[v3.0] samba: remote information leak and DoS (CVE-2014-0178 CVE-2014-0244 CVE-2014-3493)
Samba 3.6.6 through 3.6.23, 4.0.x before 4.0.18, and 4.1.x before 4.1.8, when a certain vfs shadow copy configuration is enabled, does not properly initialize the SRV_SNAPSHOT_ARRAY response field, which allows remote authenticated users to obtain potentially sensitive information from process memory via a (1) FSCTL_GET_SHADOW_COPY_DATA or (2) FSCTL_SRV_ENUMERATE_SNAPSHOTS request.
Samba 3.6.x to 4.1.8 are affected by a denial of service attack on unauthenticated nmbd NetBIOS name services.
Samba 3.6.x to 4.1.8 are affected by a denial of service crash involving overwriting memory on an authenticated connection to the smbd file server.
(from redmine: issue id 3080, created on 2014-06-24, closed on 2014-06-25)
- parent #3076 (closed)
- Revision f627bd8b by Natanael Copa on 2014-06-25T09:46:43Z:
main/samba: security upgrade to 4.1.9 (CVE-2014-0244,CVE-2014-3493) fixes #3080