FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

samba -- multiple vulnerabilities

Affected packages
samba36 < 3.6.24
samba4 < 4.0.19
samba41 < 4.1.9

Details

VuXML ID 6ad309d9-fb03-11e3-bebd-000c2980a9f3
Discovery 2014-06-23
Entry 2014-06-23

The samba project reports:

A malformed packet can cause the nmbd server to loop the CPU and prevent any further NetBIOS name service.

Valid unicode path names stored on disk can cause smbd to crash if an authenticated client attempts to read them using a non-unicode request.

References

CVE Name CVE-2014-0244
CVE Name CVE-2014-3493
URL https://www.samba.org/samba/security/CVE-2014-0244
URL https://www.samba.org/samba/security/CVE-2014-3493