Samba could allow an attacker to cause a denial of service.
A vulnerability has been announced in Samba that could allow an attacker to cause a denial of service.
Samba, is a free implementation that allows you to run the file sharing protocol Microsoft for systems UNIX so that, in this way, teams with systems GNU / Linux, MacOS o Unix in general they can be part of the network of shared directories of Windows.
Well, Youzhong yang e Ira Cooper discovered a serious vulnerability caused by a bug in the daemon smbd by not freeing up memory when handling connection requests, even if they are unsuccessful due to bad authentication. The serious thing is that an attacker on the local network could exploit this vulnerability to exhaust memory and increase the use of the system's CPU, causing a denial of service by sending a large number of connection requests in the purest style of Anonymous.
The vulnerability, identified as CVE-2012-0817, it affects Samba versions 3.6.0 to 3.6.2. so it is very important to download version 3.6.3, as well as the patches for the other versions that correct the vulnerability explained above: http://www.samba.org/samba/security/
Further information:
CVE-2012-0817 - Memory leak / Denial of Service
http://www.samba.org/samba/security/CVE-2012-0817
Samba 3.6.3 Available for Download
Thanks for the information.
Good information. Anyway, from what I have read it is only dangerous at the local network level. New users are not going to be alarmed, Linux is still very safe. Besides they will have already corrected it.