Ubuntu
samba package

Memory exhaustion DoS against smbd

Bug #52619 reported by André Klitzing on 2006-07-11

254

Affects		Status	Importance	Assigned to	Milestone
	samba (Ubuntu)	Fix Released	High	Martin Pitt

Bug Description

The smbd daemon maintains internal data structures used track
active connections to file and printer shares. In certain
circumstances an attacker may be able to continually increase
the memory usage of an smbd process by issuing a large number
of share connection requests. This defect affects all Samba
configurations.

Info:
http://us1.samba.org/samba/security/CAN-2006-3403.html

CVE References

2006-3403

Revision history for this message

André Klitzing (misery) wrote on 2006-07-11: samba-3.0-CAN-2006-3403.patch

#1

samba-3.0-CAN-2006-3403.patch Edit (469 bytes, text/plain)

Patch from Samba-Team

http://us4.samba.org/samba/ftp/patches/security/samba-3.0-CAN-2006-3403.patch

Revision history for this message

Martin Pitt (pitti) wrote on 2006-07-11:

#2

Edgy is already fixed, and I already uploaded the -stable updates. USN will be released soon.

Changed in samba:
assignee:	nobody → pitti
importance:	Untriaged → High
status:	Unconfirmed → Fix Committed

Revision history for this message

Martin Pitt (pitti) wrote on 2006-07-19:

#3

This got fixed a while ago in http://www.ubuntu.com/usn/usn-314-1

Changed in samba:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public Security information

Everyone can see this security related information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Patches

samba-3.0-CAN-2006-3403.patch Edit

Add patch

Remote bug watches

Bug watches keep track of this bug in other bug trackers.