security/attachments/20030408/43598086/attachment.eml
2007 Apr 17
0
VuXML entry for CVE-2007-1870: ClamAV CAB File Unstore Buffer Overflow
Good day.
Spotted the CVE-2007-1870: the clamav 0.90.2 is already in the ports,
but no sign of the issue in the VuXML. The entry is attached. One
thing that is a bit strange is that the ChangeLog for the ClamAV
(http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog) says about
CVE-2007-1997 as the libclamav/cab.c log entry, but I think they are
messed the numbers -- there is no such CVE, at
2004 Nov 15
0
[SECURITY] CAN-2004-0882: Possible Buffer Overrun in smbd
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Subject: Possible Buffer Overrun in smbd
CVE #: CAN-2004-0882
Affected
Versions: Samba 3.0.x <= 3.0.7
Summary: A possible buffer overrun in smbd could
lead to code execution by a remote user
Patch Availability
- ------------------
A patch for Samba 3.0.7 (samba-3.0.7-CAN-2004-0882.patch) is
available from
2005 Mar 28
0
FreeBSD Security Advisory FreeBSD-SA-05:01.telnet
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SA-05:01.telnet Security Advisory
The FreeBSD Project
Topic: telnet client buffer overflows
Category: contrib
Module: contrib/telnet
Announced:
2004 Sep 20
0
FreeBSD Security Advisory FreeBSD-SA-04:14.cvs
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SA-04:14.cvs.asc Security Advisory
The FreeBSD Project
Topic: CVS
Category: contrib
Module: cvs
Announced: 2004-09-19
Credits: Stefan
2004 Sep 20
0
FreeBSD Security Advisory FreeBSD-SA-04:14.cvs
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SA-04:14.cvs.asc Security Advisory
The FreeBSD Project
Topic: CVS
Category: contrib
Module: cvs
Announced: 2004-09-19
Credits: Stefan
2012 Mar 20
4
Batch mode creates huge diffs, bug(s)?
So the short summary of my problem is, the batch file rsync creates is HUGE
for a very small change. The idea is to create workstation image with
partimage, update it with some software and send the image update diff over
the wire to a large number of destinations over a satellite link, but the
batch file updates are several orders of magnitude too large. I don't know
exactly how partimage
2009 Oct 27
2
OS X 10.6 (Snow Leopard) HFS+ File Compression
Are there any patches (or planned updates) to rsync v3.0.6 to handle
the HFS+ File Compression that Apple introduced with Snow Leopard?