MDVSA-2013:207 -- Mandriva sambaID: oval:org.secpod.oval:def:1300212 | Date: (C)2013-10-08 (M)2023-12-07 |
Class: PATCH | Family: unix |
A vulnerability has been found and corrected in samba: Integer overflow in the read_nttrans_ea_list function in nttrans.c in smbd in Samba 3.x before 3.5.22, 3.6.x before 3.6.17, and 4.x before 4.0.8 allows remote attackers to cause a denial of service via a malformed packet . The updated packages for Enterprise Server 5.2 has been patched to correct this issue. The updated packages for Business Server 1 has been upgraded to the 3.6.17 version which resolves many upstream bugs and is not vulnerable to this issue. Additionally the libtevent packages are being provided which is a requirement since samba 3.6.16.
Platform: |
Mandriva Enterprise Server 5.2 |