Opened 8 years ago

Closed 8 years ago

#5321 closed enhancement (fixed)


Reported by: Fernando de Oliveira Owned by: Fernando de Oliveira
Priority: normal Milestone: 7.6
Component: BOOK Version: SVN
Severity: normal Keywords:


This is a security release in order to address
CVE-2014-3560 (Remote code execution in nmbd).

o  CVE-2014-3560:
   Samba 4.0.0 to 4.1.10 are affected by a remote code execution attack on
   unauthenticated nmbd NetBIOS name services.

   A malicious browser can send packets that may overwrite the heap of
   the target nmbd NetBIOS name services daemon. It may be possible to
   use this to generate a remote code execution vulnerability as the
   superuser (root).

Changes since 4.1.10:

o   Volker Lendecke <>
    * BUG 10735: CVE-2014-3560: Fix unstrcpy macro length.

Change History (2)

comment:1 by Fernando de Oliveira, 8 years ago

Owner: changed from blfs-book@… to Fernando de Oliveira
Status: newassigned

comment:2 by Fernando de Oliveira, 8 years ago

Resolution: fixed
Status: assignedclosed

Fixed at r13811.

Note: See TracTickets for help on using tickets.