Opened 10 years ago
Closed 10 years ago
#5321 closed enhancement (fixed)
samba-4.1.11
| Reported by: | Fernando de Oliveira | Owned by: | Fernando de Oliveira |
|---|---|---|---|
| Priority: | normal | Milestone: | 7.6 |
| Component: | BOOK | Version: | SVN |
| Severity: | normal | Keywords: | |
| Cc: |
Description
http://ftp.samba.org/pub/samba/stable/samba-4.1.11.tar.gz
http://www.samba.org/samba/history/samba-4.1.11.html
This is a security release in order to address
CVE-2014-3560 (Remote code execution in nmbd).
o CVE-2014-3560:
Samba 4.0.0 to 4.1.10 are affected by a remote code execution attack on
unauthenticated nmbd NetBIOS name services.
A malicious browser can send packets that may overwrite the heap of
the target nmbd NetBIOS name services daemon. It may be possible to
use this to generate a remote code execution vulnerability as the
superuser (root).
Changes since 4.1.10:
---------------------
o Volker Lendecke <vl@samba.org>
* BUG 10735: CVE-2014-3560: Fix unstrcpy macro length.
Change History (2)
comment:1 by , 10 years ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
comment:2 by , 10 years ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
Note:
See TracTickets
for help on using tickets.
Fixed at r13811.