[v2.7] samba: remote information leak and DoS (CVE-2014-0178 CVE-2014-0244 CVE-2014-3493)
CVE-2014-0178:
Samba 3.6.6 through 3.6.23, 4.0.x before 4.0.18, and 4.1.x before 4.1.8,
when a certain vfs shadow copy configuration is enabled, does not
properly initialize the SRV_SNAPSHOT_ARRAY response field, which
allows remote authenticated users to obtain potentially sensitive
information from process memory via a (1) FSCTL_GET_SHADOW_COPY_DATA
or (2) FSCTL_SRV_ENUMERATE_SNAPSHOTS request.
•CONFIRM: http://www.samba.org/samba/security/CVE-2014-0178
•Bugtraq: http://seclists.org/bugtraq/2014/Jun/137
CVE-2014-0244:
Samba 3.6.x to 4.1.8 are affected by a denial of service attack on
unauthenticated nmbd NetBIOS name services.
•CONFIRM: http://www.samba.org/samba/security/CVE-2014-0244
CVE-2014-3493:
Samba 3.6.x to 4.1.8 are affected by a denial of service crash involving
overwriting memory on an authenticated connection to the smbd file
server.
•CONFIRM: http://www.samba.org/samba/security/CVE-2014-3493
(from redmine: issue id 3079, created on 2014-06-24, closed on 2014-06-25)
- Relations:
- parent #3076 (closed)
- Changesets:
- Revision 78b979ac by Natanael Copa on 2014-06-25T09:42:10Z:
main/samba: security upgrade to 4.1.9 (CVE-2014-0178,CVE-2014-0244,CVE-2014-3493)
fixes #3079