Bug 200588 - CVE-2006-3403 Samba Internal Data Structures Denial of Service
Summary: CVE-2006-3403 Samba Internal Data Structures Denial of Service
Status: CLOSED WONTFIX
Alias: None
Product: Fedora Legacy
Classification: Retired
Component: samba   
(Show other bugs)
Version: fc3
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Fedora Legacy Bugs
QA Contact:
URL: https://issues.rpath.com/browse/RPL-496
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2006-07-28 20:22 UTC by John Dalbec
Modified: 2007-04-18 17:46 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-04-03 05:09:12 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description John Dalbec 2006-07-28 20:22:16 UTC
06.28.24 CVE: CVE-2006-3403
Platform: Cross Platform
Title: Samba Internal Data Structures Denial of Service
Description: Samba is freely available file and printer sharing
software. It is exposed to a denial of service issue due to design of
internal data structures. The problem occurs when a large number of
share connection requests are sent by an attacker. This can result in
excessive memory consumption and an eventual crash of the application.
Samba versions 3.0.1 through 3.0.22 are affected.
Ref: https://issues.rpath.com/browse/RPL-496

Comment 1 David Eisenstein 2007-04-03 05:09:12 UTC
This bug should be closed, as this bug was for Fedora Core 3, which is no longer
supported:  Fedora Legacy is a closed project.   This CVE-2006-3403 was fixed
both in FC4 and FC5, and should not have been an issue in FC6's Samba, since
FC6 was released in October of 2006.  This bug was also fixed in RHEL (see 
Bug #197836).

FC5:  
http://www.redhat.com/archives/fedora-package-announce/2006-July/msg00051.html
FC4:
http://www.redhat.com/archives/fedora-package-announce/2006-July/msg00052.html

Closing.



Note You need to log in before you can comment on or make changes to this bug.