SuSE Update For Samba SUSE-SA:2007:068 Network Vulnerability

Impact

remote code execution

Solution

Please Install the Updated Packages.

Insight

The Samba suite is an open-source implementatin of the SMB protocol. This update of samba fixes a buffer overflow in function send_mailslot() that allows remote attackers to overwrite the stack with 0 (via memset(3)) by sending specially crafted SAMLOGON packets. This bug can only be triggered if option &quot domain logon&quot is enabled.

Affected

samba on SUSE LINUX 10.1, openSUSE 10.2, openSUSE 10.3, SuSE Linux Enterprise Server 8, SUSE SLES 9, Novell Linux Desktop 9, Open Enterprise Server, Novell Linux POS 9, SUSE Linux Enterprise Desktop 10 SP1, SLE SDK 10 SP1, SUSE Linux Enterprise Server 10 SP1

References

http://www.novell.com/linux/security/advisories/2007_68_samba.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2007-6015

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

SLES10: Security update for clamav
SLES10: Security update for MozillaFirefox
SLES10: Security update for cyrus-sasl
SLES10: Security update for epiphany
SLES10: Security update for GnuTLS

SuSE Update for samba SUSE-SA:2007:068

Take action and discover your vulnerabilities