Displaying 20 results from an estimated 800 matches similar to: "CAN-2004-1154 : Integer overflow could lead to remote code execution in Samba 2.x, 3.0.x <= 3.0.9"
2004 Dec 16
0
CAN-2004-1154 : Integer overflow could lead to remote code execution in Samba 2.x, 3.0.x <= 3.0.9
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
==========================================================
==
== Subject: Possible remote code execution
== CVE ID#: CAN-2004-1154
==
== Versions: Samba 2.x & 3.0.x <= 3.0.9
==
== Summary: A potential integer overflow when
== unmarshalling specific MS-RPC requests
== from clients could lead to heap
== corruption and remote code execution.
2005 Nov 21
2
Samba HA on two nodes
Hi All,
Is anybody succeed to run a configuration on a two node clusters with Samba installed on each machine?
I compiled two versions on different directories (/usr/local/samba1 and samba2).
At this point, I can run 2 samba's on one node in case of failure but problems are on Active Directory
authentication for the Fallback node.
Any suggestion!
I'm running AIX 5.2 with HACMP and
2005 Mar 07
1
Copying printer drivers across many servers
List,
I am deploying a number of Samba servers across a WAN. To date I have
manually uploaded printer drivers from an XP client to the Samba
server. But it's slow, and I systematically upload the same drivers
over and over again.
I'm not quite sure of the recipe, but I'm sure there must be a way of
replicating all the drivers, from a central point, out to the remote
servers. Copying
2004 Feb 18
2
is this mbuf problem real?
BM_207650
MEDIUM
Vulnerability
Version: 1 2/18/2004@03:47:29 GMT
Initial report
<https://ialert.idefense.com/KODetails.jhtml?irId=207650>
ID#207650:
FreeBSD Memory Buffer Exhaustion Denial of Service Vulnerability
(iDEFENSE Exclusive): Remote exploitation of a denial of service (DoS)
vulnerability in FreeBSD's memory buffers (mbufs) could allow attackers
to launch a DoS attack.
2004 Dec 23
3
time for a poll -- does anyone use the testprns tool ?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Mostly for print server admins:
I am considering marking testprns as deprecated (or just
remove it). It doesn't seem to be that useful anymore. Does
anyone use it on a regular basis and would therefore be distraught
if it were gone in a future 3.0.x release ?
cheers, jerry
-
2005 Jan 05
2
Samba and Cups interaction
While trying to solve my printer problem, I have come up with another question
that Google is not helping me with. What happens to a print job after Samba
submits it to Cups? Is it 'finished' even though Cups is still printing it?
Is that why my users aren't seeing their print jobs, because Cups has already
snatched them and Samba assumes they are done? I would much rather if
2005 Jan 13
2
WinXP print problem
Hello,
I am using samba to acces a printer on my Linux server from Windows XP
Home SP2 clients.
It was working very well until yesterday evening. Since yesterday, I can
print from the server (with cups) but I can't print from the Windows
clients.
And all the shared folders are still OK. There is only printing from
Windows clients which doesn't work.
We changed nothing on the server
2004 Dec 14
4
Samba 3.0.9 doesn't remove printjobs ?
Hello!
I'm using samba with CUPS printing (with raw passthru)
for a long time now and it worked very well.
But after upgrading my samba installation from 3.0.2 to 3.0.9,
the printjobs (sent from XP Workstations) aren't
removed from the joblist anymore.
Means: the job is printed correctly, but opening the
printqueue on the XP machine still contains the job
(not only mine, but jobs from
2005 Jan 25
3
Best practices for long-running Samba server
Hi all,
I have been having the weirdest network browsing problems on my network the
past week. Come to find out the wins.dat file got corrupted. Removing that
file fixed everything. Because our systems typically have uptimes measured
in months rather than days, and it is difficult for me to restart Samba
except as a scheduled task (which I'm afraid to do because there are users
who
2005 Apr 28
5
Mirrored samba servers.
I have a customer that is using 250 gig drives for his business data. I
have been using rsync to keep mirror copies of his data on a second
machine. In the last 3 months I have lost 2 of four drives, the last
one being the system drive. I have been doing a manual switchover. Each
time rsync runs, I copy my samba conf files, passwd, shadow and group
files from etc. Has anyone setup a HA
2004 Sep 13
0
Samba 3.0 DoS Vulberabilities (CAN-2004-0807 & CAN-2004-0808)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Subject: Samba 3.0.x Denial of Service Flaw
Summary: (i) A DoS bug in smbd may allow an
unauthenticated user to cause smbd to
spawn new processes each one entering
an infinite loop. After sending a sufficient
amount of packets it is possible to exhaust
the memory resources on the server.
(ii) A DoS bug in nmbd may allow an attacker
to
2004 Sep 13
0
Samba 3.0 DoS Vulberabilities (CAN-2004-0807 & CAN-2004-0808)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Subject: Samba 3.0.x Denial of Service Flaw
Summary: (i) A DoS bug in smbd may allow an
unauthenticated user to cause smbd to
spawn new processes each one entering
an infinite loop. After sending a sufficient
amount of packets it is possible to exhaust
the memory resources on the server.
(ii) A DoS bug in nmbd may allow an attacker
to
2005 Feb 15
2
pdf printing queue never empties out
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Greetings.
I'm seeing an odd problem with 3.0.10 and 3.0.11 here.
We have some pdf printers defined:
[Accounting pdf printer]
printer admin = "DOMAIN+Domain Users"
browseable = yes
path = /pdfdropbox/Accounting
printable = yes
writeable = no
print command = /usr/bin/preprintpdf %s -r
lpq command =
lprm command =
2004 Mar 02
7
FreeBSD Security Advisory FreeBSD-SA-04:04.tcp
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SA-04:04.tcp Security Advisory
The FreeBSD Project
Topic: many out-of-sequence TCP packets denial-of-service
Category: core
Module: kernel
2004 Oct 05
0
ERRATA: Potential Arbitrary File Access (CAN-2004-0815)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
ERRATA
- ------
The original announcement for the Samba vulnerability identified
by CAN-2004-0815 reported that Samba versions 3.0.0 - 3.0.5
inclusive were subject the remote file access bug. Later research
has confirmed that *only* Samba 3.0.x <= 3.0.2a contains the
exploitable code.
The Samba Team expresses sincere apologies for any confusion
2004 Nov 08
0
[SECURITY] CAN-2004-0930: Potential Remote Denial of Service Vulnerability in Samba 3.0.x <= 3.0.7
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Subject: Potential Remote Denial of Service
CVE #: CAN-2004-0930
Affected
Versions: Samba 3.0.x <= 3.0.7
Summary: A remote attacker could cause and smbd process
to consume abnormal amounts of system resources
due to an input validation error when matching
filenames containing wildcard characters.
Patch Availability
- ------------------
A
2004 Oct 05
0
ERRATA: Potential Arbitrary File Access (CAN-2004-0815)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
ERRATA
- ------
The original announcement for the Samba vulnerability identified
by CAN-2004-0815 reported that Samba versions 3.0.0 - 3.0.5
inclusive were subject the remote file access bug. Later research
has confirmed that *only* Samba 3.0.x <= 3.0.2a contains the
exploitable code.
The Samba Team expresses sincere apologies for any confusion
2005 Jan 26
1
memory issues with samba 3.0.10
I'm still having problems with that memory issue using 3.0.10 with v.2
of the printing patch + the one line patch from Jerome Borsboom. My
production server has completely frozen a couple times in the past
couple weeks, and did so again this morning. This time before
restarting samba I removed the tdb files in /var/lib/samba/printing/*
as Jerry mentioned this might help the queue not
2007 May 14
0
[SAMBA-SECURITY] CVE-2007-2447: Remote Command Injection Vulnerability
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
==========================================================
==
== Subject: Remote Command Injection Vulnerability
== CVE ID#: CVE-2007-2447
==
== Versions: Samba 3.0.0 - 3.0.25rc3 (inclusive)
==
== Summary: Unescaped user input parameters are passed
== as arguments to /bin/sh allowing for remote
== command execution
2004 Sep 30
0
Samba Security Announcement -- Potential Arbitrary File Access
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Subject: Potential Arbitrary File Access
Affected
Versions: Samba 2.2.x <= 2.2.11 and Samba 3.0.x <= 3.0.5
Summary: A remote attacker may be able to gain access
to files which exist outside of the share's
defined path. Such files must still be readable
by the account used for the connection.
Patch Availability
- ------------------