Common Vulnerabilities and Exposures assigned an identifier CVE-2008-6800 to the following vulnerability: Name: CVE-2008-6800 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6800 Assigned: 20090507 Reference: BUGTRAQ:20081030 rPSA-2008-0308-1 samba samba-client samba-server samba-swat Reference: URL: http://www.securityfocus.com/archive/1/archive/1/497941/100/0/threaded Reference: MISC: https://issues.rpath.com/browse/RPL-2766 Reference: CONFIRM: http://wiki.rpath.com/Advisories:rPSA-2008-0308 Reference: CONFIRM: http://www.samba.org/samba/history/samba-3.0.32.html Race condition in the winbind daemon (aka winbindd) in Samba before 3.0.32 allows attackers to cause a denial of service (crash) via unspecified vectors related to an "unresponsive" child process.
Upstream commit to fix this issue is here: http://gitweb.samba.org/?p=samba.git;a=commitdiff;h=c93d42969451949566327e7fdbf29bfcee2c8319
Sorry, I have to ask, what is the point of this bugzilla ?
The Red Hat Security Team does not view this as a vulnerability. The winbindd children process run as root, and in order to exploit this race condition, not only does a local user require sufficiently elevated privileges (such as root), but must also be able to time the kill of the child process accurately, which we do not believe would be at all easy. If the user did have root privileges, it would be much easier to kill the winbindd parent process, or even take down the entire system, to accomplish a denial of service attack, than to attempt to exploit this race condition.