Users of Samba please be advised of a Critical security update fix arbitrary code execution vulnerability that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)
Amplify’d from www.criticalwatch.com
RHSA-2010:0860-02: [RHSA-2010:0860-02] Critical: samba security update
Product: Red Hat Enterprise Linux
Description:
Samba is a suite of programs used by machines to share files, printers, and
other information.
A missing array boundary checking flaw was found in the way Samba parsed
the binary representation of Windows security identifiers (SIDs). A
malicious client could send a specially-crafted SMB request to the Samba
server, resulting in arbitrary code execution with the privileges of the
Samba server (smbd). (CVE-2010-3069)
Users of Samba are advised to upgrade to these updated packages, which
correct this issue. After installing this update, the smb service will be
restarted automatically.
Read more at www.criticalwatch.com
See this Amp at http://bit.ly/aEgDf9
No comments:
Post a Comment