lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <E1G0B9A-0006qT-D6@mercury.mandriva.com>
Date: Mon, 10 Jul 2006 23:51:00 -0600
From: security@...driva.com
To: bugtraq@...urityfocus.com
Subject: [ MDKSA-2006:120 ] - Updated samba packages fix DoS vulnerability



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2006:120
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : samba
 Date    : July 10, 2006
 Affected: 10.2, 2006.0, Corporate 3.0
 _______________________________________________________________________
 
 Problem Description:
 
 A vulnerability in samba 3.0.x was discovered where an attacker could
 cause a single smbd process to bloat, exhausting memory on the system.
 This bug is caused by continually increasing the size of an array which
 maintains state information about the number of active share
 connections.
 
 Updated packages have been patched to correct this issue.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3403
 http://www.samba.org/samba/security/CAN-2006-3403.html
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 10.2:
 3eb4f4fe83862cc464bec94f345b1205  10.2/RPMS/libsmbclient0-3.0.13-2.1.102mdk.i586.rpm
 20257c42dc31bfa2c7528e7033485aeb  10.2/RPMS/libsmbclient0-devel-3.0.13-2.1.102mdk.i586.rpm
 4abbb93b864aec424b863085e4cd17fe  10.2/RPMS/libsmbclient0-static-devel-3.0.13-2.1.102mdk.i586.rpm
 54c14b19aeda54fb096766938dcd7ba0  10.2/RPMS/mount-cifs-3.0.13-2.1.102mdk.i586.rpm
 6a718136f97f343c1673e9e82aa6685c  10.2/RPMS/nss_wins-3.0.13-2.1.102mdk.i586.rpm
 e0f0ca5db168dbec2ee78c47b04d4dfe  10.2/RPMS/samba-client-3.0.13-2.1.102mdk.i586.rpm
 aca4da8c53f090b9e41bd95690d95a27  10.2/RPMS/samba-common-3.0.13-2.1.102mdk.i586.rpm
 80c6725741baa3386e8d15a552a2e5aa  10.2/RPMS/samba-doc-3.0.13-2.1.102mdk.i586.rpm
 ef137687ddad3bee055d6d3870e74db8  10.2/RPMS/samba-passdb-mysql-3.0.13-2.1.102mdk.i586.rpm
 226357f0e98fa1c3b8abe17a23d1f715  10.2/RPMS/samba-passdb-pgsql-3.0.13-2.1.102mdk.i586.rpm
 80a8107ea3f020bc930ecde070aefb61  10.2/RPMS/samba-passdb-xml-3.0.13-2.1.102mdk.i586.rpm
 e2d6e9fa08e770f08171d75dd1079d5a  10.2/RPMS/samba-server-3.0.13-2.1.102mdk.i586.rpm
 62043615a61aa9424cee64634f6f8d95  10.2/RPMS/samba-smbldap-tools-3.0.13-2.1.102mdk.i586.rpm
 b76512984b8268a6c1d6474dd623c405  10.2/RPMS/samba-swat-3.0.13-2.1.102mdk.i586.rpm
 21f24f6b6d4ba6ebdaf259c9ad2ff894  10.2/RPMS/samba-vscan-clamav-3.0.13-2.1.102mdk.i586.rpm
 268ecfc08e5cd02ec69b2c3df9a79e3c  10.2/RPMS/samba-vscan-icap-3.0.13-2.1.102mdk.i586.rpm
 469c6f7ac18bb3f3e963b15d6ddb218b  10.2/RPMS/samba-winbind-3.0.13-2.1.102mdk.i586.rpm
 3cfae3f4e389c05b161fc03447fe8ea1  10.2/SRPMS/samba-3.0.13-2.1.102mdk.src.rpm

 Mandriva Linux 10.2/X86_64:
 1cabdda84ee642347b89b39f9b20647f  x86_64/10.2/RPMS/lib64smbclient0-3.0.13-2.1.102mdk.x86_64.rpm
 ac3ed439d87acb15e3c2e29c43a6c15c  x86_64/10.2/RPMS/lib64smbclient0-devel-3.0.13-2.1.102mdk.x86_64.rpm
 62220c9ea9b521ae9255351f9d2e9a72  x86_64/10.2/RPMS/lib64smbclient0-static-devel-3.0.13-2.1.102mdk.x86_64.rpm
 3eb4f4fe83862cc464bec94f345b1205  x86_64/10.2/RPMS/libsmbclient0-3.0.13-2.1.102mdk.i586.rpm
 20257c42dc31bfa2c7528e7033485aeb  x86_64/10.2/RPMS/libsmbclient0-devel-3.0.13-2.1.102mdk.i586.rpm
 4abbb93b864aec424b863085e4cd17fe  x86_64/10.2/RPMS/libsmbclient0-static-devel-3.0.13-2.1.102mdk.i586.rpm
 e3ee798596a4c1a3986046100967082d  x86_64/10.2/RPMS/mount-cifs-3.0.13-2.1.102mdk.x86_64.rpm
 f7cc4e909f28d48b265c11be4ea910d7  x86_64/10.2/RPMS/nss_wins-3.0.13-2.1.102mdk.x86_64.rpm
 4740a0c21ac308c552611a5ee347c72a  x86_64/10.2/RPMS/samba-client-3.0.13-2.1.102mdk.x86_64.rpm
 6115c746181eaeb5c0d1d507c116a6db  x86_64/10.2/RPMS/samba-common-3.0.13-2.1.102mdk.x86_64.rpm
 ff054b178cff6c783fc730ca9c6ada5f  x86_64/10.2/RPMS/samba-doc-3.0.13-2.1.102mdk.x86_64.rpm
 c6e65bf57165bdc7f438e92ec9bd7823  x86_64/10.2/RPMS/samba-passdb-mysql-3.0.13-2.1.102mdk.x86_64.rpm
 abf978ba0e1a53d0bc7c9938787d57f5  x86_64/10.2/RPMS/samba-passdb-pgsql-3.0.13-2.1.102mdk.x86_64.rpm
 8d3dcc5cfd15c7401bd0c1835b2ede77  x86_64/10.2/RPMS/samba-passdb-xml-3.0.13-2.1.102mdk.x86_64.rpm
 47c818ab47d1a18e3fe2bdc44d7c3916  x86_64/10.2/RPMS/samba-server-3.0.13-2.1.102mdk.x86_64.rpm
 0d64c5d745416788db5c1e879f04ae03  x86_64/10.2/RPMS/samba-smbldap-tools-3.0.13-2.1.102mdk.x86_64.rpm
 fb96a98a1ec0fa08001e0ecb155bb243  x86_64/10.2/RPMS/samba-swat-3.0.13-2.1.102mdk.x86_64.rpm
 06d7c44374d9ba8cde7077da3d6908c7  x86_64/10.2/RPMS/samba-vscan-clamav-3.0.13-2.1.102mdk.x86_64.rpm
 d7349d986a8b2b602c2c74d405571c27  x86_64/10.2/RPMS/samba-vscan-icap-3.0.13-2.1.102mdk.x86_64.rpm
 a7b8792e6ee53529f84dbb2c42431396  x86_64/10.2/RPMS/samba-winbind-3.0.13-2.1.102mdk.x86_64.rpm
 3cfae3f4e389c05b161fc03447fe8ea1  x86_64/10.2/SRPMS/samba-3.0.13-2.1.102mdk.src.rpm

 Mandriva Linux 2006.0:
 b639e531c8aa76a45bb4fd7fc0c9d08f  2006.0/RPMS/libsmbclient0-3.0.20-3.1.20060mdk.i586.rpm
 21d7c1bcdae8ba923815557a265aed8c  2006.0/RPMS/libsmbclient0-devel-3.0.20-3.1.20060mdk.i586.rpm
 2922f2ad71b836793477e9774962ab81  2006.0/RPMS/libsmbclient0-static-devel-3.0.20-3.1.20060mdk.i586.rpm
 b1950669d6c9988067d98f80d3ed9f05  2006.0/RPMS/mount-cifs-3.0.20-3.1.20060mdk.i586.rpm
 ad230ddd398f550ec0c5b56b8a0c7af9  2006.0/RPMS/nss_wins-3.0.20-3.1.20060mdk.i586.rpm
 f74482cc4bba045eecd6302878e5cd98  2006.0/RPMS/samba-client-3.0.20-3.1.20060mdk.i586.rpm
 1988d3cb187321c59f0ffd583089cdf2  2006.0/RPMS/samba-common-3.0.20-3.1.20060mdk.i586.rpm
 7c3130bec18d3ca0d75b8acf724871ac  2006.0/RPMS/samba-doc-3.0.20-3.1.20060mdk.i586.rpm
 73402f8d15a49c079c1c374a1a3926b7  2006.0/RPMS/samba-passdb-mysql-3.0.20-3.1.20060mdk.i586.rpm
 fe7d3ceac2df5a79853759b4b9eb8f21  2006.0/RPMS/samba-passdb-pgsql-3.0.20-3.1.20060mdk.i586.rpm
 cc4cb9b9eda79cc7d2ebbbe1eca8d098  2006.0/RPMS/samba-passdb-xml-3.0.20-3.1.20060mdk.i586.rpm
 00602cff731083e2477f3a78ae69c9e4  2006.0/RPMS/samba-server-3.0.20-3.1.20060mdk.i586.rpm
 58337068762956f952cd8dde7dbed638  2006.0/RPMS/samba-smbldap-tools-3.0.20-3.1.20060mdk.i586.rpm
 39aadf73c4aff1c9e90cf5a9bd883ce0  2006.0/RPMS/samba-swat-3.0.20-3.1.20060mdk.i586.rpm
 b4055e2c5247be3762da9baa912c69f8  2006.0/RPMS/samba-vscan-clamav-3.0.20-3.1.20060mdk.i586.rpm
 bf5619e50e6603faf8c6b62f823a7c3b  2006.0/RPMS/samba-vscan-icap-3.0.20-3.1.20060mdk.i586.rpm
 b823e686c69c157bf640209611700e74  2006.0/RPMS/samba-winbind-3.0.20-3.1.20060mdk.i586.rpm
 f573ef27d6ae8fce9cd2451371d00f2c  2006.0/SRPMS/samba-3.0.20-3.1.20060mdk.src.rpm

 Mandriva Linux 2006.0/X86_64:
 b8246df3c55f97343bc04dfe77733fc5  x86_64/2006.0/RPMS/lib64smbclient0-3.0.20-3.1.20060mdk.x86_64.rpm
 d0c721a3523d3718e1e78ade2665b728  x86_64/2006.0/RPMS/lib64smbclient0-devel-3.0.20-3.1.20060mdk.x86_64.rpm
 9c9852254610c810932013dd19917de8  x86_64/2006.0/RPMS/lib64smbclient0-static-devel-3.0.20-3.1.20060mdk.x86_64.rpm
 b639e531c8aa76a45bb4fd7fc0c9d08f  x86_64/2006.0/RPMS/libsmbclient0-3.0.20-3.1.20060mdk.i586.rpm
 21d7c1bcdae8ba923815557a265aed8c  x86_64/2006.0/RPMS/libsmbclient0-devel-3.0.20-3.1.20060mdk.i586.rpm
 2922f2ad71b836793477e9774962ab81  x86_64/2006.0/RPMS/libsmbclient0-static-devel-3.0.20-3.1.20060mdk.i586.rpm
 7b1644dda9a0e0fc61e2553a16c3227f  x86_64/2006.0/RPMS/mount-cifs-3.0.20-3.1.20060mdk.x86_64.rpm
 d05b51b91f6956ce210254b8140e1dff  x86_64/2006.0/RPMS/nss_wins-3.0.20-3.1.20060mdk.x86_64.rpm
 f6a100b3426487ecaf1402d0f13fe2c6  x86_64/2006.0/RPMS/samba-client-3.0.20-3.1.20060mdk.x86_64.rpm
 b924d9378647d7854b9a1fe7d4cbcacb  x86_64/2006.0/RPMS/samba-common-3.0.20-3.1.20060mdk.x86_64.rpm
 70fe3749aa34cf856a238854c4a8ffba  x86_64/2006.0/RPMS/samba-doc-3.0.20-3.1.20060mdk.x86_64.rpm
 e41a7d5cd9ec6113d9cdfa6e5f6824db  x86_64/2006.0/RPMS/samba-passdb-mysql-3.0.20-3.1.20060mdk.x86_64.rpm
 112d3d019065f29c8ccab1bed7e24ff9  x86_64/2006.0/RPMS/samba-passdb-pgsql-3.0.20-3.1.20060mdk.x86_64.rpm
 d25dd65d363d8412df0907c36af667bb  x86_64/2006.0/RPMS/samba-passdb-xml-3.0.20-3.1.20060mdk.x86_64.rpm
 f00babb6d600c46d81315ef2ea05c253  x86_64/2006.0/RPMS/samba-server-3.0.20-3.1.20060mdk.x86_64.rpm
 e371858956f729e8b1d8020b4b929d10  x86_64/2006.0/RPMS/samba-smbldap-tools-3.0.20-3.1.20060mdk.x86_64.rpm
 456d9ed7f29dc686b8803888058dbdd8  x86_64/2006.0/RPMS/samba-swat-3.0.20-3.1.20060mdk.x86_64.rpm
 cc428a83917f6bee4381ac29673c338e  x86_64/2006.0/RPMS/samba-vscan-clamav-3.0.20-3.1.20060mdk.x86_64.rpm
 9f4f4c7e4ad64b3c38fcb9644e6ca217  x86_64/2006.0/RPMS/samba-vscan-icap-3.0.20-3.1.20060mdk.x86_64.rpm
 2dab89ab81536b0b32af36468271e192  x86_64/2006.0/RPMS/samba-winbind-3.0.20-3.1.20060mdk.x86_64.rpm
 f573ef27d6ae8fce9cd2451371d00f2c  x86_64/2006.0/SRPMS/samba-3.0.20-3.1.20060mdk.src.rpm

 Corporate 3.0:
 4490da65fef66f064a59282b7da68621  corporate/3.0/RPMS/libsmbclient0-3.0.14a-6.2.C30mdk.i586.rpm
 5d2f6de8c701a826f214600c8dde0528  corporate/3.0/RPMS/libsmbclient0-devel-3.0.14a-6.2.C30mdk.i586.rpm
 d06d370c2816e6eaf15d97a5c7560519  corporate/3.0/RPMS/libsmbclient0-static-devel-3.0.14a-6.2.C30mdk.i586.rpm
 3f4512e20d14ffd6c49ad6574913770c  corporate/3.0/RPMS/mount-cifs-3.0.14a-6.2.C30mdk.i586.rpm
 7b6264fbeb301b7c73a5ae7c74ddacfc  corporate/3.0/RPMS/nss_wins-3.0.14a-6.2.C30mdk.i586.rpm
 3e372468edf4ba40c6e16c6e6744ea0e  corporate/3.0/RPMS/samba-client-3.0.14a-6.2.C30mdk.i586.rpm
 423f53ba9b7d75ba0adde3c9279bd934  corporate/3.0/RPMS/samba-common-3.0.14a-6.2.C30mdk.i586.rpm
 f109661cbadfe418f435dbc099a15c53  corporate/3.0/RPMS/samba-doc-3.0.14a-6.2.C30mdk.i586.rpm
 3f0f332b7d2b4ad8f94c51c90d65506d  corporate/3.0/RPMS/samba-passdb-xml-3.0.14a-6.2.C30mdk.i586.rpm
 2e3737a856981e6e2b773aadca191415  corporate/3.0/RPMS/samba-server-3.0.14a-6.2.C30mdk.i586.rpm
 29cc6e056bad1c89e7290ca70b8f0de5  corporate/3.0/RPMS/samba-smbldap-tools-3.0.14a-6.2.C30mdk.i586.rpm
 96546053ae0ef2f00c2dc8580dc2c0c9  corporate/3.0/RPMS/samba-swat-3.0.14a-6.2.C30mdk.i586.rpm
 0c0fd8f911403b7f7ae188ee788ad507  corporate/3.0/RPMS/samba-vscan-antivir-3.0.14a-6.2.C30mdk.i586.rpm
 6840658b50e1b7d0f7f268289b204893  corporate/3.0/RPMS/samba-vscan-clamav-3.0.14a-6.2.C30mdk.i586.rpm
 f31679aaf15c51d8264a8b3a4066190e  corporate/3.0/RPMS/samba-vscan-icap-3.0.14a-6.2.C30mdk.i586.rpm
 ec4717b55261f70dec4d2c8955c385f1  corporate/3.0/RPMS/samba-winbind-3.0.14a-6.2.C30mdk.i586.rpm
 da1c9c209543730d10e83f9a9f5ebfcf  corporate/3.0/SRPMS/samba-3.0.14a-6.2.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 1416831d844bf7b87db3c70d60100022  x86_64/corporate/3.0/RPMS/lib64smbclient0-3.0.14a-6.2.C30mdk.x86_64.rpm
 98417e53a7fbf9edc798581fb5d3edb3  x86_64/corporate/3.0/RPMS/lib64smbclient0-devel-3.0.14a-6.2.C30mdk.x86_64.rpm
 5299fbefd6638bc1dbd7724dd2e728e6  x86_64/corporate/3.0/RPMS/lib64smbclient0-static-devel-3.0.14a-6.2.C30mdk.x86_64.rpm
 ac8436d779dd384229594009426bd559  x86_64/corporate/3.0/RPMS/mount-cifs-3.0.14a-6.2.C30mdk.x86_64.rpm
 fec20e25461d3c5fef537496df93c94c  x86_64/corporate/3.0/RPMS/nss_wins-3.0.14a-6.2.C30mdk.x86_64.rpm
 8eea99ec757c429e4bed9258a59e7507  x86_64/corporate/3.0/RPMS/samba-client-3.0.14a-6.2.C30mdk.x86_64.rpm
 bac614217b2432ebb4d1ba9608caf26a  x86_64/corporate/3.0/RPMS/samba-common-3.0.14a-6.2.C30mdk.x86_64.rpm
 388f186ee4360a4a57c558cb9cec1696  x86_64/corporate/3.0/RPMS/samba-doc-3.0.14a-6.2.C30mdk.x86_64.rpm
 20e69617864bcd21ba5e2f82bf2d83b0  x86_64/corporate/3.0/RPMS/samba-passdb-xml-3.0.14a-6.2.C30mdk.x86_64.rpm
 30791f102847b0aeca488aebad4e07a4  x86_64/corporate/3.0/RPMS/samba-server-3.0.14a-6.2.C30mdk.x86_64.rpm
 15f39f30be615b23ca2afb5a4be4bf8d  x86_64/corporate/3.0/RPMS/samba-smbldap-tools-3.0.14a-6.2.C30mdk.x86_64.rpm
 35cfe4ebc5ebe39af764577356e3fddc  x86_64/corporate/3.0/RPMS/samba-swat-3.0.14a-6.2.C30mdk.x86_64.rpm
 1e46268670190e240fa2f73281b1bdf0  x86_64/corporate/3.0/RPMS/samba-vscan-antivir-3.0.14a-6.2.C30mdk.x86_64.rpm
 98f42b0625686a84939876938f046593  x86_64/corporate/3.0/RPMS/samba-vscan-clamav-3.0.14a-6.2.C30mdk.x86_64.rpm
 9b5c6b52c20699f58d9085e3a46fc877  x86_64/corporate/3.0/RPMS/samba-vscan-icap-3.0.14a-6.2.C30mdk.x86_64.rpm
 d9471fcbc2b1a0b76ca5a4623b54807e  x86_64/corporate/3.0/RPMS/samba-winbind-3.0.14a-6.2.C30mdk.x86_64.rpm
 da1c9c209543730d10e83f9a9f5ebfcf  x86_64/corporate/3.0/SRPMS/samba-3.0.14a-6.2.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFEszpqmqjQ0CJFipgRAjDnAJ0S7bC4FZeeAjD0Jl66B71c7N6BugCeKstA
UPkBaJB/rUE03L5PqfzR8kw=
=SITV
-----END PGP SIGNATURE-----



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ