[<prev] [next>] [day] [month] [year] [list]
Message-ID: <E1G0B9A-0006qT-D6@mercury.mandriva.com>
Date: Mon, 10 Jul 2006 23:51:00 -0600
From: security@...driva.com
To: bugtraq@...urityfocus.com
Subject: [ MDKSA-2006:120 ] - Updated samba packages fix DoS vulnerability
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDKSA-2006:120
http://www.mandriva.com/security/
_______________________________________________________________________
Package : samba
Date : July 10, 2006
Affected: 10.2, 2006.0, Corporate 3.0
_______________________________________________________________________
Problem Description:
A vulnerability in samba 3.0.x was discovered where an attacker could
cause a single smbd process to bloat, exhausting memory on the system.
This bug is caused by continually increasing the size of an array which
maintains state information about the number of active share
connections.
Updated packages have been patched to correct this issue.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3403
http://www.samba.org/samba/security/CAN-2006-3403.html
_______________________________________________________________________
Updated Packages:
Mandriva Linux 10.2:
3eb4f4fe83862cc464bec94f345b1205 10.2/RPMS/libsmbclient0-3.0.13-2.1.102mdk.i586.rpm
20257c42dc31bfa2c7528e7033485aeb 10.2/RPMS/libsmbclient0-devel-3.0.13-2.1.102mdk.i586.rpm
4abbb93b864aec424b863085e4cd17fe 10.2/RPMS/libsmbclient0-static-devel-3.0.13-2.1.102mdk.i586.rpm
54c14b19aeda54fb096766938dcd7ba0 10.2/RPMS/mount-cifs-3.0.13-2.1.102mdk.i586.rpm
6a718136f97f343c1673e9e82aa6685c 10.2/RPMS/nss_wins-3.0.13-2.1.102mdk.i586.rpm
e0f0ca5db168dbec2ee78c47b04d4dfe 10.2/RPMS/samba-client-3.0.13-2.1.102mdk.i586.rpm
aca4da8c53f090b9e41bd95690d95a27 10.2/RPMS/samba-common-3.0.13-2.1.102mdk.i586.rpm
80c6725741baa3386e8d15a552a2e5aa 10.2/RPMS/samba-doc-3.0.13-2.1.102mdk.i586.rpm
ef137687ddad3bee055d6d3870e74db8 10.2/RPMS/samba-passdb-mysql-3.0.13-2.1.102mdk.i586.rpm
226357f0e98fa1c3b8abe17a23d1f715 10.2/RPMS/samba-passdb-pgsql-3.0.13-2.1.102mdk.i586.rpm
80a8107ea3f020bc930ecde070aefb61 10.2/RPMS/samba-passdb-xml-3.0.13-2.1.102mdk.i586.rpm
e2d6e9fa08e770f08171d75dd1079d5a 10.2/RPMS/samba-server-3.0.13-2.1.102mdk.i586.rpm
62043615a61aa9424cee64634f6f8d95 10.2/RPMS/samba-smbldap-tools-3.0.13-2.1.102mdk.i586.rpm
b76512984b8268a6c1d6474dd623c405 10.2/RPMS/samba-swat-3.0.13-2.1.102mdk.i586.rpm
21f24f6b6d4ba6ebdaf259c9ad2ff894 10.2/RPMS/samba-vscan-clamav-3.0.13-2.1.102mdk.i586.rpm
268ecfc08e5cd02ec69b2c3df9a79e3c 10.2/RPMS/samba-vscan-icap-3.0.13-2.1.102mdk.i586.rpm
469c6f7ac18bb3f3e963b15d6ddb218b 10.2/RPMS/samba-winbind-3.0.13-2.1.102mdk.i586.rpm
3cfae3f4e389c05b161fc03447fe8ea1 10.2/SRPMS/samba-3.0.13-2.1.102mdk.src.rpm
Mandriva Linux 10.2/X86_64:
1cabdda84ee642347b89b39f9b20647f x86_64/10.2/RPMS/lib64smbclient0-3.0.13-2.1.102mdk.x86_64.rpm
ac3ed439d87acb15e3c2e29c43a6c15c x86_64/10.2/RPMS/lib64smbclient0-devel-3.0.13-2.1.102mdk.x86_64.rpm
62220c9ea9b521ae9255351f9d2e9a72 x86_64/10.2/RPMS/lib64smbclient0-static-devel-3.0.13-2.1.102mdk.x86_64.rpm
3eb4f4fe83862cc464bec94f345b1205 x86_64/10.2/RPMS/libsmbclient0-3.0.13-2.1.102mdk.i586.rpm
20257c42dc31bfa2c7528e7033485aeb x86_64/10.2/RPMS/libsmbclient0-devel-3.0.13-2.1.102mdk.i586.rpm
4abbb93b864aec424b863085e4cd17fe x86_64/10.2/RPMS/libsmbclient0-static-devel-3.0.13-2.1.102mdk.i586.rpm
e3ee798596a4c1a3986046100967082d x86_64/10.2/RPMS/mount-cifs-3.0.13-2.1.102mdk.x86_64.rpm
f7cc4e909f28d48b265c11be4ea910d7 x86_64/10.2/RPMS/nss_wins-3.0.13-2.1.102mdk.x86_64.rpm
4740a0c21ac308c552611a5ee347c72a x86_64/10.2/RPMS/samba-client-3.0.13-2.1.102mdk.x86_64.rpm
6115c746181eaeb5c0d1d507c116a6db x86_64/10.2/RPMS/samba-common-3.0.13-2.1.102mdk.x86_64.rpm
ff054b178cff6c783fc730ca9c6ada5f x86_64/10.2/RPMS/samba-doc-3.0.13-2.1.102mdk.x86_64.rpm
c6e65bf57165bdc7f438e92ec9bd7823 x86_64/10.2/RPMS/samba-passdb-mysql-3.0.13-2.1.102mdk.x86_64.rpm
abf978ba0e1a53d0bc7c9938787d57f5 x86_64/10.2/RPMS/samba-passdb-pgsql-3.0.13-2.1.102mdk.x86_64.rpm
8d3dcc5cfd15c7401bd0c1835b2ede77 x86_64/10.2/RPMS/samba-passdb-xml-3.0.13-2.1.102mdk.x86_64.rpm
47c818ab47d1a18e3fe2bdc44d7c3916 x86_64/10.2/RPMS/samba-server-3.0.13-2.1.102mdk.x86_64.rpm
0d64c5d745416788db5c1e879f04ae03 x86_64/10.2/RPMS/samba-smbldap-tools-3.0.13-2.1.102mdk.x86_64.rpm
fb96a98a1ec0fa08001e0ecb155bb243 x86_64/10.2/RPMS/samba-swat-3.0.13-2.1.102mdk.x86_64.rpm
06d7c44374d9ba8cde7077da3d6908c7 x86_64/10.2/RPMS/samba-vscan-clamav-3.0.13-2.1.102mdk.x86_64.rpm
d7349d986a8b2b602c2c74d405571c27 x86_64/10.2/RPMS/samba-vscan-icap-3.0.13-2.1.102mdk.x86_64.rpm
a7b8792e6ee53529f84dbb2c42431396 x86_64/10.2/RPMS/samba-winbind-3.0.13-2.1.102mdk.x86_64.rpm
3cfae3f4e389c05b161fc03447fe8ea1 x86_64/10.2/SRPMS/samba-3.0.13-2.1.102mdk.src.rpm
Mandriva Linux 2006.0:
b639e531c8aa76a45bb4fd7fc0c9d08f 2006.0/RPMS/libsmbclient0-3.0.20-3.1.20060mdk.i586.rpm
21d7c1bcdae8ba923815557a265aed8c 2006.0/RPMS/libsmbclient0-devel-3.0.20-3.1.20060mdk.i586.rpm
2922f2ad71b836793477e9774962ab81 2006.0/RPMS/libsmbclient0-static-devel-3.0.20-3.1.20060mdk.i586.rpm
b1950669d6c9988067d98f80d3ed9f05 2006.0/RPMS/mount-cifs-3.0.20-3.1.20060mdk.i586.rpm
ad230ddd398f550ec0c5b56b8a0c7af9 2006.0/RPMS/nss_wins-3.0.20-3.1.20060mdk.i586.rpm
f74482cc4bba045eecd6302878e5cd98 2006.0/RPMS/samba-client-3.0.20-3.1.20060mdk.i586.rpm
1988d3cb187321c59f0ffd583089cdf2 2006.0/RPMS/samba-common-3.0.20-3.1.20060mdk.i586.rpm
7c3130bec18d3ca0d75b8acf724871ac 2006.0/RPMS/samba-doc-3.0.20-3.1.20060mdk.i586.rpm
73402f8d15a49c079c1c374a1a3926b7 2006.0/RPMS/samba-passdb-mysql-3.0.20-3.1.20060mdk.i586.rpm
fe7d3ceac2df5a79853759b4b9eb8f21 2006.0/RPMS/samba-passdb-pgsql-3.0.20-3.1.20060mdk.i586.rpm
cc4cb9b9eda79cc7d2ebbbe1eca8d098 2006.0/RPMS/samba-passdb-xml-3.0.20-3.1.20060mdk.i586.rpm
00602cff731083e2477f3a78ae69c9e4 2006.0/RPMS/samba-server-3.0.20-3.1.20060mdk.i586.rpm
58337068762956f952cd8dde7dbed638 2006.0/RPMS/samba-smbldap-tools-3.0.20-3.1.20060mdk.i586.rpm
39aadf73c4aff1c9e90cf5a9bd883ce0 2006.0/RPMS/samba-swat-3.0.20-3.1.20060mdk.i586.rpm
b4055e2c5247be3762da9baa912c69f8 2006.0/RPMS/samba-vscan-clamav-3.0.20-3.1.20060mdk.i586.rpm
bf5619e50e6603faf8c6b62f823a7c3b 2006.0/RPMS/samba-vscan-icap-3.0.20-3.1.20060mdk.i586.rpm
b823e686c69c157bf640209611700e74 2006.0/RPMS/samba-winbind-3.0.20-3.1.20060mdk.i586.rpm
f573ef27d6ae8fce9cd2451371d00f2c 2006.0/SRPMS/samba-3.0.20-3.1.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64:
b8246df3c55f97343bc04dfe77733fc5 x86_64/2006.0/RPMS/lib64smbclient0-3.0.20-3.1.20060mdk.x86_64.rpm
d0c721a3523d3718e1e78ade2665b728 x86_64/2006.0/RPMS/lib64smbclient0-devel-3.0.20-3.1.20060mdk.x86_64.rpm
9c9852254610c810932013dd19917de8 x86_64/2006.0/RPMS/lib64smbclient0-static-devel-3.0.20-3.1.20060mdk.x86_64.rpm
b639e531c8aa76a45bb4fd7fc0c9d08f x86_64/2006.0/RPMS/libsmbclient0-3.0.20-3.1.20060mdk.i586.rpm
21d7c1bcdae8ba923815557a265aed8c x86_64/2006.0/RPMS/libsmbclient0-devel-3.0.20-3.1.20060mdk.i586.rpm
2922f2ad71b836793477e9774962ab81 x86_64/2006.0/RPMS/libsmbclient0-static-devel-3.0.20-3.1.20060mdk.i586.rpm
7b1644dda9a0e0fc61e2553a16c3227f x86_64/2006.0/RPMS/mount-cifs-3.0.20-3.1.20060mdk.x86_64.rpm
d05b51b91f6956ce210254b8140e1dff x86_64/2006.0/RPMS/nss_wins-3.0.20-3.1.20060mdk.x86_64.rpm
f6a100b3426487ecaf1402d0f13fe2c6 x86_64/2006.0/RPMS/samba-client-3.0.20-3.1.20060mdk.x86_64.rpm
b924d9378647d7854b9a1fe7d4cbcacb x86_64/2006.0/RPMS/samba-common-3.0.20-3.1.20060mdk.x86_64.rpm
70fe3749aa34cf856a238854c4a8ffba x86_64/2006.0/RPMS/samba-doc-3.0.20-3.1.20060mdk.x86_64.rpm
e41a7d5cd9ec6113d9cdfa6e5f6824db x86_64/2006.0/RPMS/samba-passdb-mysql-3.0.20-3.1.20060mdk.x86_64.rpm
112d3d019065f29c8ccab1bed7e24ff9 x86_64/2006.0/RPMS/samba-passdb-pgsql-3.0.20-3.1.20060mdk.x86_64.rpm
d25dd65d363d8412df0907c36af667bb x86_64/2006.0/RPMS/samba-passdb-xml-3.0.20-3.1.20060mdk.x86_64.rpm
f00babb6d600c46d81315ef2ea05c253 x86_64/2006.0/RPMS/samba-server-3.0.20-3.1.20060mdk.x86_64.rpm
e371858956f729e8b1d8020b4b929d10 x86_64/2006.0/RPMS/samba-smbldap-tools-3.0.20-3.1.20060mdk.x86_64.rpm
456d9ed7f29dc686b8803888058dbdd8 x86_64/2006.0/RPMS/samba-swat-3.0.20-3.1.20060mdk.x86_64.rpm
cc428a83917f6bee4381ac29673c338e x86_64/2006.0/RPMS/samba-vscan-clamav-3.0.20-3.1.20060mdk.x86_64.rpm
9f4f4c7e4ad64b3c38fcb9644e6ca217 x86_64/2006.0/RPMS/samba-vscan-icap-3.0.20-3.1.20060mdk.x86_64.rpm
2dab89ab81536b0b32af36468271e192 x86_64/2006.0/RPMS/samba-winbind-3.0.20-3.1.20060mdk.x86_64.rpm
f573ef27d6ae8fce9cd2451371d00f2c x86_64/2006.0/SRPMS/samba-3.0.20-3.1.20060mdk.src.rpm
Corporate 3.0:
4490da65fef66f064a59282b7da68621 corporate/3.0/RPMS/libsmbclient0-3.0.14a-6.2.C30mdk.i586.rpm
5d2f6de8c701a826f214600c8dde0528 corporate/3.0/RPMS/libsmbclient0-devel-3.0.14a-6.2.C30mdk.i586.rpm
d06d370c2816e6eaf15d97a5c7560519 corporate/3.0/RPMS/libsmbclient0-static-devel-3.0.14a-6.2.C30mdk.i586.rpm
3f4512e20d14ffd6c49ad6574913770c corporate/3.0/RPMS/mount-cifs-3.0.14a-6.2.C30mdk.i586.rpm
7b6264fbeb301b7c73a5ae7c74ddacfc corporate/3.0/RPMS/nss_wins-3.0.14a-6.2.C30mdk.i586.rpm
3e372468edf4ba40c6e16c6e6744ea0e corporate/3.0/RPMS/samba-client-3.0.14a-6.2.C30mdk.i586.rpm
423f53ba9b7d75ba0adde3c9279bd934 corporate/3.0/RPMS/samba-common-3.0.14a-6.2.C30mdk.i586.rpm
f109661cbadfe418f435dbc099a15c53 corporate/3.0/RPMS/samba-doc-3.0.14a-6.2.C30mdk.i586.rpm
3f0f332b7d2b4ad8f94c51c90d65506d corporate/3.0/RPMS/samba-passdb-xml-3.0.14a-6.2.C30mdk.i586.rpm
2e3737a856981e6e2b773aadca191415 corporate/3.0/RPMS/samba-server-3.0.14a-6.2.C30mdk.i586.rpm
29cc6e056bad1c89e7290ca70b8f0de5 corporate/3.0/RPMS/samba-smbldap-tools-3.0.14a-6.2.C30mdk.i586.rpm
96546053ae0ef2f00c2dc8580dc2c0c9 corporate/3.0/RPMS/samba-swat-3.0.14a-6.2.C30mdk.i586.rpm
0c0fd8f911403b7f7ae188ee788ad507 corporate/3.0/RPMS/samba-vscan-antivir-3.0.14a-6.2.C30mdk.i586.rpm
6840658b50e1b7d0f7f268289b204893 corporate/3.0/RPMS/samba-vscan-clamav-3.0.14a-6.2.C30mdk.i586.rpm
f31679aaf15c51d8264a8b3a4066190e corporate/3.0/RPMS/samba-vscan-icap-3.0.14a-6.2.C30mdk.i586.rpm
ec4717b55261f70dec4d2c8955c385f1 corporate/3.0/RPMS/samba-winbind-3.0.14a-6.2.C30mdk.i586.rpm
da1c9c209543730d10e83f9a9f5ebfcf corporate/3.0/SRPMS/samba-3.0.14a-6.2.C30mdk.src.rpm
Corporate 3.0/X86_64:
1416831d844bf7b87db3c70d60100022 x86_64/corporate/3.0/RPMS/lib64smbclient0-3.0.14a-6.2.C30mdk.x86_64.rpm
98417e53a7fbf9edc798581fb5d3edb3 x86_64/corporate/3.0/RPMS/lib64smbclient0-devel-3.0.14a-6.2.C30mdk.x86_64.rpm
5299fbefd6638bc1dbd7724dd2e728e6 x86_64/corporate/3.0/RPMS/lib64smbclient0-static-devel-3.0.14a-6.2.C30mdk.x86_64.rpm
ac8436d779dd384229594009426bd559 x86_64/corporate/3.0/RPMS/mount-cifs-3.0.14a-6.2.C30mdk.x86_64.rpm
fec20e25461d3c5fef537496df93c94c x86_64/corporate/3.0/RPMS/nss_wins-3.0.14a-6.2.C30mdk.x86_64.rpm
8eea99ec757c429e4bed9258a59e7507 x86_64/corporate/3.0/RPMS/samba-client-3.0.14a-6.2.C30mdk.x86_64.rpm
bac614217b2432ebb4d1ba9608caf26a x86_64/corporate/3.0/RPMS/samba-common-3.0.14a-6.2.C30mdk.x86_64.rpm
388f186ee4360a4a57c558cb9cec1696 x86_64/corporate/3.0/RPMS/samba-doc-3.0.14a-6.2.C30mdk.x86_64.rpm
20e69617864bcd21ba5e2f82bf2d83b0 x86_64/corporate/3.0/RPMS/samba-passdb-xml-3.0.14a-6.2.C30mdk.x86_64.rpm
30791f102847b0aeca488aebad4e07a4 x86_64/corporate/3.0/RPMS/samba-server-3.0.14a-6.2.C30mdk.x86_64.rpm
15f39f30be615b23ca2afb5a4be4bf8d x86_64/corporate/3.0/RPMS/samba-smbldap-tools-3.0.14a-6.2.C30mdk.x86_64.rpm
35cfe4ebc5ebe39af764577356e3fddc x86_64/corporate/3.0/RPMS/samba-swat-3.0.14a-6.2.C30mdk.x86_64.rpm
1e46268670190e240fa2f73281b1bdf0 x86_64/corporate/3.0/RPMS/samba-vscan-antivir-3.0.14a-6.2.C30mdk.x86_64.rpm
98f42b0625686a84939876938f046593 x86_64/corporate/3.0/RPMS/samba-vscan-clamav-3.0.14a-6.2.C30mdk.x86_64.rpm
9b5c6b52c20699f58d9085e3a46fc877 x86_64/corporate/3.0/RPMS/samba-vscan-icap-3.0.14a-6.2.C30mdk.x86_64.rpm
d9471fcbc2b1a0b76ca5a4623b54807e x86_64/corporate/3.0/RPMS/samba-winbind-3.0.14a-6.2.C30mdk.x86_64.rpm
da1c9c209543730d10e83f9a9f5ebfcf x86_64/corporate/3.0/SRPMS/samba-3.0.14a-6.2.C30mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFEszpqmqjQ0CJFipgRAjDnAJ0S7bC4FZeeAjD0Jl66B71c7N6BugCeKstA
UPkBaJB/rUE03L5PqfzR8kw=
=SITV
-----END PGP SIGNATURE-----
Powered by blists - more mailing lists