IBM Information for VU#267873

Samba contains multiple buffer overflows

Status

Affected

Vendor Statement

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

The AIX Toolbox for Linux ships with Samba.

Security fixes for the issues discussed in CERT Vulnerability Note
VU#267873 have been incorporated into Samba 2.2.7-4 and is available for
download from:

     ftp://ftp.software.ibm.com/aix/freeSoftware/aixtoolbox/RPMS/
     ppc/samba/samba-2.2.7-4.aix4.3.ppc.rpm

Note that the URL given spans two lines.

This download also contains fixes for the issues discussed in CERT
Vulnerability Note VU#298233

Please note these items are shipped "as is" and are unwarranted.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (MingW32)

iD8DBQE+lIBlcnMXzUg7txIRApmHAKCSlysEH5U3Ibs6cInZbqBhUrabTgCfWmJp
zCwi/cRcKLx8JzXDy6JJVwo=
=/OXU
-----END PGP SIGNATURE-----

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.