Here is the patch. Samba 3.6.4 does not have this vulnerability. ** Patch added: "Patch for the unauthenticated root exploit bug - taken directly from samba website" https://bugs.launchpad.net/ubuntu/+source/samba/+bug/980758/+attachment/3058739/+files/samba-3.6.3-CVE-2012-1182.patch
** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2012-1182 ** Changed in: samba (Ubuntu) Status: New => Invalid ** This bug is no longer flagged as a security vulnerability -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/980758 Title: new buffer overflow attack on samba 3.6.3 -> enables unauthenticated remote root access To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/980758/+subscriptions -- Ubuntu-server-bugs mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
