[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Vulnerability in Samba 2.2.10 and older

Subject: Re: Vulnerability in Samba 2.2.10 and older
From: Matthias Scheler <tron@NetBSD.org>
To: tech-pkg-ja@jp.NetBSD.org
Date: Wed, 1 Sep 2004 10:16:26 +0200
Message-ID: <20040901081626.GA19775@colwyn.zhadum.de>
In-Reply-To: <20040901.170204.74739690.taca@back-street.net>
References: <20040831.204459.32627944.taca@back-street.net> <20040831122941.GA8768@colwyn.zhadum.de> <20040901.000941.123923894.taca@back-street.net> <20040901.170204.74739690.taca@back-street.net>
Cc: Kimmo Suominen <kim@NetBSD.org>
Delivered-To: mailing list tech-pkg-ja@jp.netbsd.org
Mailing-List: contact tech-pkg-ja-help@jp.netbsd.org; run by ezmlm-idx
User-Agent: Mutt/1.4.2.1i

On Wed, Sep 01, 2004 at 05:02:04PM +0900, Takahiro Kambe wrote:
> > > We might even be able to remove that entry if we know for sure that
> > > this bug doesn't crash the main Samba server process.
> > I don't know in detail and I don't want to read (or understand)
> > Samba's codes.  ;-p
> This problem is caused by authenticated user only.

Ok, I've removed the entry. A client crashing its own server process
isn't a Denial Of Service attack as long as the main process is
still arround for forking more server processes.

	Kind regards

-- 
Matthias Scheler                                  http://scheler.de/~matthias/

References:
- Re: Vulnerability in Samba 2.2.10 and older
  - From: Takahiro Kambe <taca@back-street.net>
- Re: Vulnerability in Samba 2.2.10 and older
  - From: Takahiro Kambe <taca@back-street.net>

Prev by Date: Re: Vulnerability in Samba 2.2.10 and older
Next by Date: Ngraph-6.3.30
Prev by thread: Re: Vulnerability in Samba 2.2.10 and older
Next by thread: Ngraph-6.3.30
Index(es):
- Date
- Thread