[GLSA-200409-14] Samba: Remote printing vulnerability
Medium Nessus Plugin ID 14695
SynopsisThe remote host is missing the GLSA-200409-14 security update.
DescriptionThe remote host is affected by the vulnerability described in GLSA-200409-14 (Samba: Remote printing vulnerability)
Due to a bug in the printer_notify_info() function, authorized users could potentially crash the Samba server by sending improperly handled print change notification requests in an invalid order. Windows XP SP2 clients can trigger this behavior by sending a FindNextPrintChangeNotify() request before previously sending a FindFirstPrintChangeNotify() request.
A remote authorized user could potentially crash a Samba server after issuing these out of sequence requests.
There is no known workaround at this time.
SolutionAll Samba users should upgrade to the latest version:
# emerge sync # emerge -pv ">=net-fs/samba-3.0.6" # emerge ">=net-fs/samba-3.0.6"