Hi,
it seems, that samba <=3.0.7 contains an additional, more severe
vulnerability besides the DoS described in
http://www.gentoo.org/security/en/glsa/glsa-200411-21.xml
According to
http://security.e-matters.de/advisories/132004.html ,
samba <=3.0.7 contains a vulnerabilty, that allows remote code injection
and execution.
This has been fixed in samba 3.0.8 as well, but no advisory has been
released, since the samba developers believed the bug to be
non-exploitable.
Marc
--
gentoo-security@gentoo.org mailing list
it seems, that samba <=3.0.7 contains an additional, more severe
vulnerability besides the DoS described in
http://www.gentoo.org/security/en/glsa/glsa-200411-21.xml
According to
http://security.e-matters.de/advisories/132004.html ,
samba <=3.0.7 contains a vulnerabilty, that allows remote code injection
and execution.
This has been fixed in samba 3.0.8 as well, but no advisory has been
released, since the samba developers believed the bug to be
non-exploitable.
Marc
--
gentoo-security@gentoo.org mailing list