USN-314-1: samba vulnerability

Publication date

13 July 2006

Overview

samba vulnerability


Details

The Samba security team reported a Denial of Service vulnerability in
the handling of information about active connections. In certain
circumstances an attacker could continually increase the memory usage
of the smbd process by issuing a large number of share connection
requests. By draining all available memory, this could be exploited to
render the remote Samba server unusable.

The Samba security team reported a Denial of Service vulnerability in
the handling of information about active connections. In certain
circumstances an attacker could continually increase the memory usage
of the smbd process by issuing a large number of share connection
requests. By draining all available memory, this could be exploited to
render the remote Samba server unusable.

Update instructions

In general, a standard system upgrade is sufficient to effect the necessary changes.

Learn more about how to get the fixes.

The problem can be corrected by updating your system to the following package versions:

Ubuntu Release Package Version
6.06 dapper samba –  3.0.22-1ubuntu3.1
5.10 breezy samba –  3.0.14a-6ubuntu1.1
5.04 hoary samba –  3.0.10-1ubuntu3.1

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.


Have additional questions?

Talk to a member of the team ›