On Wed, Dec 12, 2007 at 04:31:47PM +0100, Carlos E. R. wrote:
The Wednesday 2007-12-12 at 09:53 +0100, Thomas Biege wrote:
SUSE Security Announcement
Package: samba Announcement ID: SUSE-SA:2007:068 Date: Wed, 12 Dec 2007 09:00:00 +0000 Affected Products: SUSE LINUX 10.0 SUSE LINUX 10.1 openSUSE 10.2 openSUSE 10.3
...
1) Problem Description and Brief Discussion
The Samba suite is an open-source implementatin of the SMB protocol. This update of samba fixes a buffer overflow in function send_mailslot() that allows remote attackers to overwrite the stack with 0 (via memset(3)) by sending specially crafted SAMLOGON packets.
This bug can only be triggered if option "domain logon" is enabled.
Does this one solve the core dump and crash problem caused by the previous update?
It should. Ciao, Marcus --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org