| The Vigil@nce team watches vulnerabilities impacting your computers, and then offers solutions, a database and tools to correct them. |
|
 |
|
|
|
vulnerability note CVE-2012-0817
Samba: memory leak of smbd
Synthesis of the vulnerability
| An attacker can connect several times to smbd, so it progressively uses its memory, which leads to a denial of service. |
Severity: 2/4.
Creation date: 30/01/2012.
|
Impacted products
Description of the vulnerability
When a client connects to the smbd daemon of Samba, it memorizes its name.
In order to do so, it allocates a memory area where to store the name (sub_peeraddr and sconn->client_id.name). However, this memory area is never freed.
An attacker can therefore connect several times to smbd, so it progressively uses its memory, which leads to a denial of service. |
Share this bulletin
Complete Vigil@nce bulletin
Characteristics
Title: Samba: memory leak of smbd.
Keywords: Samba client_id leak memory smbd sub_peeraddr.
Identifiers: 8724, BID-51713, CERTA-2012-AVI-038, CVE-2012-0817, FEDORA-2012-1098, SUSE-SU-2012:0515-1, VIGILANCE-VUL-11324.
|
Information sources
Solutions for this vulnerability
Supplements
Computer vulnerabilities tracking service
Vigil@nce provides computers vulnerabilities announces. The Vigil@nce vulnerability database contains several thousand vulnerabilities. Each administrator can customize the list of products for which he wants to receive vulnerability alerts. The technology watch team tracks security threats targeting the computer system.
|
