[samba-jp:18773] Re: [FYI] [SECURITY] Samba 3.0.1 - 3.0.22: memory exhaustion DoS against smbd

2006年 7月 11日 (火) 07:40:04 JST

In message <20060710223743.GB19582 ＠ mail.linux.bs1.fc.nec.co.jp>
	on Tue, 11 Jul 2006 07:37:43 +0900,
	oota ＠ mail.linux.bs1.fc.nec.co.jp wrote:
> 既存のSamba3系列でのセキュリティ情報です。
> 
> ==========================================================
> ==
> == Subject:     Memory exhaustion DoS against smbd
> == CVE ID#:     CAN-2006-1059
> ==
> == Versions:    Samba Samba 3.0.1 - 3.0.22 (inclusive)
> ==
> == Summary:     smbd may allow internal structures
> ==              maintaining state for share connections
> ==              to grow unbounded.
> ==
> ==========================================================
続報で、

> This is a cut-n-paste error.  The correct CVE # is
> CVE-2006-3403.  Sorry for any confusion. It has been
> updated on the web site as well.

とのことです。

-- 
神戸 隆博 / Takahiro Kambe