Debian Security Advisory DSA 2175-1 (samba) Network Vulnerability

Summary

The remote host is missing an update to samba announced via advisory DSA 2175-1.

Solution

For the oldstable distribution (lenny), this problem has been fixed in version 3.2.5-4lenny14. For the stable distribution (squeeze), this problem has been fixed in version 3.5.6~dfsg-3squeeze2. For the unstable distribution (sid), this problem will be fixed soon. We recommend that you upgrade your samba packages. https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202175-1

Insight

Volker Lendecke discovered that missing range checks in Samba's file descriptor handling could lead to memory corruption, resulting in denial of service.

Severity

Classification

CVE CVE-2011-0719

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Debian Security Advisory DSA 1105-1 (xine-lib)
Debian Security Advisory DSA 1056-1 (webcalendar)
Debian Security Advisory DSA 062-1 (rxvt)
Debian Security Advisory DSA 1152-1 (trac)
Debian Security Advisory DSA 1055-1 (mozilla-firefox)

Take action and discover your vulnerabilities