Debian Information for VU#457622

Samba QFILEPATHINFO handling routine contains a remotely exploitable buffer overflow


Not Affected

Vendor Statement

The stable Debian GNU/Linux distribution is not affected since it doesn't contain Samba 3 packages. The unstable Debian distribution is unaffected since it has Samba 3.0.8 packaged. For the testing distribution (sarge) the packages from unstable will migrate as soon as they are built on all architectures.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References



The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.