Two local vulnerabilities have been discovered in samba, a SMB/CIFS file, print, and login server for Unix. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-3297 Ronald Volgers discovered that a race condition in mount.cifs allows local users to mount remote filesystems over arbitrary mount points. CVE-2010-0547 Jeff Layton discovered that missing input sanitising in mount.cifs allows denial of service by corrupting /etc/mtab. For the stable distribution (lenny), these problems have been fixed in version 2:3.2.5-4lenny9. For the unstable distribution (sid), these problems have been fixed in version 2:3.4.5~dfsg-2. We recommend that you upgrade your samba packages.
Two local vulnerabilities have been discovered in samba, a SMB/CIFS file, print, and login server for Unix. The Common Vulnerabilities and Exposures project identifies the following problems:
Ronald Volgers discovered that a race condition in mount.cifs allows local users to mount remote filesystems over arbitrary mount points.
Jeff Layton discovered that missing input sanitising in mount.cifs allows denial of service by corrupting /etc/mtab.
For the stable distribution (lenny), these problems have been fixed in version 2:3.2.5-4lenny9.
For the unstable distribution (sid), these problems have been fixed in version 2:3.4.5~dfsg-2.
We recommend that you upgrade your samba packages.
MD5 checksums of the listed files are available in the original advisory.