The branch, master has been updated via 7e39675 Add draft of CVE-2012-0870 annoucement. from 7a4f50b Replace no longer existing sfconservancy web host
http://gitweb.samba.org/?p=samba-web.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 7e396756df36ae8893ad93e7df035be929308121 Author: Lars Müller <l...@samba.org> Date: Thu Feb 23 22:20:06 2012 +0100 Add draft of CVE-2012-0870 annoucement. ----------------------------------------------------------------------- Summary of changes: security/CVE-2012-0870.html | 73 +++++++++++++++++++++++++++++++++++++++++++ 1 files changed, 73 insertions(+), 0 deletions(-) create mode 100644 security/CVE-2012-0870.html Changeset truncated at 500 lines: diff --git a/security/CVE-2012-0870.html b/security/CVE-2012-0870.html new file mode 100644 index 0000000..452eebf --- /dev/null +++ b/security/CVE-2012-0870.html @@ -0,0 +1,73 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" + "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml"> + +<head> +<title>Samba - Security Announcement Archive</title> +</head> + +<body> + + <H2>CVE-2012-0870:</H2> + +<p> +<pre> +=========================================================== +== Subject: Remote code execution vulnerability in smbd +== +== CVE ID#: CVE-2012-0870 +== +== Versions: Samba pre-3.4.0 +== +== Summary: Ensure AndX offsets are increasing strictly monotonically + in pre-3.4 versions +== +=========================================================== + +=========== +Description +=========== + +Samba versions up to 3.4.0 do not ensure that AndX offsets of the smb daemon +(smbd) are increasing strictly monotonically. + +Therefore a remote code execution vulnerability exists in the service. +A remote attacker could use the vulnerability to launch an exploit over a +network connection + +========== +Workaround +========== + +None. + +================== +Patch Availability +================== + +A patch addressing this defect has been posted to + + http://www.samba.org/samba/security/ + +As all pre-3.4.0 versions are discontinued at least since August 9, 2011 even +for security patches, the patches are provided as an extra service to our +community, users, and verndors. + +======= +Credits +======= + +The vulnerability was discovered by Andy Davis of NGS Secure¹ and reported by +Greg Kinasewitz of Research In Motion². Patches were written by Volker +Lendecke of the Samba Team. + +========== +References +========== + +¹ http://www.ngssecure.com/research/research-overview.aspx +² http://www.blackberry.com/btsc/KB29565 + +</pre> +</body> +</html> -- Samba Website Repository