Slackware Advisory SSA:2004-257-01 Samba DoS Network Vulnerability

Summary

The remote host is missing an update as announced via advisory SSA:2004-257-01.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2004-257-01

Insight

New samba packages are available for Slackware 10.0 and -current. These fix two denial of service vulnerabilities reported by iDEFENSE. Slackware -current has been upgraded to samba-3.0.7, while the samba-3.0.5 included with Slackware 10.0 has been patched to fix these issues. Sites running Samba 3.x should upgrade to the new package. Versions of Samba before 3.0.x are not affected by these flaws. More details about these issues may be found in the Common Vulnerabilities and Exposures (CVE) database: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0807 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0808

Severity

Classification

CVE CVE-2004-0807, CVE-2004-0808
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Slackware Advisory SSA:2006-120-01 thunderbird
Slackware Advisory SSA:2005-310-04 apache
Slackware Advisory SSA:2003-251-01 inetd DoS patched
Slackware Advisory SSA:2007-066-05 seamonkey
Slackware Advisory SSA:2003-141-01 EPIC4 security fixes

Slackware Advisory SSA:2004-257-01 samba DoS

Take action and discover your vulnerabilities