CVE-2014-3493 samba: smbd unicode path names denial of service

CVE ID

CVE-2014-3493

DESCRIPTION

It was discovered that smbd, the Samba file server daemon, did not properly handle certain files that were stored on the disk and used a valid Unicode character in the file name. An attacker able to send an authenticated non-Unicode request that attempted to read such a file could cause smbd to crash.

RESOLUTION

  • CentOS6 Unitrends' appliances (physical and/or virtual), fixed with Unitrends software release-10.3.8-4. Please upgrade to latest version.
  • CentOS7 Unitrends' appliances (physical and/or virtual) was patched for this CVE since its first release version.

LINK TO ADVISORIES

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Contact us