What Are You Looking For?

Sign Up

- - ---------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200304-02
- - ---------------------------------------------------------------------

          PACKAGE : samba
          SUMMARY : Buffer overflow
             DATE : 2003-04-09 08:44 UTC
          EXPLOIT : remote
VERSIONS AFFECTED : <2.2.8a : fixed version>=2.2.8a
              CVE : CAN-2003-0201

- - ---------------------------------------------------------------------

- From advisory:

"An anonymous user can gain remote root access due to a buffer overflow caused
by a StrnCpy() into a char array (fname) using a non-constant length 
(namelen)."

Read the full advisory at: 
https://marc.theaimsgroup.com/?l=bugtraq&m=104972664226781&w=2

SOLUTION

It is recommended that all Gentoo Linux users who are running
net-fs/samba upgrade to samba-2.2.8a as follows:

emerge sync
emerge samba
emerge clean

- - ---------------------------------------------------------------------
aliz@gentoo.org - GnuPG key is available at   
- - ---------------------------------------------------------------------

2.2.8a

Gentoo: samba buffer overflow vulnerability

An anonymous user can gain remote root access due to a buffer overflow caused by a StrnCpy() into a char array (fname) using a non-constant length (namelen).

Summary


- - ---------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200304-02
- - ---------------------------------------------------------------------

- - ---------------------------------------------------------------------

- From advisory:

"An anonymous user can gain remote root access due to a buffer overflow caused
by a StrnCpy() into a char array (fname) using a non-constant length 
(namelen)."

Read the full advisory at: 
https://marc.theaimsgroup.com/?l=bugtraq&m=104972664226781&w=2

SOLUTION

It is recommended that all Gentoo Linux users who are running
net-fs/samba upgrade to samba-2.2.8a as follows:

emerge sync
emerge samba
emerge clean

- - ---------------------------------------------------------------------
aliz@gentoo.org - GnuPG key is available at   
- - ---------------------------------------------------------------------

2.2.8a

Resolution

References

Availability

Concerns

Severity
PACKAGE : samba
SUMMARY : Buffer overflow
DATE : 2003-04-09 08:44 UTC
EXPLOIT : remote
VERSIONS AFFECTED : <2.2.8a : fixed version>=2.2.8a
CVE : CAN-2003-0201

Synopsis

Background

Affected Packages

Impact

Workaround

Related News

CVE-2023-4911: Looney Tunables – Local Privilege Escalation in the glibc’s ld.so

Oct 19, 2023

Linux Tries to Dump Windows' Notoriously Insecure RNDIS Protocol

Oct 5, 2023

Severe Chromium DoS, Info Disclosure Vulns Fixed

Oct 25, 2023

Mitigations for Critical c-ares DoS, Code Execution Bug Released

Sep 29, 2023

News

Advisories

HOWTOs

Features

Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management
A Complete Guide to Torrenting Safely in 2024
Cloud Security Basics for Small Businesses
Scanning and Defending Networks with Nmap

About Us

Powered By

Footer Logo