FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2011-0719

This CVE name corresponds to:

Entered Topic
2011-06-21 Samba -- Denial of service - memory corruption

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2011-0719 at cve.mitre.org

Details

Type Candidate
Name CVE-2011-0719
Phase Assigned(20110131)

Description

Samba 3.x before 3.3.15, 3.4.x before 3.4.12, and 3.5.x before 3.5.7 does not perform range checks for file descriptors before use of the FD_SET macro, which allows remote attackers to cause a denial of service (stack memory corruption, and infinite loop or daemon crash) by opening a large number of files, related to (1) Winbind or (2) smbd.

References

Source Reference
CONFIRM http://samba.org/samba/security/CVE-2011-0719.html
CONFIRM http://www.samba.org/samba/history/samba-3.3.15.html
CONFIRM http://www.samba.org/samba/history/samba-3.4.12.html
CONFIRM http://www.samba.org/samba/history/samba-3.5.7.html
CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=678328
CONFIRM http://support.apple.com/kb/HT4723
APPLE APPLE-SA-2011-06-23-1
DEBIAN DSA-2175
FEDORA FEDORA-2011-3118
FEDORA FEDORA-2011-3120
HP HPSBUX02657
HP SSRT100460
MANDRIVA MDVSA-2011:038
REDHAT RHSA-2011:0305
REDHAT RHSA-2011:0306
SLACKWARE SSA:2011-059-01
UBUNTU USN-1075-1
BID 46597
SECTRACK 1025132
SECUNIA 43512
SECUNIA 43482
SECUNIA 43503
SECUNIA 43517
SECUNIA 43556
SECUNIA 43557
SECUNIA 43843
VUPEN ADV-2011-0517
VUPEN ADV-2011-0518
VUPEN ADV-2011-0519
VUPEN ADV-2011-0520
VUPEN ADV-2011-0522
VUPEN ADV-2011-0541
VUPEN ADV-2011-0702
XF samba-fdset-dos(65724)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.