Re: SSRT3536 Potential Security Vulnerability in CIFS/9000 Server

Berlene Herren · ‎04-09-2003

CIFS Server version A.01.09.02 and prior may allow modified
SMB/CIFS messages to cause smbd to overwrite portions of its
own process address space. This could potentially be
exploited to gain root access remotely.

See
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0304-254

Although having similar descriptions, this is a
different vulnerability from that described in
HPSBUX0303-251:
SSRT3509 Potential Security Vulnerability in CIFS/9000 Server
Using the fix described in this bulletin will correct
both vulnerabilities.

Berlene

http://www.mindspring.com/~bkherren/dobes/index.htm

Stefan Pendl · ‎04-10-2003

Hi,
European users should use
http://www4.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0304-254

Please include the european link in every post of links to the american/pacific ITRC.

---
Stefan

Programing is fun.

Berlene Herren · ‎04-10-2003

I think I will post the pertinent parts of the bulletin, along with the bulletin ID. That should cover it, right?

Berlene

http://www.mindspring.com/~bkherren/dobes/index.htm

Steven E. Protter · ‎04-16-2003

How do I know when I'm posting links whether or not Europe can see them or not?

SEP

Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com

Geoff Wild · ‎04-16-2003

Any idea when the next major release of the CIFS/9000 Server will happen?

Current Source Samba is version 2.2.8a.

I would like to see HP up to 2.2.7a minimum....

Rgds...Geoff

Proverbs 3:5,6 Trust in the Lord with all your heart and lean not on your own understanding; in all your ways acknowledge him, and he will make all your paths straight.

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: SSRT3536 Potential Security Vulnerability in CIFS/9000 Server

SSRT3536 Potential Security Vulnerability in CIFS/9000 Server