Marcus Meissner schrieb: >> fixing a remotely exploitable buffer overflow vulnerability in the >> CIFS protocol. > assuming a malicious server.
Right. And assuming you can get the user to click on a link like smb://naked-teenage-girls-with-horses.evilhaxxx0r.com/ Unfortunately, this is a realistic attack scenario. > Even we as Linux distributors should probably set some people up to > study the .stable releases for such things. I think you absolutely have to, if you want to provide professional services to customers. As if you hadn't enough work to do already... Andreas _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
