enterprise-support team mailing list archive

Thread
Date

[Bug 980758] Re: new buffer overflow attack on samba 3.6.3 -> enables unauthenticated remote root access

To: enterprise-support@xxxxxxxxxxxxxxxxxxx
From: Sean DS <980758@xxxxxxxxxxxxxxxxxx>
Date: Fri, 13 Apr 2012 12:16:58 -0000
Reply-to: Bug 980758 <980758@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Here is the patch. Samba 3.6.4 does not have this vulnerability.

** Patch added: "Patch for the unauthenticated root exploit bug - taken directly from samba website"
   https://bugs.launchpad.net/ubuntu/+source/samba/+bug/980758/+attachment/3058739/+files/samba-3.6.3-CVE-2012-1182.patch

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-1182

** Changed in: samba (Ubuntu)
       Status: New => Invalid

** This bug is no longer flagged as a security vulnerability

-- 
You received this bug notification because you are a member of Ubuntu
Server/Client Support Team, which is subscribed to samba in Ubuntu.
Matching subscriptions: Ubuntu Server/Client Support Team
https://bugs.launchpad.net/bugs/980758

Title:
  new buffer overflow attack on samba 3.6.3 -> enables unauthenticated
  remote root access

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/980758/+subscriptions