- Related Stories
-
Flaws drill holes in open-source repository
May 19, 2004 -
Samba steps up Linux/Windows connection
September 25, 2003 -
Samba flaw threatens Linux file servers
April 7, 2003
The two relatively minor flaws could crash or make unresponsive systems running version 3 of Samba, an open-source software package that allows Windows files and printers to be shared by Unix and Linux systems.
The flaws, known as denial-of-service vulnerabilities, basically could be used to disconnect Samba servers from the network by either overrunning the computer's memory to such an extent that it cannot function or by sending a specially crafted network request that would crash the NetBIOS function.
"We have not had any reports in the wild of these" flaws being used by attackers, said Gerald Carter, a member of the Samba Team.
The Samba open-source software project has had its share of flaws since version 3.0 was published a year ago, including two vulnerabilities announced in July and another vulnerability reported in February. The current release, 3.0.7, fixes the two denial-of-service issues. The flaws do not affect versions of the software prior to 3.0.
Security information provider Secunia rated the flaws "less critical," that company's second-lowest grading of threats.
- More from News.com on this story's topics
Security
Unix
Open source
Linux
Microsoft Windows
Hacking
Viruses and worms
See more CNET content tagged:
Samba,
SAMBA Server,
denial of service,
Linux system,
flaw
Dell Studio Laptop $799
I guess this could affect intranets where you don't trust all your internal people not to do bad things or where they might catch viruses that specifically target flaws like this.