Koozali.org: home of the SME Server

Legacy Forums => Experienced User Forum => Topic started by: joshua b on March 24, 2003, 10:44:22 PM

Title: SANS advisory
Post by: joshua b on March 24, 2003, 10:44:22 PM

Any information on the Samba hole listed in the latest Sans advisory?
Specifically: Samba SMB?CIFS Packet Reassembly Buffer Overflow.
It effects versions 2.0.x to 2.2.7a.  My 5.6 Update 2 server is running 2.2.5.

What about the OpenSSL advisory, Versions 0.9.7a and 0.9.6i.  Oops, 5.6 appears to have 0.9.6b.  I guess it's not vulnerable.

Thanks,

Joshua b

Title: Re: SANS advisory
Post by: Bill Talcott on March 24, 2003, 10:51:03 PM

This one?

http://forums.contribs.org/index.php?topic=7125.msg25905#msg25905

Title: Re: SANS advisory
Post by: joshua b on March 24, 2003, 11:08:33 PM

Yes that's the one.  Thanks for the pointer.

Joshua b