[Please upgrade if you run swat on Samba 3.x. Updated distribution packages should be available soon -- Raju]
This is an RFC 1153 digest. (1 message) ---------------------------------------------------------------------- Message-ID: <[EMAIL PROTECTED]> From: "Evgeny Demidov" <[EMAIL PROTECTED]> Sender: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: [Full-Disclosure] Samba 3.x swat preauthentication buffer overflow Date: Thu, 22 Jul 2004 19:05:55 +0400 Name: Samba 3.x swat preauthentication buffer overflow Date: 22 Jule 2004 CVE candidate: CAN-2004-0600 Author: Evgeny Demidov Description: There exists a remote preauthentication buffer overflow in Samba 3.x swat administration service. All version of Samba 3.0.2-3.0.4 are vulnerable to our knowledge. Fix: Samba 3.0.5 which fixes this problem is available: http://www.samba.org/samba/whatsnew/samba-3.0.5.html History: 28 April 2004 - vulnerability has been discovered during Samba source code audit by Evgeny Demidov 29 April 2004 - vulnerability details has been made available to VulnDisco clients 14 Jule 2004 - vulnerability has been reported to Samba Team 22 Jule 2004 - public release of the advisory _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ------------------------------ End of this Digest ****************** -- Raj Mathur [EMAIL PROTECTED] http://kandalaya.org/ GPG: 78D4 FC67 367F 40E2 0DD5 0FEF C968 D0EF CC68 D17F It is the mind that moves _______________________________________________ ilugd mailinglist -- [EMAIL PROTECTED] http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/[EMAIL PROTECTED]/
