SuSE Update For Samba SUSE-SA:2007:068 Network Vulnerability

Impact

remote code execution

Solution

Please Install the Updated Packages.

Insight

The Samba suite is an open-source implementatin of the SMB protocol. This update of samba fixes a buffer overflow in function send_mailslot() that allows remote attackers to overwrite the stack with 0 (via memset(3)) by sending specially crafted SAMLOGON packets. This bug can only be triggered if option &quot domain logon&quot is enabled.

Affected

samba on SUSE LINUX 10.1, openSUSE 10.2, openSUSE 10.3, SuSE Linux Enterprise Server 8, SUSE SLES 9, Novell Linux Desktop 9, Open Enterprise Server, Novell Linux POS 9, SUSE Linux Enterprise Desktop 10 SP1, SLE SDK 10 SP1, SUSE Linux Enterprise Server 10 SP1

References

http://www.novell.com/linux/security/advisories/2007_68_samba.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2007-6015
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

SLES10: Recommended update for Linux Kernel (x86)
SLES10: Security update for IBM Java 1.4.2
SLES10: Security update for mutt
SLES10: Security update for hplip17 and hplip17-hpijs
SLES10: Security update for Linux Kernel (x86)

SuSE Update for samba SUSE-SA:2007:068

Take action and discover your vulnerabilities