FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

samba -- multiple vulnerabilities

Affected packages
0 < samba34
0 < samba35
3.6.* < samba36 < 3.6.22
4.0.* < samba4 < 4.0.13
4.1.* < samba41 < 4.1.3

Details

VuXML ID 613e45d1-6154-11e3-9b62-000c292e4fd8
Discovery 2012-06-12
Entry 2013-12-11

The Samba project reports:

These are security releases in order to address CVE-2013-4408 (DCE-RPC fragment length field is incorrectly checked) and CVE-2012-6150 (pam_winbind login without require_membership_of restrictions).

References

CVE Name CVE-2012-6150
CVE Name CVE-2013-4408
URL http://www.samba.org/samba/security/CVE-2012-6150
URL http://www.samba.org/samba/security/CVE-2013-4408