About Ubuntu

=========================================================== Ubuntu Security Notice USN-314-1 July 12, 2006 samba vulnerability CVE-2006-3403 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.04 Ubuntu 5.10 Ubuntu 6.06 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 5.04: samba 3.0.10-1ubuntu3.1 Ubuntu 5.10: samba 3.0.14a-6ubuntu1.1 Ubuntu 6.06 LTS: samba 3.0.22-1ubuntu3.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: The Samba security team reported a Denial of Service vulnerability in the handling of information about active connections. In certain circumstances an attacker could continually increase the memory usage of the smbd process by issuing a large number of share connection requests. By draining all available memory, this could be exploited to render the remote Samba server unusable.