CVE-2011-1678

Name of the Vulnerable Software and Affected Versions samba versions prior to 3.5.15 samba-3.5.6 samba-winbind-devel-3.5.6 samba-winbind-clients-3.5.6 samba-common-3.5.6 samba-domainjoin-gui-3.5.6 cifs-utils-4.8.1 samba-debuginfo-3.5.6 samba-doc-3.5.6 samba-client-3.5.6 libsmbclient-devel-3.5.6 samba-winbind-3.5.6 samba-winbind-krb5-locator-3.5.6 samba-swat-3.5.6 libsmbclient-3.5.6 cifs-utils-debuginfo-4.8.1

Description The issue affects the samba package in various Linux operating systems, including Red Hat Enterprise Linux and Gentoo Linux. Multiple vulnerabilities have been identified, which can be exploited remotely to compromise the confidentiality, integrity, and availability of protected information. The vulnerabilities can be triggered by exploiting weaknesses in the samba package, allowing attackers to disrupt the normal functioning of the system. The issue is related to the handling of resource limits, which can lead to corruption of system files.

Recommendations For samba versions prior to 3.5.15, update to version 3.5.15 or later. For samba-3.5.6 and related packages, update to a version that is not affected by the vulnerabilities. As a temporary workaround, consider restricting access to the vulnerable samba packages until a patch is available. Avoid using the mount.cifs and umount.cifs commands with small RLIMIT FSIZE values to prevent corruption of the /etc/mtab file. Restrict access to the /etc/mtab and /etc/mtab.tmp files to minimize the risk of exploitation.