[Please upgrade if you run swat on Samba 3.x. Updated distribution packages should be available soon -- Raju]
This is an RFC 1153 digest. (1 message) ---------------------------------------------------------------------- Message-ID: <[EMAIL PROTECTED]> From: "Evgeny Demidov" <[EMAIL PROTECTED]> Sender: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: [Full-Disclosure] Samba 3.x swat preauthentication buffer overflow Date: Thu, 22 Jul 2004 19:05:55 +0400 Name: Samba 3.x swat preauthentication buffer overflow Date: 22 Jule 2004 CVE candidate: CAN-2004-0600 Author: Evgeny Demidov Description: There exists a remote preauthentication buffer overflow in Samba 3.x swat administration service. All version of Samba 3.0.2-3.0.4 are vulnerable to our knowledge. Fix: Samba 3.0.5 which fixes this problem is available: http://www.samba.org/samba/whatsnew/samba-3.0.5.html History: 28 April 2004 - vulnerability has been discovered during Samba source code audit by Evgeny Demidov 29 April 2004 - vulnerability details has been made available to VulnDisco clients 14 Jule 2004 - vulnerability has been reported to Samba Team 22 Jule 2004 - public release of the advisory _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ------------------------------ End of this Digest ****************** -- Raj Mathur [EMAIL PROTECTED] http://kandalaya.org/ GPG: 78D4 FC67 367F 40E2 0DD5 0FEF C968 D0EF CC68 D17F It is the mind that moves ------------------------------------------------------- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click _______________________________________________ linux-india-help mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/linux-india-help
