Bug 131446 (IT_48181) - CAN-2004-0829 DOS in smbd
Summary: CAN-2004-0829 DOS in smbd
Keywords:
Status: CLOSED ERRATA
Alias: IT_48181
Product: Red Hat Enterprise Linux 2.1
Classification: Red Hat
Component: samba
Version: 2.1
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Jay Fenlason
QA Contact: David Lawrence
URL:
Whiteboard:
Depends On:
Blocks: 123573
TreeView+ depends on / blocked
 
Reported: 2004-09-01 15:37 UTC by Josh Bressers
Modified: 2014-08-31 23:26 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2004-12-02 19:04:10 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)
possible patch for security issue (754 bytes, patch)
2004-09-03 19:29 UTC, Martin Hunt
no flags Details | Diff


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2004:454 0 normal SHIPPED_LIVE Updated samba packages resolve crash 2004-09-08 04:00:00 UTC

Description Josh Bressers 2004-09-01 15:37:29 UTC
The Samba 2.2.11 release addresses the following bug:

~  o Crashes in smbd triggered by a Windows XP SP2 client sending
~    a FindNextPrintChangeNotify() request without previously
~    issuing FindFirstPrintChangeNotify().

Upstream released 2.2.11 on 2004-08-12.

Comment 1 Martin Hunt 2004-09-03 19:29:20 UTC
Created attachment 103448 [details]
possible patch for security issue

diff -u samba-2.2.10/source/rpc_server/srv_spoolss_nt.c
samba-2.2.11/source/rpc_server/srv_spoolss_nt.c > diff-u

If samba is not upgraded to 2.2.11, then this patch should fix the security
problem.

Comment 3 Mark J. Cox 2004-09-13 10:27:42 UTC
Gentoo said: "After further verifications, it appears that a remote
user can only deny service to himself, so this bug does not induce any
security issue at all.".  Removing "security" severity.

Comment 5 Jay Fenlason 2004-12-02 19:04:10 UTC
Actually closing this one. 


Note You need to log in before you can comment on or make changes to this bug.