Vulnerabilities > CVE-2007-0452 - Unspecified vulnerability in Samba

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
samba
nessus

Summary

smbd in Samba 3.0.6 through 3.0.23d allows remote authenticated users to cause a denial of service (memory and CPU exhaustion) by renaming a file in a way that prevents a request from being removed from the deferred open queue, which triggers an infinite loop.

Nessus

  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_F235FE7AB9CA11DBBF0F0013720B182D.NASL
    descriptionThe Samba Team reports : Internally Samba
    last seen2020-06-01
    modified2020-06-02
    plugin id24826
    published2007-03-16
    reporterThis script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/24826
    titleFreeBSD : samba -- potential Denial of Service bug in smbd (f235fe7a-b9ca-11db-bf0f-0013720b182d)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from the FreeBSD VuXML database :
    #
    # Copyright 2003-2018 Jacques Vidrine and contributors
    #
    # Redistribution and use in source (VuXML) and 'compiled' forms (SGML,
    # HTML, PDF, PostScript, RTF and so forth) with or without modification,
    # are permitted provided that the following conditions are met:
    # 1. Redistributions of source code (VuXML) must retain the above
    #    copyright notice, this list of conditions and the following
    #    disclaimer as the first lines of this file unmodified.
    # 2. Redistributions in compiled form (transformed to other DTDs,
    #    published online in any format, converted to PDF, PostScript,
    #    RTF and other formats) must reproduce the above copyright
    #    notice, this list of conditions and the following disclaimer
    #    in the documentation and/or other materials provided with the
    #    distribution.
    # 
    # THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS"
    # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
    # THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
    # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS
    # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
    # OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
    # OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
    # BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
    # WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
    # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,
    # EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(24826);
      script_version("1.12");
      script_cvs_date("Date: 2019/08/02 13:32:39");
    
      script_cve_id("CVE-2007-0452");
    
      script_name(english:"FreeBSD : samba -- potential Denial of Service bug in smbd (f235fe7a-b9ca-11db-bf0f-0013720b182d)");
      script_summary(english:"Checks for updated packages in pkg_info output");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote FreeBSD host is missing one or more security-related
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The Samba Team reports :
    
    Internally Samba's file server daemon, smbd, implements support for
    deferred file open calls in an attempt to serve client requests that
    would otherwise fail due to a share mode violation. When renaming a
    file under certain circumstances it is possible that the request is
    never removed from the deferred open queue. smbd will then become
    stuck is a loop trying to service the open request.
    
    This bug may allow an authenticated user to exhaust resources such as
    memory and CPU on the server by opening multiple CIFS sessions, each
    of which will normally spawn a new smbd process, and sending each
    connection into an infinite loop."
      );
      # http://www.samba.org/samba/security/CVE-2007-0452.html
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.samba.org/samba/security/CVE-2007-0452.html"
      );
      # https://vuxml.freebsd.org/freebsd/f235fe7a-b9ca-11db-bf0f-0013720b182d.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?7f5963a9"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:ja-samba");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:samba");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:freebsd:freebsd");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2007/02/05");
      script_set_attribute(attribute:"patch_publication_date", value:"2007/03/16");
      script_set_attribute(attribute:"plugin_publication_date", value:"2007/03/16");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"FreeBSD Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/FreeBSD/release", "Host/FreeBSD/pkg_info");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("freebsd_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/FreeBSD/release")) audit(AUDIT_OS_NOT, "FreeBSD");
    if (!get_kb_item("Host/FreeBSD/pkg_info")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    
    if (pkg_test(save_report:TRUE, pkg:"samba>=3.0.6,1<3.0.24,1")) flag++;
    if (pkg_test(save_report:TRUE, pkg:"ja-samba>=3.0.6,1<3.0.24,1")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2007-0060.NASL
    descriptionUpdated samba packages that fix a denial of service vulnerability are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. Samba provides file and printer sharing services to SMB/CIFS clients. A denial of service flaw was found in Samba
    last seen2020-06-01
    modified2020-06-02
    plugin id24358
    published2007-02-17
    reporterThis script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/24358
    titleCentOS 3 / 4 : samba (CESA-2007:0060)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-1257.NASL
    descriptionSeveral remote vulnerabilities have been discovered in samba, a free implementation of the SMB/CIFS protocol, which may lead to the execution of arbitrary code or denial of service. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-0452 It was discovered that incorrect handling of deferred file open calls may lead to an infinite loop, which results in denial of service. - CVE-2007-0454
    last seen2020-06-01
    modified2020-06-02
    plugin id24296
    published2007-02-09
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/24296
    titleDebian DSA-1257-1 : samba - several vulnerabilities
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-200702-01.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-200702-01 (Samba: Multiple vulnerabilities) A format string vulnerability exists in the VFS module when handling AFS file systems and an infinite loop has been discovered when handling file rename operations. Impact : A user with permission to write to a shared AFS file system may be able to compromise the smbd process and execute arbitrary code with the permissions of the daemon. The infinite loop could be abused to consume excessive resources on the smbd host, denying service to legitimate users. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id24350
    published2007-02-15
    reporterThis script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/24350
    titleGLSA-200702-01 : Samba: Multiple vulnerabilities
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-419-1.NASL
    descriptionA flaw was discovered in Samba
    last seen2020-06-01
    modified2020-06-02
    plugin id28011
    published2007-11-10
    reporterUbuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/28011
    titleUbuntu 5.10 / 6.06 LTS / 6.10 : samba vulnerabilities (USN-419-1)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2007-219.NASL
    description - Wed Feb 7 2007 Jay Fenlason <fenlason at redhat.com> 3.0.24-1.fc5 - New upstream release - Update the -man patch to work with 3.0.24 - This release fixes CVE-2007-0452 Samba smbd denial of service - Tue Sep 26 2006 Jay Fenlason <fenlason at redhat.com> 3.0.23c-1.fc5 - Include the newer smb.init that includes the configtest option - Upgrade to 3.0.23c, obsoleting the -samr_alias patch. - Wed Aug 9 2006 Jay Fenlason <fenlason at redhat.com> 3.0.23b-1.fc5 - New upstream release, fixing some annoying bugs. - Mon Jul 24 2006 Jay Fenlason <fenlason at redhat.com> 3.0.23a-1.fc5.1 - Fix the -logfiles patch to close bz#199607 Samba compiled with wrong log path. bz#199206 smb.conf has incorrect log file path - Mon Jul 24 2006 Jay Fenlason <fenlason at redhat.com> 3.0.23a-1.fc5 - Upgrade to new upstream 3.0.23a - include upstream samr_alias patch - Wed Jul 12 2006 Jay Fenlason <fenlason at redhat.com> 3.0.23-1.fc5 - Upgrade to 3.0.23 to close bz#197836 CVE-2006-3403 Samba denial of service - include related spec file, filter-requires-samba.sh and patch changes from rawhide. - include the fixed smb.init file from rawhide, closing bz#182560 Wrong retval for initscript when smbd is dead Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id24305
    published2007-02-09
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/24305
    titleFedora Core 5 : samba-3.0.24-1.fc5 (2007-219)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SAMBA-2556.NASL
    descriptionA logic error in the deferred open code can lead to an infinite loop in Samba
    last seen2020-06-01
    modified2020-06-02
    plugin id29575
    published2007-12-13
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/29575
    titleSuSE 10 Security Update : samba (ZYPP Patch Number 2556)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2007-0060.NASL
    descriptionFrom Red Hat Security Advisory 2007:0060 : Updated samba packages that fix a denial of service vulnerability are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. Samba provides file and printer sharing services to SMB/CIFS clients. A denial of service flaw was found in Samba
    last seen2020-06-01
    modified2020-06-02
    plugin id67446
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/67446
    titleOracle Linux 3 / 4 : samba (ELSA-2007-0060)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2007-220.NASL
    description - Thu Nov 16 2006 Jay Fenlason <fenlason at redhat.com> 3.0.24-1.fc6 - New upstream release - Update the -man patch to work with 3.0.24 - This release fixes CVE-2007-0452 Samba smbd denial of service Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id24306
    published2007-02-09
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/24306
    titleFedora Core 6 : samba-3.0.24-1.fc6 (2007-220)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SAMBA-2553.NASL
    descriptionA logic error in the deferred open code can lead to an infinite loop in Samba
    last seen2020-06-01
    modified2020-06-02
    plugin id27427
    published2007-10-17
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/27427
    titleopenSUSE 10 Security Update : samba (samba-2553)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2007-0061.NASL
    descriptionUpdated samba packages that fix a denial of service vulnerability are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Samba provides file and printer sharing services to SMB/CIFS clients. A denial of service flaw was found in Samba
    last seen2020-06-01
    modified2020-06-02
    plugin id25314
    published2007-05-25
    reporterThis script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/25314
    titleRHEL 5 : samba (RHSA-2007:0061)
  • NASL familyMisc.
    NASL idSAMBA_3_0_24.NASL
    descriptionAccording to its version number, the remote Samba server is affected by several flaws : - A denial of service issue occuring if an authenticated attacker sends a large number of CIFS session requests which will cause an infinite loop to occur in the smbd daemon, thus utilizing CPU resources and denying access to legitimate users ; - A remote format string vulnerability that could be exploited by an attacker with write access to a remote share by sending a malformed request to the remote service (this issue only affects installations sharing an AFS file system when the afsacl.so VFS module is loaded) - A remote buffer overflow vulnerability affecting the NSS lookup capability of the remote winbindd daemon
    last seen2020-06-01
    modified2020-06-02
    plugin id24685
    published2007-02-22
    reporterThis script is Copyright (C) 2007-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/24685
    titleSamba < 3.0.24 Multiple Flaws
  • NASL familyMandriva Local Security Checks
    NASL idMANDRAKE_MDKSA-2007-034.NASL
    descriptionA logic error in the deferred open code for smbd may allow an authenticated user to exhaust resources such as memory and CPU on the server by opening multiple CIFS sessions, each of which will normally spawn a new smbd process, and sending each connection into an infinite loop. (CVE-2007-0452) The name of a file on the server
    last seen2020-06-01
    modified2020-06-02
    plugin id24647
    published2007-02-18
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/24647
    titleMandrake Linux Security Advisory : samba (MDKSA-2007:034)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2007-0060.NASL
    descriptionUpdated samba packages that fix a denial of service vulnerability are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. Samba provides file and printer sharing services to SMB/CIFS clients. A denial of service flaw was found in Samba
    last seen2020-06-01
    modified2020-06-02
    plugin id24364
    published2007-02-17
    reporterThis script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/24364
    titleRHEL 3 / 4 : samba (RHSA-2007:0060)
  • NASL familySlackware Local Security Checks
    NASL idSLACKWARE_SSA_2007-038-01.NASL
    descriptionNew samba packages are available for Slackware 10.0, 10.1, 10.2, and 11.0 to fix a denial-of-service security issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id24668
    published2007-02-18
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/24668
    titleSlackware 10.0 / 10.1 / 10.2 / 11.0 : samba (SSA:2007-038-01)

Oval

accepted2013-04-29T04:21:54.520-04:00
classvulnerability
contributors
  • nameAharon Chernin
    organizationSCAP.com, LLC
  • nameDragos Prisaca
    organizationG2, Inc.
definition_extensions
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 3
    ovaloval:org.mitre.oval:def:11782
  • commentCentOS Linux 3.x
    ovaloval:org.mitre.oval:def:16651
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 4
    ovaloval:org.mitre.oval:def:11831
  • commentCentOS Linux 4.x
    ovaloval:org.mitre.oval:def:16636
  • commentOracle Linux 4.x
    ovaloval:org.mitre.oval:def:15990
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 5
    ovaloval:org.mitre.oval:def:11414
  • commentThe operating system installed on the system is CentOS Linux 5.x
    ovaloval:org.mitre.oval:def:15802
  • commentOracle Linux 5.x
    ovaloval:org.mitre.oval:def:15459
descriptionsmbd in Samba 3.0.6 through 3.0.23d allows remote authenticated users to cause a denial of service (memory and CPU exhaustion) by renaming a file in a way that prevents a request from being removed from the deferred open queue, which triggers an infinite loop.
familyunix
idoval:org.mitre.oval:def:9758
statusaccepted
submitted2010-07-09T03:56:16-04:00
titlesmbd in Samba 3.0.6 through 3.0.23d allows remote authenticated users to cause a denial of service (memory and CPU exhaustion) by renaming a file in a way that prevents a request from being removed from the deferred open queue, which triggers an infinite loop.
version27

Redhat

advisories
  • bugzilla
    id225513
    titleCVE-2007-0452 Samba smbd denial of service
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 4 is installed
        ovaloval:com.redhat.rhba:tst:20070304025
      • OR
        • AND
          • commentsamba-client is earlier than 0:3.0.10-1.4E.11
            ovaloval:com.redhat.rhsa:tst:20070060001
          • commentsamba-client is signed with Red Hat master key
            ovaloval:com.redhat.rhsa:tst:20060591004
        • AND
          • commentsamba is earlier than 0:3.0.10-1.4E.11
            ovaloval:com.redhat.rhsa:tst:20070060003
          • commentsamba is signed with Red Hat master key
            ovaloval:com.redhat.rhsa:tst:20060591006
        • AND
          • commentsamba-swat is earlier than 0:3.0.10-1.4E.11
            ovaloval:com.redhat.rhsa:tst:20070060005
          • commentsamba-swat is signed with Red Hat master key
            ovaloval:com.redhat.rhsa:tst:20060591008
        • AND
          • commentsamba-common is earlier than 0:3.0.10-1.4E.11
            ovaloval:com.redhat.rhsa:tst:20070060007
          • commentsamba-common is signed with Red Hat master key
            ovaloval:com.redhat.rhsa:tst:20060591002
    rhsa
    idRHSA-2007:0060
    released2007-02-15
    severityModerate
    titleRHSA-2007:0060: samba security update (Moderate)
  • bugzilla
    id225519
    titleCVE-2007-0452 Samba smbd denial of service
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 5 is installed
        ovaloval:com.redhat.rhba:tst:20070331005
      • OR
        • AND
          • commentsamba-client is earlier than 0:3.0.23c-2.el5.2
            ovaloval:com.redhat.rhsa:tst:20070061001
          • commentsamba-client is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20070061002
        • AND
          • commentsamba-common is earlier than 0:3.0.23c-2.el5.2
            ovaloval:com.redhat.rhsa:tst:20070061003
          • commentsamba-common is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20070061004
        • AND
          • commentsamba is earlier than 0:3.0.23c-2.el5.2
            ovaloval:com.redhat.rhsa:tst:20070061005
          • commentsamba is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20070061006
        • AND
          • commentsamba-swat is earlier than 0:3.0.23c-2.el5.2
            ovaloval:com.redhat.rhsa:tst:20070061007
          • commentsamba-swat is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20070061008
    rhsa
    idRHSA-2007:0061
    released2007-03-14
    severityModerate
    titleRHSA-2007:0061: samba security update (Moderate)
rpms
  • samba-0:3.0.10-1.4E.11
  • samba-0:3.0.9-1.3E.12
  • samba-client-0:3.0.10-1.4E.11
  • samba-client-0:3.0.9-1.3E.12
  • samba-common-0:3.0.10-1.4E.11
  • samba-common-0:3.0.9-1.3E.12
  • samba-debuginfo-0:3.0.10-1.4E.11
  • samba-debuginfo-0:3.0.9-1.3E.12
  • samba-swat-0:3.0.10-1.4E.11
  • samba-swat-0:3.0.9-1.3E.12
  • samba-0:3.0.23c-2.el5.2
  • samba-client-0:3.0.23c-2.el5.2
  • samba-common-0:3.0.23c-2.el5.2
  • samba-debuginfo-0:3.0.23c-2.el5.2
  • samba-swat-0:3.0.23c-2.el5.2

Seebug

bulletinFamilyexploit
descriptionSamba是一套实现SMB(Server Messages Block)协议、跨平台进行文件共享和打印共享服务的程序。 Samba的延迟文件打开机制的实现上存在漏洞,远程攻击者可能利用此漏洞对服务器执行拒绝服务攻击。 Samba的文件服务守护程序smbd支持延迟文件打开调用。在某些环境下重新命名文件时可能没有从延迟的打开队列删除请求,这样smbd就会陷入试图处理打开请求服务的死循环。如果已认证用户打开了多个CIFS会话的话,每个会话都会生成新的smbd进程,每个连接都会陷入死循环,这样就会导致在服务器上耗尽内存和CPU资源。 Samba 3.0.6 - 3.0.23d 厂商补丁: Debian ------ Debian已经为此发布了一个安全公告(DSA-1257-1)以及相应补丁: DSA-1257-1:New samba packages fix several vulnerabilities 链接:<a href="http://www.debian.org/security/2007/dsa-1257" target="_blank">http://www.debian.org/security/2007/dsa-1257</a> 补丁下载: Source archives: <a href="http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge4.dsc" target="_blank">http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge4.dsc</a> Size/MD5 checksum: 1081 e31451e53dc1183440dd1c01f1f4d8bd <a href="http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge4.diff.gz" target="_blank">http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge4.diff.gz</a> Size/MD5 checksum: 115542 122eb7e1092f1664e0988a172dde49ba <a href="http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a.orig.tar.gz" target="_blank">http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a.orig.tar.gz</a> Size/MD5 checksum: 15605851 ebee37e66a8b5f6fd328967dc09088e8 Architecture independent components: <a href="http://security.debian.org/pool/updates/main/s/samba/samba-doc_3.0.14a-3sarge4_all.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/samba-doc_3.0.14a-3sarge4_all.deb</a> Size/MD5 checksum: 12117006 428b452562de4a6d2795884c74174bba Alpha architecture: <a href="http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge4_alpha.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge4_alpha.deb</a> Size/MD5 checksum: 401226 ed1513a6d5dd3a208cf9e84e824576a1 <a href="http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge4_alpha.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge4_alpha.deb</a> Size/MD5 checksum: 659264 5437692a3433b5da9d6f7cca0ae31310 <a href="http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge4_alpha.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge4_alpha.deb</a> Size/MD5 checksum: 1014026 c89075de31bd0c5b369c1f1991faeab4 <a href="http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge4_alpha.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge4_alpha.deb</a> Size/MD5 checksum: 5231866 0ce699ad269ed26e0996326d1a60fdc6 <a href="http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge4_alpha.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge4_alpha.deb</a> Size/MD5 checksum: 3126076 3e9ff19d65e609ae9e318f97ffb3af1a <a href="http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge4_alpha.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge4_alpha.deb</a> Size/MD5 checksum: 2406170 cdd82ccac3caad5faf3870c02ffe64e3 <a href="http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge4_alpha.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge4_alpha.deb</a> Size/MD5 checksum: 20261304 137818bb48718533dd7d253ee8b8a4d2 <a href="http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge4_alpha.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge4_alpha.deb</a> Size/MD5 checksum: 3247978 ee1cb7cd162e40784214c435a1e63a89 <a href="http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge4_alpha.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge4_alpha.deb</a> Size/MD5 checksum: 458542 16e0d4c7545dcafaf3c0e1d80e36e00e <a href="http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge4_alpha.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge4_alpha.deb</a> Size/MD5 checksum: 4222536 9921fbf27e8bb38c7d2e38b7f23ee3b4 <a href="http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge4_alpha.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge4_alpha.deb</a> Size/MD5 checksum: 1822012 14bf0809e5c6405f54ba731c746b9c44 AMD64 architecture: <a href="http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge4_amd64.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge4_amd64.deb</a> Size/MD5 checksum: 380778 0378f51516ff104a740f1a6644d0f9ea <a href="http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge4_amd64.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge4_amd64.deb</a> Size/MD5 checksum: 599290 58a5cd47d9aec39479c7c62d30cf4932 <a href="http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge4_amd64.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge4_amd64.deb</a> Size/MD5 checksum: 795124 20560796c1a287ac736268caa8a0b0e0 <a href="http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge4_amd64.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge4_amd64.deb</a> Size/MD5 checksum: 5197736 c409c5d3c8b275a1536a32b24d664aa7 <a href="http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge4_amd64.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge4_amd64.deb</a> Size/MD5 checksum: 2806656 e305394ee72239cb6443a8a226a92ac5 <a href="http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge4_amd64.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge4_amd64.deb</a> Size/MD5 checksum: 2192500 a77b9ad2c6ab8ec9d22591790e8acf51 <a href="http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge4_amd64.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge4_amd64.deb</a> Size/MD5 checksum: 6480858 46b78f9ea914f53c4886d50b52fc7bd9 <a href="http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge4_amd64.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge4_amd64.deb</a> Size/MD5 checksum: 2865002 eb2a8a1c350b626f7b7bfb6649c404c8 <a href="http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge4_amd64.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge4_amd64.deb</a> Size/MD5 checksum: 410126 b477bb9f6b1dd09946f52aec4fee5ad1 <a href="http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge4_amd64.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge4_amd64.deb</a> Size/MD5 checksum: 4122044 563961794778dfbc28ebebaa35246e66 <a href="http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge4_amd64.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge4_amd64.deb</a> Size/MD5 checksum: 1649816 f89fe53052cc2ac48a257ccb2bd730c0 ARM architecture: <a href="http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge4_arm.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge4_arm.deb</a> Size/MD5 checksum: 340974 b70bba74799a2d21c5c09ea212aa2993 <a href="http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge4_arm.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge4_arm.deb</a> Size/MD5 checksum: 544332 eb0976cd484f2142ae83c1fd58691f26 <a href="http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge4_arm.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge4_arm.deb</a> Size/MD5 checksum: 822300 d4d4861f9d172ce7ce0f6aaff14ffb18 <a href="http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge4_arm.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge4_arm.deb</a> Size/MD5 checksum: 4644696 d0ea3ef433c97a575b83dec2dc78001a <a href="http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge4_arm.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge4_arm.deb</a> Size/MD5 checksum: 2556438 636cf0924bffa5d81bfd905e845c2f08 <a href="http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge4_arm.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge4_arm.deb</a> Size/MD5 checksum: 2008618 ee6a0daeca1b4b9a167f64c8a784fb73 <a href="http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge4_arm.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge4_arm.deb</a> Size/MD5 checksum: 6654330 00b027d23e3c0c5c9320a82c96a4301b <a href="http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge4_arm.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge4_arm.deb</a> Size/MD5 checksum: 2595574 cef0eed3fe5f611faf5561c004b9ec91 <a href="http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge4_arm.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge4_arm.deb</a> Size/MD5 checksum: 375492 5103b1b22eefb9b09cc2801cb97f8b2d <a href="http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge4_arm.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge4_arm.deb</a> Size/MD5 checksum: 4063646 ac89ce6ec4a02db7b89cfd2c6551f53c <a href="http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge4_arm.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge4_arm.deb</a> Size/MD5 checksum: 1482292 953bd5aa649fd1c23109649ca4e64173 HP Precision architecture: <a href="http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge4_hppa.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge4_hppa.deb</a> Size/MD5 checksum: 403440 691603900e6cab414dccb516afeeebc1 <a href="http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge4_hppa.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge4_hppa.deb</a> Size/MD5 checksum: 643320 5329c5914085e9cec652629d270ca835 <a href="http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge4_hppa.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge4_hppa.deb</a> Size/MD5 checksum: 893964 b11f75762493ff460d37a808e2b2cf1c <a href="http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge4_hppa.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge4_hppa.deb</a> Size/MD5 checksum: 5548728 d0a3f7231ea5d2b9fa257188d6b84d46 <a href="http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge4_hppa.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge4_hppa.deb</a> Size/MD5 checksum: 2862788 6a689a7ef4e19a15dee9b9cd9ac5fafe <a href="http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge4_hppa.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge4_hppa.deb</a> Size/MD5 checksum: 2213182 d05600d0ce064b2d625d574f5c8d982a <a href="http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge4_hppa.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge4_hppa.deb</a> Size/MD5 checksum: 6460708 60c9e3b18f95037a946f6007e284b1b6 <a href="http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge4_hppa.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge4_hppa.deb</a> Size/MD5 checksum: 2913120 1076d43282a731e0e2f99945d84700e2 <a href="http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge4_hppa.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge4_hppa.deb</a> Size/MD5 checksum: 416396 8e554e8ccd786e79a570b1bbac043080 <a href="http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge4_hppa.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge4_hppa.deb</a> Size/MD5 checksum: 4134054 97d30ae09c589a860f0ff9868089558e <a href="http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge4_hppa.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge4_hppa.deb</a> Size/MD5 checksum: 1689382 e4a5a4a936131f6b5ad0196653269f01 Intel IA-32 architecture: <a href="http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge4_i386.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge4_i386.deb</a> Size/MD5 checksum: 347608 c1cff601820cae3af4f9ecb3decca718 <a href="http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge4_i386.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge4_i386.deb</a> Size/MD5 checksum: 550154 31131b0fa8f2d3dc62a2bc003927aec8 <a href="http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge4_i386.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge4_i386.deb</a> Size/MD5 checksum: 740546 3232f4931d7f1be55c609c5712f08b90 <a href="http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge4_i386.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge4_i386.deb</a> Size/MD5 checksum: 4752760 91d232207c14b3907370de4d3abae3c2 <a href="http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge4_i386.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge4_i386.deb</a> Size/MD5 checksum: 2522706 201d6bdc9954a6cbfe6e46244201ba3d <a href="http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge4_i386.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge4_i386.deb</a> Size/MD5 checksum: 1988408 1ca854f5c54f2c2980ad54b2ec92025d <a href="http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge4_i386.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge4_i386.deb</a> Size/MD5 checksum: 6640724 568c12f5f79179352f4457ac3dab1f7d <a href="http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge4_i386.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge4_i386.deb</a> Size/MD5 checksum: 2535976 2c8b864145af6ef09e5357e19590cecb <a href="http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge4_i386.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge4_i386.deb</a> Size/MD5 checksum: 371120 4874ebfc6749e3a20fa362f929a14d84 <a href="http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge4_i386.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge4_i386.deb</a> Size/MD5 checksum: 4053316 93a68f15d73d70d49531e3f038f0064a <a href="http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge4_i386.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge4_i386.deb</a> Size/MD5 checksum: 1463906 39d8fd5aa5bfa5aab5aab7db8ce97b5d Intel IA-64 architecture: <a href="http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge4_ia64.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge4_ia64.deb</a> Size/MD5 checksum: 472432 aac440872855901224e388ee45dac72e <a href="http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge4_ia64.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge4_ia64.deb</a> Size/MD5 checksum: 753934 85c019e8227e2931fd729cb62ac50665 <a href="http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge4_ia64.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge4_ia64.deb</a> Size/MD5 checksum: 1034652 c74b21cd97c05b681aca5d08ec8f8aa0 <a href="http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge4_ia64.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge4_ia64.deb</a> Size/MD5 checksum: 6619408 9a2094c8e986950267bf9074aabb0ae1 <a href="http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge4_ia64.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge4_ia64.deb</a> Size/MD5 checksum: 3813628 506e543e9589590bbd18c348e8aa0180 <a href="http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge4_ia64.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge4_ia64.deb</a> Size/MD5 checksum: 2850440 7178b97aae577ed351785a28f48b3e70 <a href="http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge4_ia64.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge4_ia64.deb</a> Size/MD5 checksum: 674122 c2099d20755db4cabd86d2deab150a68 <a href="http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge4_ia64.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge4_ia64.deb</a> Size/MD5 checksum: 3920854 14185f467acf17968637c819bdf02210 <a href="http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge4_ia64.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge4_ia64.deb</a> Size/MD5 checksum: 547152 eef85bdc65848becc46428a862241d14 <a href="http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge4_ia64.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge4_ia64.deb</a> Size/MD5 checksum: 4361464 69df8256e4a6f32cc51e99b7e71cad39 <a href="http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge4_ia64.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge4_ia64.deb</a> Size/MD5 checksum: 2210714 26a6d7bbcde9b6d94f37e53a93f43e17 Motorola 680x0 architecture: <a href="http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge4_m68k.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge4_m68k.deb</a> Size/MD5 checksum: 329520 5c26f2c67be4fdf02ac4cc4a90dd7719 <a href="http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge4_m68k.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge4_m68k.deb</a> Size/MD5 checksum: 520354 7227fbce4ac60790736a4bf0e0363433 <a href="http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge4_m68k.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge4_m68k.deb</a> Size/MD5 checksum: 656118 b605c2a1594bc2548b797490347c5bb2 <a href="http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge4_m68k.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge4_m68k.deb</a> Size/MD5 checksum: 4545606 deb44f02dadf80fcd9ea9a1266014113 <a href="http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge4_m68k.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge4_m68k.deb</a> Size/MD5 checksum: 2220610 8dc5db63f11c8ae1f20b1337e77ee396 <a href="http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge4_m68k.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge4_m68k.deb</a> Size/MD5 checksum: 1780882 dd9d020034d4b9ceac0bb2587418a8c6 <a href="http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge4_m68k.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge4_m68k.deb</a> Size/MD5 checksum: 6327942 d057347dd45bf6493dadc4c406d328c2 <a href="http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge4_m68k.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge4_m68k.deb</a> Size/MD5 checksum: 2232724 ab8038a05eb36ea800d8e98ddf365825 <a href="http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge4_m68k.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge4_m68k.deb</a> Size/MD5 checksum: 334590 a79b1722ed2fab3f9eba7669460b91f6 <a href="http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge4_m68k.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge4_m68k.deb</a> Size/MD5 checksum: 3972970 6b373a2c3825957f6525d15a6ba05439 <a href="http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge4_m68k.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge4_m68k.deb</a> Size/MD5 checksum: 1313454 d66388983a130ec1d9991b501763ea56 Big endian MIPS architecture: <a href="http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge4_mips.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge4_mips.deb</a> Size/MD5 checksum: 356160 7484de7a8284ab6ddae47e724ae6a7ef <a href="http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge4_mips.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge4_mips.deb</a> Size/MD5 checksum: 555498 08325cd44084335c733f9c0bde02ed29 <a href="http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge4_mips.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge4_mips.deb</a> Size/MD5 checksum: 820722 881f8071b36312ed45bb948a3c72ad71 <a href="http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge4_mips.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge4_mips.deb</a> Size/MD5 checksum: 4665362 86a8b6c3125e7e29f3ff7a3640963d90 <a href="http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge4_mips.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge4_mips.deb</a> Size/MD5 checksum: 2775198 add7d625463c96ccb0f1b17e44d7bca6 <a href="http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge4_mips.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge4_mips.deb</a> Size/MD5 checksum: 2155060 fbc5686e4c623cf23c18258feaa88c4b <a href="http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge4_mips.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge4_mips.deb</a> Size/MD5 checksum: 6759830 0b3a11a201ae83355b023d2ba22865f2 <a href="http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge4_mips.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge4_mips.deb</a> Size/MD5 checksum: 2821434 3c65aee1a03207c4da9e4d40e6b7e263 <a href="http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge4_mips.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge4_mips.deb</a> Size/MD5 checksum: 411852 324a48ccfcda0afccfb984e4d7d4400e <a href="http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge4_mips.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge4_mips.deb</a> Size/MD5 checksum: 4104204 1e8841164dcf2ac6f3a3fa41765f04e4 <a href="http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge4_mips.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge4_mips.deb</a> Size/MD5 checksum: 1603728 c41db51a3c9a8956f732433ea863ff06 Little endian MIPS architecture: <a href="http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge4_mipsel.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge4_mipsel.deb</a> Size/MD5 checksum: 355038 05f0538f36a166df80edccd2e93271aa <a href="http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge4_mipsel.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge4_mipsel.deb</a> Size/MD5 checksum: 553240 c0e4c6f349fd2c5823ce881929709927 <a href="http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge4_mipsel.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge4_mipsel.deb</a> Size/MD5 checksum: 812406 ce897754afd819ffdfa9708101432083 <a href="http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge4_mipsel.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge4_mipsel.deb</a> Size/MD5 checksum: 4650708 d00c4533ce9ace8496487130b576c1ed <a href="http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge4_mipsel.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge4_mipsel.deb</a> Size/MD5 checksum: 2776248 a2ab4b8f8791559c9bddec150768a3d1 <a href="http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge4_mipsel.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge4_mipsel.deb</a> Size/MD5 checksum: 2151968 5b191ff77d2efd41f3beac75cecd46d5 <a href="http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge4_mipsel.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge4_mipsel.deb</a> Size/MD5 checksum: 6573742 ad800c87bf87a70e393c1b52a9de187e <a href="http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge4_mipsel.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge4_mipsel.deb</a> Size/MD5 checksum: 2816574 94a2650bd6cec6017328255a6df4dc99 <a href="http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge4_mipsel.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge4_mipsel.deb</a> Size/MD5 checksum: 410616 c00e6fdfb03f37a269e8151ce4572675 <a href="http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge4_mipsel.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge4_mipsel.deb</a> Size/MD5 checksum: 4102650 7e5582f238d7bbf7bf8e6eecad3b91ed <a href="http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge4_mipsel.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge4_mipsel.deb</a> Size/MD5 checksum: 1601364 f4d11e09cd8bff88d9e758f042d693e3 PowerPC architecture: <a href="http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge4_powerpc.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge4_powerpc.deb</a> Size/MD5 checksum: 367782 c1166ddce4f4f2ba32b673365e468848 <a href="http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge4_powerpc.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge4_powerpc.deb</a> Size/MD5 checksum: 590926 9dedaaa1ac5ddb8522a173bec7323fc8 <a href="http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge4_powerpc.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge4_powerpc.deb</a> Size/MD5 checksum: 736584 b0e18455cdf3fffcf91b9d780432865f <a href="http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge4_powerpc.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge4_powerpc.deb</a> Size/MD5 checksum: 5009404 8cddf499eb4827333943e2ed8434a81e <a href="http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge4_powerpc.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge4_powerpc.deb</a> Size/MD5 checksum: 2771992 88f9ddbe66b31c8806d92bf6db32f118 <a href="http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge4_powerpc.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge4_powerpc.deb</a> Size/MD5 checksum: 2153756 b3b6fb9aaeaa21ddfd0cc218eef4f2c6 <a href="http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge4_powerpc.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge4_powerpc.deb</a> Size/MD5 checksum: 6855234 6c13b994999d952c0d314ddb82603cb7 <a href="http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge4_powerpc.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge4_powerpc.deb</a> Size/MD5 checksum: 2824232 34eba62b6c4d48bdc085365c2cf67024 <a href="http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge4_powerpc.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge4_powerpc.deb</a> Size/MD5 checksum: 406282 1b59265f16d0f5e55d2752fc8c56438a <a href="http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge4_powerpc.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge4_powerpc.deb</a> Size/MD5 checksum: 4112216 328a45403859379597177fe49211453a <a href="http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge4_powerpc.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge4_powerpc.deb</a> Size/MD5 checksum: 1612316 9466fef0279933554d2e94a8a23428cb IBM S/390 architecture: <a href="http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge4_s390.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge4_s390.deb</a> Size/MD5 checksum: 385558 9f020f95c1e598c42fabdb9f08216dec <a href="http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge4_s390.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge4_s390.deb</a> Size/MD5 checksum: 603630 aa06ffa728ca348574e82abb70e6e644 <a href="http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge4_s390.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge4_s390.deb</a> Size/MD5 checksum: 796258 bcb70fc7b4bd9307d5ba53e635e2e29a <a href="http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge4_s390.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge4_s390.deb</a> Size/MD5 checksum: 5282646 b1738dc01a023d62a08291db2b5e010e <a href="http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge4_s390.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge4_s390.deb</a> Size/MD5 checksum: 2723342 77fa5179bba1cd7275291dd4906ac90a <a href="http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge4_s390.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge4_s390.deb</a> Size/MD5 checksum: 2122412 316a93147dab42dcfeefe69b524993b7 <a href="http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge4_s390.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge4_s390.deb</a> Size/MD5 checksum: 6831846 21177adfb613f01d997a99b7cd9b524d <a href="http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge4_s390.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge4_s390.deb</a> Size/MD5 checksum: 2773144 aff4d52d118fe59fcd1302c38bf91e8a <a href="http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge4_s390.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge4_s390.deb</a> Size/MD5 checksum: 404192 62175fb579eabb6c2d37efa26b7be76e <a href="http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge4_s390.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge4_s390.deb</a> Size/MD5 checksum: 4091974 64f9851fdd14be08220445d44121c185 <a href="http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge4_s390.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge4_s390.deb</a> Size/MD5 checksum: 1613030 b6ad9509a1af7621a0cf7b775b89f763 Sun Sparc architecture: <a href="http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge4_sparc.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge4_sparc.deb</a> Size/MD5 checksum: 355466 e8aa06b90abceddce818839f6d2def17 <a href="http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge4_sparc.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge4_sparc.deb</a> Size/MD5 checksum: 560884 f2f8ebfea16880ef9f1ddeab3e867c6a <a href="http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge4_sparc.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge4_sparc.deb</a> Size/MD5 checksum: 795240 d5d428d728ce78ab9688febd670e1d1b <a href="http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge4_sparc.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge4_sparc.deb</a> Size/MD5 checksum: 4861930 24d262774c8fde4d1287311b5492c0cb <a href="http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge4_sparc.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge4_sparc.deb</a> Size/MD5 checksum: 2520686 f138f0b15a7c6c9317bdcf205eac4140 <a href="http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge4_sparc.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge4_sparc.deb</a> Size/MD5 checksum: 1977974 cff11e6d984d96b08323542033f65893 <a href="http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge4_sparc.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge4_sparc.deb</a> Size/MD5 checksum: 6344260 45888fe47ec5a613a491f63707392ed6 <a href="http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge4_sparc.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge4_sparc.deb</a> Size/MD5 checksum: 2539818 146dfe8c85cf825664393e40eef4a58d <a href="http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge4_sparc.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge4_sparc.deb</a> Size/MD5 checksum: 371444 ec8c1179fe00fe47babce07744a6a296 <a href="http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge4_sparc.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge4_sparc.deb</a> Size/MD5 checksum: 4049508 e2c949808a6634702dd8ff7bbaf727c2 <a href="http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge4_sparc.deb" target="_blank">http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge4_sparc.deb</a> Size/MD5 checksum: 1476048 fb4619e500d82ab10a5e8e24cc44cefb 补丁安装方法: 1. 手工安装补丁包: 首先,使用下面的命令来下载补丁软件: # wget url (url是补丁下载链接地址) 然后,使用下面的命令来安装补丁: # dpkg -i file.deb (file是相应的补丁名) 2. 使用apt-get自动安装补丁包: 首先,使用下面的命令更新内部数据库: # apt-get update 然后,使用下面的命令安装更新软件包: # apt-get upgrade Samba ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: <a href="http://samba.org/samba/ftp/patches/security/samba-3.0.23d-CVE-2007-0452.patch" target="_blank">http://samba.org/samba/ftp/patches/security/samba-3.0.23d-CVE-2007-0452.patch</a>
idSSV:1372
last seen2017-11-19
modified2007-02-07
published2007-02-07
reporterRoot
titleSamba延迟CIFS文件打开拒绝服务漏洞

References