Opened 10 years ago
Closed 10 years ago
#5321 closed enhancement (fixed)
samba-4.1.11
Reported by: | Fernando de Oliveira | Owned by: | Fernando de Oliveira |
---|---|---|---|
Priority: | normal | Milestone: | 7.6 |
Component: | BOOK | Version: | SVN |
Severity: | normal | Keywords: | |
Cc: |
Description
http://ftp.samba.org/pub/samba/stable/samba-4.1.11.tar.gz
http://www.samba.org/samba/history/samba-4.1.11.html
This is a security release in order to address CVE-2014-3560 (Remote code execution in nmbd). o CVE-2014-3560: Samba 4.0.0 to 4.1.10 are affected by a remote code execution attack on unauthenticated nmbd NetBIOS name services. A malicious browser can send packets that may overwrite the heap of the target nmbd NetBIOS name services daemon. It may be possible to use this to generate a remote code execution vulnerability as the superuser (root). Changes since 4.1.10: --------------------- o Volker Lendecke <vl@samba.org> * BUG 10735: CVE-2014-3560: Fix unstrcpy macro length.
Change History (2)
comment:1 by , 10 years ago
Owner: | changed from | to
---|---|
Status: | new → assigned |
comment:2 by , 10 years ago
Resolution: | → fixed |
---|---|
Status: | assigned → closed |
Note:
See TracTickets
for help on using tickets.
Fixed at r13811.