similar to: [SECURITY] CAN-2004-0882: Possible Buffer Overrun in smbd

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == == Subject: Possible remote code execution == CVE ID#: CAN-2004-1154 == == Versions: Samba 2.x & 3.0.x <= 3.0.9 == == Summary: A potential integer overflow when == unmarshalling specific MS-RPC requests == from clients could lead to heap == corruption and remote code execution.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Subject: Potential Remote Denial of Service CVE #: CAN-2004-0930 Affected Versions: Samba 3.0.x <= 3.0.7 Summary: A remote attacker could cause and smbd process to consume abnormal amounts of system resources due to an input validation error when matching filenames containing wildcard characters. Patch Availability - ------------------ A

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == == Subject: Possible remote code execution == CVE ID#: CAN-2004-1154 == == Versions: Samba 2.x & 3.0.x <= 3.0.9 == == Summary: A potential integer overflow when == unmarshalling specific MS-RPC requests == from clients could lead to heap == corruption and remote code execution.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Subject: Samba 3.0.x Denial of Service Flaw Summary: (i) A DoS bug in smbd may allow an unauthenticated user to cause smbd to spawn new processes each one entering an infinite loop. After sending a sufficient amount of packets it is possible to exhaust the memory resources on the server. (ii) A DoS bug in nmbd may allow an attacker to

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Subject: Samba 3.0.x Denial of Service Flaw Summary: (i) A DoS bug in smbd may allow an unauthenticated user to cause smbd to spawn new processes each one entering an infinite loop. After sending a sufficient amount of packets it is possible to exhaust the memory resources on the server. (ii) A DoS bug in nmbd may allow an attacker to

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ERRATA - ------ The original announcement for the Samba vulnerability identified by CAN-2004-0815 reported that Samba versions 3.0.0 - 3.0.5 inclusive were subject the remote file access bug. Later research has confirmed that *only* Samba 3.0.x <= 3.0.2a contains the exploitable code. The Samba Team expresses sincere apologies for any confusion

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ERRATA - ------ The original announcement for the Samba vulnerability identified by CAN-2004-0815 reported that Samba versions 3.0.0 - 3.0.5 inclusive were subject the remote file access bug. Later research has confirmed that *only* Samba 3.0.x <= 3.0.2a contains the exploitable code. The Samba Team expresses sincere apologies for any confusion

I have a pair of sites tied together with a T1 line running zaptel PPP on either end. The system works, but I keep getting these messages in the kernel logs, and users are reporting connection problems (TCP timeouts, and hangs) especially under high usage. --snip-- HDLC Receiver overrun on channel WCT1/0/1 (master=WCT1/0/1) HDLC Receiver overrun on channel WCT1/0/1 (master=WCT1/0/1) HDLC

Hello everyone, we try to use a server running linux in an NT-domain and get the error message given in the subject-line. More details from the logfile and smb.conf are given below. Can anyone give us a hint what the problem is? (Of course...) The problem is very urgent for us. Thanks a lot in advance. Helmut Rickel ================= smb.conf ======================== [global]

I have a system that I just installed with CentOS 4.0. It is an HP NetServer E 60 with dual CPUs and 1G RAM. There is an Adaptec AIC-7895 built into the motherboard. On bootup, I get this: (scsi0:A:1): 11.626MB/s transfers (5.813MHz, offset 8, 16bit) (scsi0:A:1:0): data overrun detected in Data-in phase. Tag == 0x2. (scsi0:A:1:0): Have seen Data Phase. Length = 255. NumSGs = 1. sg[0] - Addr

--------------------------------------------------------------------- Red Hat, Inc. Red Hat Security Advisory Synopsis: Updated sudo packages fixing buffer overrun available Advisory ID: RHSA-2001:018-02 Issue date: 2001-02-23 Updated on: 2001-03-02 Product: Red Hat Linux Keywords: sudo buffer overrun Cross references:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == == Subject: Buffer overrun in NSS host lookup Winbind == library on Solaris == CVE ID#: CVE-2007-0453 == == Versions: Samba 3.0.21 - 3.0.23d (inclusive) running on == Sun Solaris == == Summary: A potential overrun in the gethostbyname() == and getipnodebyname() in the

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == == Subject: Buffer overrun in NSS host lookup Winbind == library on Solaris == CVE ID#: CVE-2007-0453 == == Versions: Samba 3.0.21 - 3.0.23d (inclusive) running on == Sun Solaris == == Summary: A potential overrun in the gethostbyname() == and getipnodebyname() in the

Hi all I am getting this error, when running the command below from my workstation: `--> sudo net rpc info -S SMBPDC [2005/08/17 14:33:16, 0] rpc_parse/parse_prs.c:prs_mem_get(537) prs_mem_get: reading data of size 14287078 would overrun buffer. However, if I run the same command from the PDC itself, then it's ok: . ldapsmb-pdc:~# net rpc info Domain Name: ILR Domain SID:

Hello, The attached patch is to add an assert to getValueTypeList() to verify that for simple value types their value is NOT between MAX_ALLOWED_VALUETYPE and LastSimpleValueType (inclusive) as this causes a buffer overrun. Thanks, Javier -----Original Message----- From: Duncan Sands [mailto:baldrick at free.fr] Sent: Tuesday, April 27, 2010 5:07 AM To: Martinez, Javier E Cc: LLVM Developers

Asterisk Project Security Advisory - AST-2017-002 Product Asterisk Summary Buffer Overrun in PJSIP transaction layer Nature of Advisory Buffer Overrun/Crash Susceptibility Remote Unauthenticated Sessions Severity Critical

--------------------------------------------------------------------- Red Hat, Inc. Red Hat Security Advisory Synopsis: Updated sudo packages fixing buffer overrun available Advisory ID: RHSA-2001:019-02 Issue date: 2001-02-23 Updated on: 2001-03-21 Product: Red Hat Powertools Keywords: sudo buffer overrun Cross references:

On Sun, Aug 17, 2003 at 03:44:21AM -0500, Gnophone Support wrote: > Hello, and thank you for registering at gnophone.com. Your login > information is listed below: > > Username: miernik > Password: ******* > IAX Phone Number: 17002916107 > > Please login as soon as possible to > http://x.linux-support.net/directory/ to complete the

When a forwarding specification ending in a slash ('\\') is used, the function "parse_fwd_field" jumps over the '\0' char marking the end of the string and keeps processing. This patch checks for that condition. -------------- next part -------------- A non-text attachment was scrubbed... Name: 0001-Fix-buffer-overrun.patch Type: application/text Size: 850 bytes Desc:

Has anybody had this problem? I came in this morning and found my streamer down and this message flashing by on the console. "Sound: Recording Overrun" I'm running Icecast 1.3.11 and the source is Liveice on Redhat 7.1 if that makes a difference. <p>Just curious, Matt <p>--- >8 ---- List archives: http://www.xiph.org/archives/ icecast project homepage: