[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] Fwd: [Full-disclosure] stratsec Security Advisory SS-2010-005: Samba Multiple DoS
From:       Thomas Biege <thomas () suse ! de>
Date:       2010-05-26 9:23:35
Message-ID: 201005261123.35729.thomas () suse ! de
[Download RAW message or body]

Am Mittwoch 26 Mai 2010 09:46:44 schrieb Tomas Hoger:
> On Tue, 25 May 2010 17:10:04 +0200 Thomas Biege wrote:
> > So far no assignments were made, right?
> 
> Do you have any public bug report with further details about these
> flaws?

I am just aware of this posting to FD.


> According to our samba maintainers, this code is only executed
> in per-connection smbd child and one can only DoS own connection. It
> seems upstream has not handled this as security either.

That would be good. One samba update less.

Cheers,
Thomas


-- 
 Thomas Biege <thomas@suse.de>, SUSE LINUX, Security Support & Auditing
 SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)
--
  Wer aufhoert besser werden zu wollen, hoert auf gut zu sein.
                            -- Marie von Ebner-Eschenbach
[prev in list] [next in list] [prev in thread] [next in thread]