IBM Information for VU#298233

Samba contains buffer overflow in SMB/CIFS packet fragment reassembly code

Status

Affected

Vendor Statement

The AIX Toolbox for Linux ships with Samba.

Security fixes for the issues discussed in CERT Vulnerability Note VU#298233 have been incorporated into Samba 2.2.7-4 and is available for download from:


This download also contains fixes for the issues discussed in CERT Vulnerability Note VU#267873.

Please note these items are shipped "as is" and are unwarranted.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.