rPSA-2009-0006-1 samba samba-client samba-server samba-swat

rPath Security Advisory: 2009-0006-1
Published: 2009-01-13
Products:
    rPath Appliance Platform Linux Service 1
    rPath Appliance Platform Linux Service 2
    rPath Linux 1
    rPath Linux 2

Rating: Minor
Exposure Level Classification:
    Remote Non-deterministic Denial of Service
Updated Versions:
    samba=conary.rpath.com@rpl:1/3.0.33-0.1-2
    samba=conary.rpath.com@rpl:2/3.0.33-1.1-1
    samba-client=conary.rpath.com@rpl:1/3.0.33-0.1-2
    samba-client=conary.rpath.com@rpl:2/3.0.33-1.1-1
    samba-client=rap.rpath.com@rpath:linux-1/3.0.33-1-1
    samba-client=rap.rpath.com@rpath:linux-2/3.0.33-1-1
    samba-server=conary.rpath.com@rpl:1/3.0.33-0.1-2
    samba-server=conary.rpath.com@rpl:2/3.0.33-1.1-1
    samba-swat=conary.rpath.com@rpl:1/3.0.33-0.1-2
    samba-swat=conary.rpath.com@rpl:2/3.0.33-1.1-1

rPath Issue Tracking System:
    https://issues.rpath.com/browse/RPL-2928

References:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=cvename.cgi?name=CVE-2008-4314

Description:
    In previous versions of the samba package, it may be possible for
    unauthenticated remote attackers to cause a denial of service in
    the smbd daemon, or to access the contents of some of the memory
    of the smbd daemon.  It is not known whether either of these
    vulnerabilities can be exploited in practice; this update fixes
    the bugs which may create these vulnerabilities.

http://wiki.rpath.com/Advisories:rPSA-2009-0006

Copyright 2009 rPath, Inc.
This file is distributed under the terms of the MIT License.
A copy is available at http://www.rpath.com/permanent/mit-license.html