Slackware Advisory SSA:2004-257-01 Samba DoS Network Vulnerability

Summary

The remote host is missing an update as announced via advisory SSA:2004-257-01.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2004-257-01

Insight

New samba packages are available for Slackware 10.0 and -current. These fix two denial of service vulnerabilities reported by iDEFENSE. Slackware -current has been upgraded to samba-3.0.7, while the samba-3.0.5 included with Slackware 10.0 has been patched to fix these issues. Sites running Samba 3.x should upgrade to the new package. Versions of Samba before 3.0.x are not affected by these flaws. More details about these issues may be found in the Common Vulnerabilities and Exposures (CVE) database: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0807 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0808

Severity

Classification

CVE CVE-2004-0807, CVE-2004-0808

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Slackware Advisory SSA:2005-195-02 XV
Slackware Advisory SSA:2006-178-03 arts
Slackware Advisory SSA:2006-142-01 tetex PDF security
Slackware Advisory SSA:2007-066-05 seamonkey
Slackware Advisory SSA:2003-141-06a REVISED quotacheck security fix in rc.M

Slackware Advisory SSA:2004-257-01 samba DoS

Take action and discover your vulnerabilities