1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
PublicDate: 2007-11-16
Candidate: CVE-2007-4572
References:
http://www.ubuntu.com/usn/usn-617-1
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4572
Description:
Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, when
configured as a Primary or Backup Domain controller, allows remote
attackers to have an unknown impact via crafted GETDC mailslot requests,
related to handling of GETDC logon server requests.
Ubuntu-Description:
Notes:
jdstrand> believed by upstream to be unexploitable
jdstrand> Debian 3.0.24-6etch8 should be regression free (check earlier
versions too)
jdstrand> suse has most complete fix
Bugs:
Priority: low
Assigned-to: jdstrand
Patches_samba:
upstream_samba: 3.0.27a
dapper_samba: released (3.0.22-1ubuntu3.7)
edgy_samba: needed (reached end-of-life)
feisty_samba: released (3.0.24-2ubuntu1.6)
gutsy_samba: released (3.0.26a-1ubuntu2.4)
hardy_samba: not-affected (3.0.28-1ubuntu2)
devel_samba: not-affected (3.0.28-1ubuntu2)
|