Date: 31 January 2012
Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT Security Bulletin
ASB-2012.0013
A vulnerability in Samba allows memory leak and denial of service
31 January 2012
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Samba
Operating System: UNIX variants (UNIX, Linux, OSX)
Impact/Access: Denial of Service -- Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2012-0817
Member content until: Thursday, March 1 2012
OVERVIEW
Updated versions of Samba have been released to fix a vulnerability
that allowed a memory leak and denial of service.
IMPACT
Samba has released the following information on this vulnerability:
"The Samba smbd daemon that listens for incoming connections leaks
a small amount of memory on every connection attempt. Although this
is a small leak, it happens on every connection even without successful
authentication. Thus an attacker can simply loop making connection
requests and cause the listening daemon to ever increase in size.
Eventually the server process will grow enough to either cause memory
allocations in other processes to fail, or be killed by the system
as part of its out of memory protection. Either way, denial of service
would be achieved." [1]
MITIGATION
Samba has released version 3.6.3 resolve this issue. [2]
It is expected that vendors who package samba will update their
packages shortly to incorporate this fix.
REFERENCES
[1] Samba - CVE-2012-0817
http://www.samba.org/samba/security/CVE-2012-0817
[2] Samba 3.6.3 Available for Download
http://www.samba.org/samba/history/samba-3.6.3.html
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBTyeA++4yVqjM2NGpAQJ9oRAAt9EoFamNJ6bO7EhnuZ84TZ9sRS2qrVZ8
VUiG5i9X1bBdAkorfilQ+Eleewm8+xLQuIWDETIH/9So14gViB6SKr/qihi0Sahv
xnnfh3A3K4XqGnYeyZQufVYiSvrWqL8Nzbpe/w52RMmKCaMbwQU8vhxU2NcAZfy+
+DWXdqpVnJDaCkdqJ9aklHgnjt5XYExkLsCbuexmeJ2zgBW+YYt5lelWqLyFdCHo
3VyZsrv6TjmguaaD/Fp1qYm/O1pP/x1Mtb+wWJVQezzxAV/lr+0DJtKEZ8h+fkHt
XtIk23sfubEKjDpyXUQ1ijWfMP160tMCMcUoCxQb/Q8GFxUm7TrUQaXRNFPAaI68
ToarRGdwHTz58dQXOSU2WXYpAfgrpEbPdRrPWn6Drnvcxaov4Oh8TnGSCJh6T0OX
USgH/zy3TVjZTuxNivbOd+fGP84vw1yHit0YBrO3ei/hN7m/Z7DMpf6QNqX5cBSC
cWdMowPJhEkgP/OX/+IXAlu27S60pPCZvs8dSz55F/UfDRDWsTE432s9FE6W++8I
am/BzIWrILOn5Ql2c8nfuOe7su1ZaoT8LwYBPSRQyo3h+UDUEe0QqSOFXj361D/b
+Sk3VxNK3Z165+pl78cWBcrB8VLcUJg1yjJhAYr1qhc5ZsYaNQ8VNMM/wqcT6Nf0
4zMhdq3hJRQ=
=NDw6
-----END PGP SIGNATURE-----
|