You are here: silicon.com > Hardware > Servers

Servers

Samba servers vulnerable to denial-of-service attacks

Unix and Linux patch released

Printer Friendly Email Story RSS

By Robert Lemos

Published: 15 September 2004 08:50 BST

The Samba Team have released a patch to fix two flaws that could result in disruptions for networks using the widely installed Unix and Linux software.

The two relatively minor flaws could crash or make unresponsive systems running version 3 of Samba, an open-source software package that allows Windows files and printers to be shared by Unix and Linux systems.

The flaws, known as denial-of-service vulnerabilities, basically could be used to disconnect Samba servers from the network by either overrunning the computer's memory to such an extent that it cannot function or by sending a specially crafted network request that would crash the NetBIOS function.

"We have not had any reports in the wild of these" flaws being used by attackers, said Gerald Carter, a member of the Samba Team.

The Samba open-source software project has had its share of flaws since version 3.0 was published a year ago, including two vulnerabilities announced in July and another vulnerability reported in February. The current release, 3.0.7, fixes the two denial-of-service issues. The flaws do not affect versions of the software prior to 3.0.

Security information provider Secunia rated the flaws "less critical," that company's second-lowest grading of threats.

Robert Lemos writes for CNET News.com

Add Comment Add comment  Printer Friendly Print story with   Email Story Email story  
In
Desktops

Servers

PDAs

Storage


Related Links

Linux preloaded: HP shows off first open source laptop

Leaked HP memo shows Microsoft plan to scupper Linux

New Samba flaw compromises Linux servers

Apple struggles to fix critical glitch

Two new WMF flaws emerge

  1. Zones
  2. Management
  3. Networks
  4. Software
  5. IT Services
  6. Hardware
  1. Verticals
  2. Public Sector
  3. Financial Services
  4. Retail & Leisure

silicon.com Dear silicon.com... ZX Spectrum nostalgia, Mac attack, tag a bag… Reader Comments of the Week

Steve Ranger Editor's Blog: Home computing from Acorn, Amiga and Amstrad, to the ZX Spectrum Nostalgia 2.0...

Whitehall IT to be carbon neutral by 2020

Steve Ballmer on a future in the cloud

Google: Server efficiency needs different approach

Forecasting tech blows away stormy weather

Apple: The future of home tech

EC backs tech for green future


  • Jobs
Senior C++ Programmer

As the ideal candidate you WILL need proven hard-core C++ Programming experience within the Investment Banking sector, with proven exposure to Front ...

System Administrators/ Unix/ Linux/ TCP/IP/ Scripting/ 24/7/ London

System Administrators/ Unix/ Linux/ TCP/IP/ Scripting/ DNS/ DHCP/ TCP/IP/ 24/7 Are you technology focused? Are you an experienced Linux system ...

WEB APPLICATIONS ADMINISTRATOR (SOAP, REST, JAVA, C, C++, C#, PYTHON, PERL, UNIX/LINUX)- Cambridge, South East

WEB APPLICATIONS ADMINISTRATOR (SOAP, REST, JAVA, C, C++, C#, PYTHON, PERL, UNIX/LINUX)- Cambridge, South East The EBI is currently running web ...

CIO50 2008
The silicon.com CIO50 2008 profiles the most influential and innovative tech chiefs in the UK across all industries and organisation size, from the biggest FTSE100 companies to high growth dot-com start ups and the public sector. The list was voted on by the UK CIO community and a panel of experts. Find out more in our latest special report.

Law firm gets SaaSy with email security

Taylor Woodrow heads for the cloud

College classrooms go high-tech

Momentum Webcast: Assessment and Deployment Best Practices for Windows Vista (Level...

Momentum Webcast: Moving Forward With Windows Vista SP1 (Level 100)

Microsoft Office System Webcast: Tips and Tricks for Office 2008 for Mac: Incredible...

Microsoft Office System Webcast: Compatibility Tips for Office 2008 for Mac and the...

Stories from the web...


Peter Cochrane's Video Blog: For whom the bell tolls

60-Second Pitch: FMC

Peter Cochrane's Video Blog: Power outrage


The £500k hunt for missing HMRC discs

Beeb appoints new iPlayer chief

Indian outsource giants feeling the pinch

Has Barclays stamped out fraud with PINsentry?

Number of free ATMs to increase by a third




Quick Sitemap Links: