I am trying to do some research on two Samba Vulnerabilities; Samba MS-RPC Request Parsing Heap Buffer Overflows (CVE-2007-2446) and Samba Remote Command Injection Vulnerability (CVE-2007-2447). In reading the documentation for these vulnerabilities, it appears that the available patches, to fix the problems, are for version 3.0.24. I am currently running version 3.0.21, on Solaris 10. Does that mean that the vulnerability does not relate to my version? If not, is there somewhere that I can download the patch for version 3.0.21? If not, and the only way to resolve the vulnerability is to upgrade, are there upgrade documents somewhere? I have installation, but not upgrade documentation. Thanks
Pati M "UNIX is user friendly. It's just picky about who it's friends with." This email may contain material that is confidential, privileged, and/or attorney work product for the sole use of the intended recipient. Any review, reliance, or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please contact the sender and delete all copies. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
