similar to: [SECURITY] Samba 3.0.1 - 3.0.22: memory exhaustion DoS against smbd

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == == Subject: Possible remote code execution == CVE ID#: CAN-2004-1154 == == Versions: Samba 2.x & 3.0.x <= 3.0.9 == == Summary: A potential integer overflow when == unmarshalling specific MS-RPC requests == from clients could lead to heap == corruption and remote code execution.

Hey all, I have a many-to-many relationship (Questions has_and_belongs_to_many Answers), and when I destroy the Question (the one) I also destroy all the Answers (the many). Since the following doesn''t seem to work for has_and_belongs_to_many: class Question < AR::Base... has_and_belongs_to_many :answers, :dependent => :destroy end I have this embedded in a transaction block

Martin: I suspect this is an issue with post-DAG legalization store merging in the DAGCombiner. If you have a custom lowered type the DAGCombiner may end up merging a set of stores and immediately splitting them up in legalization. You should be able to disable this pass universally by overriding mergeStoresAfterLegalization() or conditionally for cases that shouldn't match with

Hi LLVM-Devs, I am in the process of updating our out-of-tree implementation from v5.0 to v6.0 RC3, and while it builds and mostly runs, I am having trouble with a small number of tests where the 'WorklistMap' in 'DAGCombiner::Run' never becomes empty. This is resulting in a runaway state of continuous heap allocation until the process exhausts all system memory. But I can't

************* eManager Notification ************** Recipient, Content filter has detected a sensitive e-mail. Destination mailbox(es): "samba@samba.org" ******************* End of message ******************* -------------- next part -------------- Received: from 208.8.92.167 by jupiter.INSIDEAI.COM (InterScan E-Mail VirusWall NT); Sun, 19 Oct 2003 14:55:27 -0400 Received: from

regarding the segfault that shows up when calling pam_open_session in sshd under solaris-- In the dec 1 Solaris 7 patch report update, there is one mention of pam: Patch-ID# 107285-01 Synopsis: SunOS 5.7: passwd & pam_unix.so.1 patch BugId's fixed with this patch: 4172457 Changes incorporated in this version: Date: Aug/17/99 but it doesn't seem to be freely available -- when looking

We discovered what is happening. SDAGCombiner essentially looks at various combinations of nodes to do with vectors, and when it can, it creates a vector shuffle. The problem is, that our vector shuffle lowering builds new trees with vector element, or vector sub-vector insert sequences. The generic DAGCombiner, reconstructs these into a new shuffle, and so the loop continues - we reduce it,

I am starting with a matrix in which rows are vegetation plots and columns are various characteristics including ID# and elevation. I removed elevation and ID columns to avoid having those characteristics influence the distances between points which I calculated using the "dist" command. The resulting distance file was then used in isoMDS. What I want to know is whether I can

I would like to get a curve of normal distrubtion over the histogram. Something like the following (which obviously doesn't work; see attached example). maluj <- function() { vrhy=read.csv("pennies.csv",head=TRUE) hf=table(vrhy$HEADS) postscript("heads.eps",onefile=FALSE,width=4.134,height=3.445,pointsize=12) plot(hf,main="Frequency distribution of

Martin: It sounds like you are doing is more akin to shuffle selection than fusion and therefore it's a better fit for instruction selection than DAGCombining. Try movign it to <Target>ISelDAGToDAG's Select (or potentially PreprocessISelDAG). Th -Nirav On Tue, Mar 6, 2018 at 4:05 PM Martin J. O'Riordan <MartinO at theheart.ie> wrote: > We discovered what is

Samba 3.2.5 on Debian Lenny From: http://www.samba.org/samba/docs/server_security.html "Samba is able to limit the number of concurrent connections when smbd is launched as a daemon (not from inetd). The 'max smbd processes' smb.conf option allows Administrators to define the maximum number of smbd processes running at any given point in time. Any further attempts from clients to

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == == Subject: Boundary failure when parsing SMB responses == can result in a buffer overrun == == CVE ID#: CVE-2008-1105 == == Versions: Samba 3.0.0 - 3.0.29 (inclusive) == == Summary: Specifically crafted SMB responses can result == in a heap overflow

Asterisk Project Security Advisory - AST-2016-007 Product Asterisk Summary RTP Resource Exhaustion Nature of Advisory Denial of Service Susceptibility Remote Authenticated Sessions Severity Moderate

Hey Guys, The ForceFeedback from my Microsoft Sidewinder ForceFeedback Wheel doesn't work with Wine. I compiled wine myself and "ac_cv_member_struct_ff_effect_direction=yes" was set in the config.log like it is told here: http://wiki.winehq.org/ForceFeedback I also checked that FF is working with BZFlag under Linux. When i play BZFlag with Wine, the FF-Effects are missing. I

Asterisk Project Security Advisory - AST-2017-004 Product Asterisk Summary Memory exhaustion on short SCCP packets Nature of Advisory Denial of Service Susceptibility Remote Unauthenticated Sessions Severity

Open-Xchange Security Advisory 2020-08-12 Affected product: Dovecot IMAP server Internal reference: DOP-1849 (Bug ID) Vulnerability type: Uncontrolled recursion (CWE-674) Vulnerable version: 2.0 Vulnerable component: submission, lmtp, lda Fixed version: 2.3.11.3 Report confidence: Confirmed Solution status: Fix available Vendor notification: 2020-04-23 CVE reference: CVE-2020-12100 CVSS: 7.5

Open-Xchange Security Advisory 2020-08-12 Affected product: Dovecot IMAP server Internal reference: DOP-1849 (Bug ID) Vulnerability type: Uncontrolled recursion (CWE-674) Vulnerable version: 2.0 Vulnerable component: submission, lmtp, lda Fixed version: 2.3.11.3 Report confidence: Confirmed Solution status: Fix available Vendor notification: 2020-04-23 CVE reference: CVE-2020-12100 CVSS: 7.5

Asterisk Project Security Advisory - AST-2014-007 Product Asterisk Summary Exhaustion of Allowed Concurrent HTTP Connections Nature of Advisory Denial Of Service Susceptibility Remote Unauthenticated Sessions Severity

Asterisk Project Security Advisory - AST-2014-007 Product Asterisk Summary Exhaustion of Allowed Concurrent HTTP Connections Nature of Advisory Denial Of Service Susceptibility Remote Unauthenticated Sessions Severity

Asterisk Project Security Advisory - AST-2016-002 Product Asterisk Summary File descriptor exhaustion in chan_sip Nature of Advisory Denial of Service Susceptibility Remote Unauthenticated Sessions Severity Minor