Samba Memory Leak Local Denial Of Service Vulnerability

Bugtraq ID:	51713
Class:	Design Error
CVE:	CVE-2012-0817
Remote:	No
Local:	Yes
Published:	Jan 30 2012 12:00AM
Updated:	Apr 16 2015 05:43PM
Credit:	Youzhong Yang and Ira Cooper
Vulnerable:	SuSE SUSE Linux Enterprise Server for VMware 11 SP2 + Linux kernel 2.6.5 SuSE SUSE Linux Enterprise Server 11 SP2 + Linux kernel 2.6.5 SuSE SUSE Linux Enterprise SDK 11 SP2 SuSE SUSE Linux Enterprise Desktop 11 SP2 + Linux kernel 2.6.5 Samba Samba 3.6.2 Samba Samba 3.6.1 Samba Samba 3.6
Not Vulnerable:	Samba Samba 3.6.3

Samba Memory Leak Local Denial Of Service Vulnerability

Samba is prone to a local denial-of-service vulnerability.

A local attacker can exploit this issue to exhaust available memory, denying access to legitimate users.

The vulnerability affects Samba versions 3.6.0 through 3.6.2.

Samba Memory Leak Local Denial Of Service Vulnerability

Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Samba Memory Leak Local Denial Of Service Vulnerability

Solution:
Updates are available. Please see the references for more information.

Samba Memory Leak Local Denial Of Service Vulnerability

References:

• CVE-2012-0817:Memory leak/Denial of service (Samba)
  
• Samba Homepage (Samba)