Bug#568942: samba: mtab corruption via malicious crafted string

Moritz Muehlenhoff Tue, 09 Feb 2010 12:39:44 -0800

Pedro R wrote:
> Package: samba
> Version: 2:3.4.5~dfsg-1
> Severity: grave
> Tags: security
> Justification: user security hole
> 
> 
> Hi,
> 
> a security bug has been discovered in all versions of Samba up to and 
> including 3.4.5. 
> It is possible to cause mtab corruption via a specially crafted string.
> More information at
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0547
> http://git.samba.org/?p=samba.git;a=commit;h=a065c177dfc8f968775593ba00dffafeebb2e054


Since 567554 is tagged pending, I suppose the setuid root bit on
mount.cifs is going to be dropped. Once done, this issue is moot.

Cheers,
        Moritz



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#568942: samba: mtab corruption via malicious crafted string

Reply via email to