.:[ packet storm ]:.
                         
education is not a crime
education is not a crime

 ///  File Name:MDVSA-2010-141.txt
Description:
Mandriva Linux Security Advisory 2010-141 - The chain_reply function in process.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to cause a denial of service via a Negotiate Protocol request with a certain 0x0003 field value followed by a Session Setup AndX request with a certain 0x8003 field value. The reply_sesssetup_and_X_spnego function in sesssetup.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to trigger an out-of-bounds read, and cause a denial of service (process crash), via a \\xff\\xff security blob length in a Session Setup AndX request. The updated packages provides samba 3.4.8 which is not vulnerable to these issues.
Author:Mandriva
Homepage:http://www.mandriva.com/security/
File Size:5981
Related CVE(s):CVE-2010-1635, CVE-2010-1642
Last Modified:Jul 27 21:20:06 2010
MD5 Checksum:61476c47e396c1762c6244eb9488a6f5

 .:. Back
 

 ///  Last 10 Files
  1. :· OIG_10-111_Aug10.pdf
  2. :· USN-978-1.txt
  3. :· USN-975-1.txt
  4. :· USN-985-1.txt
  5. :· ESA-2010-016.txt
  6. :· ESA-2010-015.txt
  7. :· ESA-2010-014.txt
  8. :· dsa-2106-1.txt
  9. :· fbsdpseudofs-nullpointer.txt
  10. :· cisco-sa-20100908-wlc.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· USN-978-1.txt
  2. :· USN-975-1.txt
  3. :· USN-985-1.txt
  4. :· ESA-2010-016.txt
  5. :· ESA-2010-015.txt
  6. :· ESA-2010-014.txt
  7. :· dsa-2106-1.txt
  8. :· fbsdpseudofs-nullpointer.txt
  9. :· cisco-sa-20100908-wlc.txt
  10. :· HPSBMA02574-SSRT100038.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· moaub-msoffice.txt
  2. :· moaub-sirang.txt
  3. :· adobe_cooltype_sing.rb.txt
  4. :· java_rmi_connection_impl.rb.txt
  5. :· fbsdpmap-racecondition.txt
  6. :· ZSL-2010-4963.txt
  7. :· zenphoto-sqlxss.txt
  8. :· openjournalsystem-xss.txt
  9. :· fcms-sql.txt
  10. :· enanocms-sql.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· DnsSpoofer.zip
  2. :· netrecon-1.78.tgz
  3. :· iexploder-1.7.tgz
  4. :· openca-tools-1.3.0.tar.gz
  5. :· malware_check_tool-1.2.zip
  6. :· hyenae-0.35-2.tar.gz
  7. :· joomlascan.tgz
  8. :· openscap-0.6.2.tar.gz
  9. :· suricata-1.0.2.tar.gz
  10. :· cvechecker-0.5.tar.gz
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· OIG_10-111_Aug10.pdf
  2. :· ieee-1394-forensics.pdf
  3. :· itsecteam_shell.zip
  4. :· encfs-1.7.2.tgz
  5. :· pbania-jit-mitigations2010.pdf
  6. :· pam_shield-0.9.4.tar.gz
  7. :· armbinsh-shellcode.txt
  8. :· path-attacks.txt
  9. :· checksum-shellcode.txt
  10. :· nullconGoa2011-CFP.txt
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice