lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <3F4B54F1.9B4B2353@daac.gsfc.nasa.gov>
Date: Tue, 26 Aug 2003 08:39:13 -0400
From: Michael Berganski <bergansk@...data.gsfc.nasa.gov>
To: bugzilla@...hat.com
Cc: redhat-watch-list@...hat.com, bugtraq@...urityfocus.com,
   full-disclosure@...ts.netsys.com
Subject: Re: [RHSA-2003:261-01] Updated pam_smb packages fix remote buffer
 overflow.


The pam_smb packages is not in the upgarde directory
ftp://updates.redhat.com/9/en/os/i386/


bugzilla@...hat.com wrote:
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> - ---------------------------------------------------------------------
>                    Red Hat Security Advisory
> 
> Synopsis:          Updated pam_smb packages fix remote buffer overflow.
> Advisory ID:       RHSA-2003:261-01
> Issue date:        2003-08-26
> Updated on:        2003-08-26
> Product:           Red Hat Linux
> Keywords:
> Cross references:
> Obsoletes:
> CVE Names:         CAN-2003-0686
> - ---------------------------------------------------------------------
> 
> 1. Topic:
> 
> Updated pam_smb packages are now available which fix a security
> vulnerability (buffer overflow).
> 
> 2. Relevant releases/architectures:
> 
> Red Hat Linux 7.2 - i386, ia64
> Red Hat Linux 7.3 - i386
> Red Hat Linux 8.0 - i386
> Red Hat Linux 9 - i386
> 
> 3. Problem description:
> 
> The pam_smb module is a pluggable authentication module (PAM) used to
> authenticate users using an external Server Message Block (SMB) server.
> 
> A buffer overflow vulnerability has been found that affects unpatched
> versions of pam_smb up to and including 1.1.6.
> 
> On systems that use pam_smb and are configured to authenticate a
> remotely accessible service, an attacker can exploit this bug and
> remotely execute arbitrary code. The Common Vulnerabilities and Exposures
> project (cve.mitre.org) has assigned the name CAN-2003-0686 to this issue.
> 
> Red Hat Linux versions 7.2, 7.3, 8.0, and 9 ship with versions of pam_smb
> that are vulnerable to this issue, however pam_smb is not enabled by default.
> 
> Users of pam_smb are advised to upgrade to these erratum packages, which
> contain a patch to version 1.1.6 to correct this issue.
> 
> Red Hat would like to thank Dave Airlie of the Samba team for notifying us
> of this issue.
> 
> 4. Solution:
> 
> Before applying this update, make sure all previously released errata
> relevant to your system have been applied.
> 
> To update all RPMs for your particular architecture, run:
> 
> rpm -Fvh [filenames]
> 
> where [filenames] is a list of the RPMs you wish to upgrade.  Only those
> RPMs which are currently installed will be updated.  Those RPMs which are
> not installed but included in the list will not be updated.  Note that you
> can also use wildcards (*.rpm) if your current directory *only* contains the
> desired RPMs.
> 
> Please note that this update is also available via Red Hat Network.  Many
> people find this an easier way to apply updates.  To use Red Hat Network,
> launch the Red Hat Update Agent with the following command:
> 
> up2date
> 
> This will start an interactive process that will result in the appropriate
> RPMs being upgraded on your system.
> 
> 5. RPMs required:
> 
> Red Hat Linux 7.2:
> 
> SRPMS:
> ftp://updates.redhat.com/7.2/en/os/SRPMS/pam_smb-1.1.6-9.7.src.rpm
> 
> i386:
> ftp://updates.redhat.com/7.2/en/os/i386/pam_smb-1.1.6-9.7.i386.rpm
> 
> ia64:
> ftp://updates.redhat.com/7.2/en/os/ia64/pam_smb-1.1.6-9.7.ia64.rpm
> 
> Red Hat Linux 7.3:
> 
> SRPMS:
> ftp://updates.redhat.com/7.3/en/os/SRPMS/pam_smb-1.1.6-9.7.src.rpm
> 
> i386:
> ftp://updates.redhat.com/7.3/en/os/i386/pam_smb-1.1.6-9.7.i386.rpm
> 
> Red Hat Linux 8.0:
> 
> SRPMS:
> ftp://updates.redhat.com/8.0/en/os/SRPMS/pam_smb-1.1.6-9.8.src.rpm
> 
> i386:
> ftp://updates.redhat.com/8.0/en/os/i386/pam_smb-1.1.6-9.8.i386.rpm
> 
> Red Hat Linux 9:
> 
> SRPMS:
> ftp://updates.redhat.com/9/en/os/SRPMS/pam_smb-1.1.6-9.9.src.rpm
> 
> i386:
> ftp://updates.redhat.com/9/en/os/i386/pam_smb-1.1.6-9.9.i386.rpm
> 
> 6. Verification:
> 
> MD5 sum                          Package Name
> - --------------------------------------------------------------------------
> fd60d4b954d24b50901f5d8034246619 7.2/en/os/SRPMS/pam_smb-1.1.6-9.7.src.rpm
> 98f57da32415dec75f43bbe57165cc62 7.2/en/os/i386/pam_smb-1.1.6-9.7.i386.rpm
> 5e0ecb7ec7e24de6efc32ad8f439d0ff 7.2/en/os/ia64/pam_smb-1.1.6-9.7.ia64.rpm
> fd60d4b954d24b50901f5d8034246619 7.3/en/os/SRPMS/pam_smb-1.1.6-9.7.src.rpm
> 98f57da32415dec75f43bbe57165cc62 7.3/en/os/i386/pam_smb-1.1.6-9.7.i386.rpm
> 2e399b4016dac855bc3e01056c23a244 8.0/en/os/SRPMS/pam_smb-1.1.6-9.8.src.rpm
> 8cb3feb19dd74abfb582546235ee9718 8.0/en/os/i386/pam_smb-1.1.6-9.8.i386.rpm
> 5e31c7774d44716e4bc14f5d11eb54db 9/en/os/SRPMS/pam_smb-1.1.6-9.9.src.rpm
> 11b99a275c316e57a3fdb68ab63c90f4 9/en/os/i386/pam_smb-1.1.6-9.9.i386.rpm
> 
> These packages are GPG signed by Red Hat for security.  Our key is
> available from https://www.redhat.com/security/keys.html
> 
> You can verify each package with the following command:
> 
>     rpm --checksig -v <filename>
> 
> If you only wish to verify that each package has not been corrupted or
> tampered with, examine only the md5sum with the following command:
> 
>     md5sum <filename>
> 
> 7. References:
> 
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0686
> 
> 8. Contact:
> 
> The Red Hat security contact is <secalert@...hat.com>.  More contact
> details at https://www.redhat.com/solutions/security/news/contact.html
> 
> Copyright 2003 Red Hat, Inc.
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.0.7 (GNU/Linux)
> 
> iD8DBQE/S1GlXlSAg2UNWIIRAhA1AKCwFpItixgKVX6IaAcv0lf1d7HOrwCfUfX6
> +jzALWi6v6ykRHXavDVx4JI=
> =VaAR
> -----END PGP SIGNATURE-----
> 
> _______________________________________________
> Redhat-watch-list mailing list
> To unsubscribe, visit: https://www.redhat.com/mailman/listinfo/redhat-watch-list

-- 















-----------------------------------------------------------------+
 Michael R. Berganski 						        	
 Science Systems Applications, Inc (SSAI)				 
 NASA's Goddard Space Flight Center						 
 Code 902/Distributed Active Archive Center  PHONE: (301) 614-5281		 
 Bldg32, Rm.N126-A                           FAX:   (301) 614-5304		 
 Greenbelt, MD 20771-0001						
 Email: bergansk@...c.gsfc.nasa.gov					
-----------------------------------------------------------------+

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ