Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Bugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Samba FindNextPrintChangeNotify() Error Lets Remote Authenticated Use

from [Jérôme] Network Security [Permanent Link]
Subject: Samba FindNextPrintChangeNotify() Error Lets Remote Authenticated Users Crash smbd
Date: 31 Aug 2004 20:33:28 -0000 


Date:  Mon, 30 Aug 2004 23:42:49 -0400
Subject:  http://samba.org/samba/history/samba-2.2.11.html
 
The Samba 2.2.11 release addresses the following bug:
 
  o Crashes in smbd triggered by a Windows XP SP2 client sending
    a FindNextPrintChangeNotify() request without previously
    issuing FindFirstPrintChangeNotify().


Impact:  Denial of service via network
 
Fix Available:  Yes   Exploit Included:  Yes   Vendor Confirmed:  Yes   
 
Version(s): prior to 3.0.6, prior to 2.2.11 
 
Description:  A vulnerability was reported in Samba. A remote authenticated 
user can cause smbd to crash. 

The vendor reported that a remote authenticated user can send a 
FindNextPrintChangeNotify() request without having previously sent a 
corresponding FindFirstPrintChangeNotify() requeste to cause smbd to crash.

This behavior can be triggered by a Windows XP SP2 client.

The flaw resides in printer_notify_info() in 'rpc_server/srv_spoolss_nt.c'.

Craig Huegen reported this flaw to the vendor. 
 
Impact:  A remote authenticated user can cause smbd to crash.
 
Solution:  The vendor has released a fixed version (3.0.6 and 2.2.11), 
available at:

http://samba.org/samba/download/
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Samba FindNextPrintChangeNotify() Error Lets Remote Authenticated Users Crash smbd, Jérôme <=
Previous by Date:  Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes, Jérôme
Next by Date:  Multiple Vulnerabilities in phpScheduleIt, Joxean Koret
Previous by Thread:  Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes, Jérôme
Next by Thread:  Multiple Vulnerabilities in phpScheduleIt, Joxean Koret
Indexes:  [Date] [Thread] [Top] [All Lists]