Re: [Samba] [SECURITY] Samba 3.0.1 - 3.0.22: memory exhaustion DoSagainst smbd
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Gautier, B (Bob) wrote: -Original Message- == == == Subject: Memory exhaustion DoS against smbd == CVE ID#: CAN-2006-3403 While we wait for this patch to get backported into 3.0.10 as a RHEL4 update, will setting the 'max connections' parameter on all shares work around this problem? The problem is that a 'max connections' would limit the total connections and what you really want to limit is the share connections per smbd. If could set something like max connections = 1 in [global] to set a ceiling but you will take a slight performance hit for it. cheers, jerry = Samba--- http://www.samba.org Centeris --- http://www.centeris.com What man is a man who does not make the world better? --Balian -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iD8DBQFEv+NEIR7qMdg1EfYRAsa1AKDFV1dnX+HSVVM+S+RjSBV9S85otwCfRniQ ajxDm1Io1ptpGPo98ZJZ1/k= =FK96 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] [SECURITY] Samba 3.0.1 - 3.0.22: memory exhaustion DoSagainst smbd
-Original Message- == == == Subject: Memory exhaustion DoS against smbd == CVE ID#: CAN-2006-1059 == == Versions:Samba Samba 3.0.1 - 3.0.22 (inclusive) == == Summary: smbd may allow internal structures == maintaining state for share connections == to grow unbounded. == == === Description === The smbd daemon maintains internal data structures used track active connections to file and printer shares. In certain circumstances an attacker may be able to continually increase the memory usage of an smbd process by issuing a large number of share connection requests. This defect affects all Samba configurations. While we wait for this patch to get backported into 3.0.10 as a RHEL4 update, will setting the 'max connections' parameter on all shares work around this problem? Bob G _ This email (including any attachments to it) is confidential, legally privileged, subject to copyright and is sent for the personal attention of the intended recipient only. If you have received this email in error, please advise us immediately and delete it. You are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited. Although we have taken reasonable precautions to ensure no viruses are present in this email, we cannot accept responsibility for any loss or damage arising from the viruses in this email or attachments. We exclude any liability for the content of this email, or for the consequences of any actions taken on the basis of the information provided in this email or its attachments, unless that information is subsequently confirmed in writing. If this email contains an offer, that should be considered as an invitation to treat. _ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] [SECURITY] Samba 3.0.1 - 3.0.22: memory exhaustion DoSagainst smbd
(Blond-moment question) I take it then, that this bug doesn't apply to version 3.0.23? - Guillermo -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gerald (Jerry) Carter Sent: Monday, July 10, 2006 1:21 PM To: [EMAIL PROTECTED] Subject: [Samba] [SECURITY] Samba 3.0.1 - 3.0.22: memory exhaustion DoSagainst smbd -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 == == == Subject: Memory exhaustion DoS against smbd == CVE ID#: CAN-2006-1059 == == Versions:Samba Samba 3.0.1 - 3.0.22 (inclusive) == == Summary: smbd may allow internal structures == maintaining state for share connections == to grow unbounded. == == === Description === The smbd daemon maintains internal data structures used track active connections to file and printer shares. In certain circumstances an attacker may be able to continually increase the memory usage of an smbd process by issuing a large number of share connection requests. This defect affects all Samba configurations. == Patch Availability == A patch for Samba 3.0.1 - 3.0.22 has been posted at http://www.samba.org/samba/security/. Guidelines for securing Samba hosts are listed at http://www.samba.org/docs/server_security.html === Credits === This security issue discovered during an internal security audit of the Samba source code by the Samba Team. == == Our Code, Our Bugs, Our Responsibility. == The Samba Team == -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iD8DBQFEsraWIR7qMdg1EfYRAgGgAJwKuXUvw0lOs3fkNwR4qJ65fZMOrACgtuTS M65Y4TJbTWo46oSFuHc4LXE= =CZLB -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] [SECURITY] Samba 3.0.1 - 3.0.22: memory exhaustion DoSagainst smbd
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Guillermo Gutierrez wrote: (Blond-moment question) I take it then, that this bug doesn't apply to version 3.0.23? Actually, you are the second person to ask me this. :-) I thought that since both the security and release announcement can from me, it would be obvious. But if not, the fix was listed in the commits between 3.0.23rc3 and 3.0.23 in the release notes o Volker Lendecke [EMAIL PROTECTED] . * CVE-2006-3403: Fix minor memory exhaustion DoS in smbd. So this confirms once again that no one reads the release notes. cheers, jerry = Samba--- http://www.samba.org Centeris --- http://www.centeris.com What man is a man who does not make the world better? --Balian -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iD8DBQFEs7u5IR7qMdg1EfYRAjaBAKCfRYDj5LRDDeL2zAhd34a5JuaSCgCgnPEx qMoze9RYT/7A+23KWRIm4IM= =Odje -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] [SECURITY] Samba 3.0.1 - 3.0.22: memory exhaustion DoSagainst smbd
On Tue, 11 Jul 2006 09:54:49 -0500, Gerald (Jerry) Carter wrote So this confirms once again that no one reads the release notes. When you can generate billable hours for your clients by installing upgrades, you do... -- Tim Evans, TKEvans.com, Inc.|5 Chestnut Court [EMAIL PROTECTED] |Owings Mills, MD 21117 http://www.tkevans.com/ |443-394-3864 http://www.come-here.com/News/ | -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] [SECURITY] Samba 3.0.1 - 3.0.22: memory exhaustion DoSagainst smbd
On Tue, 11 Jul 2006, Gerald (Jerry) Carter wrote: Guillermo Gutierrez wrote: (Blond-moment question) I take it then, that this bug doesn't apply to version 3.0.23? Actually, you are the second person to ask me this. :-) I thought that since both the security and release announcement can from me, it would be obvious. The security bug announcement did say that versions up through 3.0.22 were affected, but there are two possible explanations for the appearance of that statement: 1. At the time the security announcement was written, 3.0.23 had been released and was known not to be affected by the security problem, and therefore wasn't included in the list of versions affected. 2. At the time the security announcement was written, 3.0.23 had not been released and wasn't included in the list of versions affected because 3.0.23 did not exist. In order to figure out which, the reader has to determine whether whoever wrote the security announcement knew that 3.0.23 existed. You posted both announcements to the list, but (a) that doesn't mean you wrote both of them (release announcements are usually written by the developer, but security advisories are often written up by some security team and then reposted all over the place), and (b) that doesn't mean, even if you wrote the security advisory, that it was written after 3.0.23 was released; maybe they were both written within 10 minutes of each other because that was when you had time to send out some e-mail messages. In practice, maybe an easy way to deal with this is to include in any security advisory two lists of versions: those known to be affected and those known not to be affected. (ISC does something like this with their security matrix for BIND.) - Logan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] [SECURITY] Samba 3.0.1 - 3.0.22: memory exhaustion DoSagainst smbd
Hello, We were experiencing this problem with samba 3.0.22, after upgrading to 3.0.23 the bug was gone (at least, until now...) Guillermo Gutierrez escreveu: (Blond-moment question) I take it then, that this bug doesn't apply to version 3.0.23? - Guillermo -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gerald (Jerry) Carter Sent: Monday, July 10, 2006 1:21 PM To: [EMAIL PROTECTED] Subject: [Samba] [SECURITY] Samba 3.0.1 - 3.0.22: memory exhaustion DoSagainst smbd -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 == == == Subject: Memory exhaustion DoS against smbd == CVE ID#: CAN-2006-1059 == == Versions:Samba Samba 3.0.1 - 3.0.22 (inclusive) == == Summary: smbd may allow internal structures == maintaining state for share connections == to grow unbounded. == == === Description === The smbd daemon maintains internal data structures used track active connections to file and printer shares. In certain circumstances an attacker may be able to continually increase the memory usage of an smbd process by issuing a large number of share connection requests. This defect affects all Samba configurations. == Patch Availability == A patch for Samba 3.0.1 - 3.0.22 has been posted at http://www.samba.org/samba/security/. Guidelines for securing Samba hosts are listed at http://www.samba.org/docs/server_security.html === Credits === This security issue discovered during an internal security audit of the Samba source code by the Samba Team. == == Our Code, Our Bugs, Our Responsibility. == The Samba Team == -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iD8DBQFEsraWIR7qMdg1EfYRAgGgAJwKuXUvw0lOs3fkNwR4qJ65fZMOrACgtuTS M65Y4TJbTWo46oSFuHc4LXE= =CZLB -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- ___ Atenciosamente, Daniel Felipe Martin GetNet - Tecnologia em Captura e Processamento de Transações Infra-estrutura Fone: +55 (51) 3598-9800 Fax: +55 (51) 3598-9801Ramal 2301 __ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba