Vigil@nce - Samba: two vulnerabilities
July 2014 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can use several vulnerabilities of Samba.
– Impacted products: Debian, Fedora, openSUSE, Samba, Slackware,
Ubuntu
– Severity: 2/4
– Creation date: 23/06/2014
DESCRIPTION OF THE VULNERABILITY
Several vulnerabilities were announced in Samba.
An attacker can generate an infinite loop in nmbd, in order to
trigger a denial of service. [severity:2/4; CVE-2014-0244]
An attacker can access to a file with a Unicode name, in order to
trigger a denial of service of smbd. [severity:1/4; CVE-2014-3493]
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Samba-two-vulnerabilities-14924