similar to: [SECURITY] CVE-2007-5398 - Remote Code Execution in Samba's nmbd

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == == Subject: Remote code execution in Samba's WINS == server daemon (nmbd) when processing name == registration followed name query requests. == == CVE ID#: CVE-2007-5398 == == Versions: Samba 3.0.0 - 3.0.26a (inclusive) == == Summary: When nmbd

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == == Subject: Boundary failure in GETDC mailslot == processing can result in a buffer overrun == == CVE ID#: CVE-2007-6015 == == Versions: Samba 3.0.0 - 3.0.27a (inclusive) == == Summary: Specifically crafted GETDC mailslot requests == can trigger a

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == == Subject: Boundary failure in GETDC mailslot == processing can result in a buffer overrun == == CVE ID#: CVE-2007-6015 == == Versions: Samba 3.0.0 - 3.0.27a (inclusive) == == Summary: Specifically crafted GETDC mailslot requests == can trigger a

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == == Subject: Boundary failure when parsing SMB responses == can result in a buffer overrun == == CVE ID#: CVE-2008-1105 == == Versions: Samba 3.0.0 - 3.0.29 (inclusive) == == Summary: Specifically crafted SMB responses can result == in a heap overflow

For those who haven't yet received this warning yet. Anybody from the core can tell about the background and possible fixes? <p>Regards, Stefan ------- Forwarded message follows ------- Date sent: Wed, 12 May 2004 13:50:17 +0200 To: secunia_security_advisories@stefan-neufeind.de Subject: [SA11578] Icecast Basic Authorization Denial of Service Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == == Subject: Boundary failure when parsing SMB responses == can result in a buffer overrun == == CVE ID#: CVE-2008-1105 == == Versions: Samba 3.0.0 - 3.0.29 (inclusive) == == Summary: Specifically crafted SMB responses can result == in a heap overflow

hi , anybody knows more about this ? http://secunia.com/advisories/36698/ http://secunia.com/advisories/36629/ http://secunia.com/advisories/36713/ -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria

Version 4.x users , ERIFY ADVISORY: http://secunia.com/advisories/15261/ ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-05:07/ldt4.patch ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-05:07/ldt4.patch.asc VERIFY ADVISORY: http://secunia.com/advisories/15260/ ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-05:06/iir.patch

I just confirmed the following bug on my firefox. http://secunia.com/advisories/14820/ Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.5) Gecko/20050219 Firefox/1.0 (I think my firefox is a month or two behind, from ports, but the advisary indicates both 1.0.1 and 1.0.2 are effected.) FreeBSD localhost 5.3-RELEASE FreeBSD 5.3-RELEASE #0: Fri Nov 5 04:19:18 UTC 2004

Please, note: http://secunia.com/advisories/23115/ A port maintainer CC'ed. -- Dixi. Sem.

http://secunia.com/advisories/54438/ Since I already got 3 private mails about this, here's the same reply for everyone (actually updated, now that I looked at the code): This was a v2.2-only bug. And it isn't really a DoS.. It only caused the one pop3 process to crash in assert, which was handling only the connection that had already disconnected. (Unless you were running a

As a Cygwin rsync package maintainer, the following security fixes have been brought to my attention: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-misc/rsync/files/rsync-2.6.9-stats-fix.patch http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-misc/rsync/files/rsync-2.6.9-fname-obo.patch And while they seem "trusted" enough to me (present in many packages such as Gentoo, FreeBSD

Hi, We're running samba 3.0.25a as a PDC on FreeBSD 6.1 in our office and few weeks ago, our samba PDC (and soon all the service hosted on this server) stop responding suddenly :-/ Everything went back to normal as soon as we disconnected from the network, all the hosts that were in the same room as the 10.0.0.20 host (after asking the domain user connected at that moment to this host, do

Hello, I have installed samba 2.2.2 from the ports collection in FreeBSD. It dumps core whenever someone tries to use the nmbd server. I can connect OK if I do smbclient //10.25.165.3 -U user but not by doing smbclient //server -U user Here's the relevant part of the samba logfile: [2001/12/21 14:23:20, 2] lib/interface.c:add_interface(85) added interface ip=127.0.0.1

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-05:05.cvs Security Advisory The FreeBSD Project Topic: Multiple vulnerabilities in CVS Category: contrib Module: cvs Announced:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-05:05.cvs Security Advisory The FreeBSD Project Topic: Multiple vulnerabilities in CVS Category: contrib Module: cvs Announced:

I think, there is a neat exploit in the phpbb2.0.8 because I found my home page defaced one dark morning. The patch for phpBB is here. http://www.phpbb.com/downloads.php The excerpt of the log is attached. I believe the link to the described exploit is here. http://secunia.com/advisories/13239 The defacement braggen page is here filter to show the exploited FreeBSD machines that aneurysm.inc

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == == Subject: Stack buffer overflow in nmbd's logon == request processing. == == CVE ID#: CVE-2007-4572 == == Versions: Samba 3.0.0 - 3.0.26a (inclusive) == == Summary: Processing of specially crafted GETDC == mailslot requests can result in a

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == == Subject: Stack buffer overflow in nmbd's logon == request processing. == == CVE ID#: CVE-2007-4572 == == Versions: Samba 3.0.0 - 3.0.26a (inclusive) == == Summary: Processing of specially crafted GETDC == mailslot requests can result in a

Keir, I noticed that a Shadow patch went into the 3.1.1 staging tree today. Does this mean that we should expect a 4th release candidate before the 3.1.1 release tag is official? If so - how much testing time are you going to give that release candidate before deciding whether a release tag, or another RC round is appropriate? Ben Guthro _______________________________________________