[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20041118140826.GA1760@box79162.elkhouse.de>
Date: Thu, 18 Nov 2004 15:08:27 +0100
From: Martin Pitt <martin.pitt@...onical.com>
To: ubuntu-security-announce@...ts.ubuntu.com
Cc: full-disclosure@...ts.netsys.com, bugtraq@...urityfocus.com
Subject: [USN-29-1] samba vulnerability
===========================================================
Ubuntu Security Notice USN-29-1 November 18, 2004
samba vulnerability
CAN-2004-0882
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 4.10 (Warty Warthog)
The following packages are affected:
samba
The problem can be corrected by upgrading the affected package to
version 3.0.7-1ubuntu6.2. In general, a standard system upgrade is
sufficient to effect the necessary changes.
Details follow:
During an audit of the Samba 3.x code base Stefan Esser discovered a
Unicode file name buffer overflow within the handling of
TRANSACT2_QFILEPATHINFO replies. A malicious samba user with write
access to a share could exploit this by creating specially crafted
path names (files with very long names containing Unicode characters)
that would overflow an internal buffer and could lead to remote
execution of arbitrary code with the privileges of the samba server.
Since the samba server usually (by default) runs as root, this flaw
can lead to privilege escalation and unbounded system compromise.
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.7-1ubuntu6.2.diff.gz
Size/MD5: 287793 5fe703b1046fd5243fa69b6fa6d07294
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.7-1ubuntu6.2.dsc
Size/MD5: 937 eab645e2ffeb3ffeda2938989f483c48
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.7.orig.tar.gz
Size/MD5: 15012667 5906341429e64214909865a4be92e4ab
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-doc_3.0.7-1ubuntu6.2_all.deb
Size/MD5: 11604214 141fc27096df90fb5f26b7166a3c9d6c
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/universe/s/samba/libpam-smbpass_3.0.7-1ubuntu6.2_amd64.deb
Size/MD5: 370230 99101e2e61e368dc01179cb7dc2c0133
http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.0.7-1ubuntu6.2_amd64.deb
Size/MD5: 761668 e741cc9ab62203deb7280c7433f69706
http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.0.7-1ubuntu6.2_amd64.deb
Size/MD5: 574786 89ae7e66ce905ace97188609e440bde5
http://security.ubuntu.com/ubuntu/pool/main/s/samba/python2.3-samba_3.0.7-1ubuntu6.2_amd64.deb
Size/MD5: 5013524 52f73085749169d113930486f59cbfaf
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.0.7-1ubuntu6.2_amd64.deb
Size/MD5: 2089114 f1e43445204746bf37edf2ec41e4295b
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.7-1ubuntu6.2_amd64.deb
Size/MD5: 2664486 eb3e05dcc644fb38bc73b0b9d8e0881a
http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.0.7-1ubuntu6.2_amd64.deb
Size/MD5: 2708734 184bf98f0408a4697850aa6919ebe4ef
http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.0.7-1ubuntu6.2_amd64.deb
Size/MD5: 360962 7efd7e60f4932c7274a9dca4c6bfff7c
http://security.ubuntu.com/ubuntu/pool/universe/s/samba/swat_3.0.7-1ubuntu6.2_amd64.deb
Size/MD5: 4026780 ddce360a66fd3e0caf65fccb007b0d18
http://security.ubuntu.com/ubuntu/pool/universe/s/samba/winbind_3.0.7-1ubuntu6.2_amd64.deb
Size/MD5: 1526042 f828ee46913e27507bab3886d82435c3
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/universe/s/samba/libpam-smbpass_3.0.7-1ubuntu6.2_i386.deb
Size/MD5: 326852 c9629245ccda89fb9b1dda883879d54b
http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.0.7-1ubuntu6.2_i386.deb
Size/MD5: 686568 e42aa1a2af130297903b93f9e3e8ca2c
http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.0.7-1ubuntu6.2_i386.deb
Size/MD5: 509556 7d8076adf8c3eaac60b09ff27bacd911
http://security.ubuntu.com/ubuntu/pool/main/s/samba/python2.3-samba_3.0.7-1ubuntu6.2_i386.deb
Size/MD5: 4414116 c04dabf99c10f32a3e9b799e52eda22b
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.0.7-1ubuntu6.2_i386.deb
Size/MD5: 1835048 ce3604ef73e2d5fb4e7914cdd9050d8f
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.7-1ubuntu6.2_i386.deb
Size/MD5: 2297606 b7e572d19fd4049bf320afdc77c3a6c9
http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.0.7-1ubuntu6.2_i386.deb
Size/MD5: 2300214 5383d4fee5aa87876ac5051593955873
http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.0.7-1ubuntu6.2_i386.deb
Size/MD5: 308746 1b624b3e4f6e19c3282bd5ac6696d646
http://security.ubuntu.com/ubuntu/pool/universe/s/samba/swat_3.0.7-1ubuntu6.2_i386.deb
Size/MD5: 3938366 46e2ae30a1e9dd7dbbdca463bcb9dd1f
http://security.ubuntu.com/ubuntu/pool/universe/s/samba/winbind_3.0.7-1ubuntu6.2_i386.deb
Size/MD5: 1298980 bf1f086f3baacf18e1def88b2de59c37
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/universe/s/samba/libpam-smbpass_3.0.7-1ubuntu6.2_powerpc.deb
Size/MD5: 356040 4a139f0d03c2c58101009b020f5cd86f
http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.0.7-1ubuntu6.2_powerpc.deb
Size/MD5: 705486 c79dca16882996739bc326c4e49eef0d
http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.0.7-1ubuntu6.2_powerpc.deb
Size/MD5: 565886 021b551094f41419085bd536f3478719
http://security.ubuntu.com/ubuntu/pool/main/s/samba/python2.3-samba_3.0.7-1ubuntu6.2_powerpc.deb
Size/MD5: 4809436 df7c43f27708fd1f0b714a42e62d11c9
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.0.7-1ubuntu6.2_powerpc.deb
Size/MD5: 2044050 2fe8c9c72849c23f4352be940897bc92
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.7-1ubuntu6.2_powerpc.deb
Size/MD5: 2619354 74a5ae3af513b9ebd4b3fe99f7ac4271
http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.0.7-1ubuntu6.2_powerpc.deb
Size/MD5: 2655304 9ac5438f2b4514df4c3e8adde4f6aec6
http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.0.7-1ubuntu6.2_powerpc.deb
Size/MD5: 353196 16b68de329667642f9520e81fff7ecee
http://security.ubuntu.com/ubuntu/pool/universe/s/samba/swat_3.0.7-1ubuntu6.2_powerpc.deb
Size/MD5: 4015742 68b4ddb082fa1756c18d7b244e5a0a5f
http://security.ubuntu.com/ubuntu/pool/universe/s/samba/winbind_3.0.7-1ubuntu6.2_powerpc.deb
Size/MD5: 1481436 53bd882613f2853683f39d48843cf4fc
Download attachment "signature.asc" of type "application/pgp-signature" (190 bytes)
Powered by blists - more mailing lists