Bug 35546

Summary: samba: Buffer overflow (3.2)
Product: UCS Reporter: Moritz Muehlenhoff <jmm>
Component: Security updatesAssignee: Janek Walkenhorst <walkenhorst>
Status: CLOSED FIXED QA Contact: Arvid Requate <requate>
Severity: normal    
Priority: P5 CC: walkenhorst
Version: UCS 3.2   
Target Milestone: UCS 3.2-2-errata   
Hardware: Other   
OS: Linux   
What kind of report is it?: --- What type of bug is this?: ---
Who will be affected by this bug?: --- How will those affected feel about the bug?: ---
User Pain: Enterprise Customer affected?:
School Customer affected?: ISV affected?:
Waiting Support: Flags outvoted (downgraded) after PO Review:
Ticket number: Bug group (optional):
Max CVSS v3 score:

Description Moritz Muehlenhoff univentionstaff 2014-08-01 14:21:56 CEST 
o  CVE-2014-3560:
   All current versions of Samba 4.x.x are vulnerable to a remote code
   execution vulnerability in the nmbd NetBIOS name services daemon.

   A malicious browser can send packets that may overwrite the heap of
   the target nmbd NetBIOS name services daemon. It may be possible to
   use this to generate a remote code execution vulnerability as the
   superuser (root).
Comment 1 Moritz Muehlenhoff univentionstaff 2014-08-01 14:24:13 CEST 
https://www.samba.org/samba/security/CVE-2014-3560
Comment 2 Janek Walkenhorst univentionstaff 2014-08-04 12:25:22 CEST 
Patch applied, Advisory: 2014-08-04-samba.yaml
Comment 3 Arvid Requate univentionstaff 2014-08-04 15:28:23 CEST 
Ok:
 * samba built in errata3.2-2 with the patch applied.
 * patch identical to upstream
 * ucs-test -s samba4 and samba-common ok
 * Advisory Ok.
Comment 4 Janek Walkenhorst univentionstaff 2014-08-04 16:22:21 CEST 
http://errata.univention.de/ucs/3.2/156.html