Upstream information

CVE-2008-6800 at MITRE

Description

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is not a security issue. It was originally created based on one vendor's misinterpretation of an upstream changelog comment that referred to a race condition in the winbind daemon (aka winbindd) in Samba before 3.0.32. The upstream vendor states: "The Samba Team sees no way to exploit this race condition by a user of the system or an external attacker. In order to be able to trigger the race condition a privileged user (root) need to intentionally kill a winbind child process and carefully time the killing to trigger the race condition. Although, if the user is already privileged, it can more easily just kill the parent process directly." CVE concurs with the dispute. Notes: CVE users should not use this identifier.

SUSE information

Overall state of this security issue: Ignore

This issue is currently rated as having important severity.

SUSE Bugzilla entry: 502093 [RESOLVED / WONTFIX]

No SUSE Security Announcements cross referenced.