Red Hat Bugzilla – Bug 131446
CAN-2004-0829 DOS in smbd
Last modified: 2014-08-31 19:26:32 EDT
The Samba 2.2.11 release addresses the following bug:
~ o Crashes in smbd triggered by a Windows XP SP2 client sending
~ a FindNextPrintChangeNotify() request without previously
~ issuing FindFirstPrintChangeNotify().
Upstream released 2.2.11 on 2004-08-12.
Created attachment 103448 [details]
possible patch for security issue
diff -u samba-2.2.10/source/rpc_server/srv_spoolss_nt.c
samba-2.2.11/source/rpc_server/srv_spoolss_nt.c > diff-u
If samba is not upgraded to 2.2.11, then this patch should fix the security
Gentoo said: "After further verifications, it appears that a remote
user can only deny service to himself, so this bug does not induce any
security issue at all.". Removing "security" severity.
Actually closing this one.