samba -- multiple vulnerabilities

Description:

The Samba Team reports:

Secunia Research reported a vulnerability that allows for the execution of arbitrary code in nmbd. This defect may only be exploited when the "wins support" parameter has been enabled in smb.conf.

Samba developers have discovered what is believed to be a non-exploitable buffer over in nmbd during the processing of GETDC logon server requests. This code is only used when the Samba server is configured as a Primary or Backup Domain Controller.

References:

BugTraq ID 26454
CVE name CVE-2007-4572
CVE name CVE-2007-5398
URL: <http://secunia.com/advisories/27450/>
URL: <http://us1.samba.org/samba/security/CVE-2007-4572.html>
URL: <http://us1.samba.org/samba/security/CVE-2007-5398.html>

Affects:

samba <3.0.26a
samba >*,1 <3.0.26a_2,1
samba3 <3.0.26a
samba3 >*,1 <3.0.26a_2,1
ja-samba <3.0.26a
ja-samba >*,1 <3.0.26a_2,1

portaudit: samba -- multiple vulnerabilities

Disclaimer: The data contained on this page is derived from the VuXML document, please refer to the the original document for copyright information. The author of portaudit makes no claim of authorship or ownership of any of the information contained herein.

If you have found a vulnerability in a FreeBSD port not listed in the database, please contact the FreeBSD Security Team. Refer to "FreeBSD Security Information" for more information.

Oliver Eikemeier <eik@FreeBSD.org>