CVE-2007-5904 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2007-5904
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-5904

Description: Multiple buffer overflows in CIFS VFS in Linux kernel 2.6.23 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long SMB responses that trigger the overflows in the SendReceive function.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/38450 UBUNTU http://www.ubuntu.com/usn/usn-618-1 SUSE http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00007.html http://www.novell.com/linux/security/advisories/2007_63_kernel.html http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html ST 1019612 SAID Secunia Advisory: SA29570 Secunia Advisory: SA29387 Secunia Advisory: SA29245 Secunia Advisory: SA28643 Secunia Advisory: SA28826 Secunia Advisory: SA27888 Secunia Advisory: SA27912 Secunia Advisory: SA27666 Secunia Advisory: SA30769 Secunia Advisory: SA30818 REDHAT http://www.redhat.com/support/errata/RHSA-2008-0089.html http://www.redhat.com/support/errata/RHSA-2008-0167.html MLIST http://marc.info/?l=linux-kernel&m=119457447724276&w=2 http://marc.info/?l=linux-kernel&m=119455843205403&w=2 DEBIAN http://www.debian.org/security/2007/dsa-1428 CONFIRM http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0048 http://git.kernel.org/?p=linux/kernel/git/sfrench/cifs-2.6.git;a=commitdiff;h=133672efbc1085f9af990bdc145e1822ea93bcf3 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/487808/100/0/threaded BID 26438

Return to the previous page.