lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20041110001310.GB30165@box79162.elkhouse.de>
From: martin.pitt at canonical.com (Martin Pitt)
Subject: [USN-22-1] samba vulnerability

===========================================================
Ubuntu Security Notice USN-22-1		  November 10, 2004
samba vulnerability
CAN-2004-0930
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)

The following packages are affected:

samba

The problem can be corrected by upgrading the affected package to
version 3.0.7-1ubuntu6.1.  In general, a standard system upgrade is
sufficient to effect the necessary changes.

Details follow:

Karol Wiesek discovered a Denial of Service vulnerability in samba. A
flaw in the input validation routines used to match filename strings
containing wildcard characters may allow a remote user to consume more
than normal amounts of CPU resources, thus impacting the performance
and response of the server.  In some circumstances the server can
become entirely unresponsive.

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.7-1ubuntu6.1.diff.gz
      Size/MD5:   287126 a3fcb09046c925e464ad87a1b0566cc4
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.7-1ubuntu6.1.dsc
      Size/MD5:      937 f23b533ea294438bc2bf2a50e30f11b4
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.7.orig.tar.gz
      Size/MD5: 15012667 5906341429e64214909865a4be92e4ab

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-doc_3.0.7-1ubuntu6.1_all.deb
      Size/MD5: 11604162 49713f4514692e2be0e177ca6d40ef06

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/universe/s/samba/libpam-smbpass_3.0.7-1ubuntu6.1_amd64.deb
      Size/MD5:   370054 a02825c940f4cbd4f84af936fe9dfd5f
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.0.7-1ubuntu6.1_amd64.deb
      Size/MD5:   761458 d9b250b70cd9b2030f72291dc5fce14c
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.0.7-1ubuntu6.1_amd64.deb
      Size/MD5:   574612 ffa3e8fe2524d89dde97680244261a7f
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/python2.3-samba_3.0.7-1ubuntu6.1_amd64.deb
      Size/MD5:  5013354 16bdd2d641cbb525553aabd267f0672f
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.0.7-1ubuntu6.1_amd64.deb
      Size/MD5:  2088940 9a968b8cb802cf053638c5745f394194
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.7-1ubuntu6.1_amd64.deb
      Size/MD5:  2664296 d01bd86a38d97d6efe24951a90364da0
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.0.7-1ubuntu6.1_amd64.deb
      Size/MD5:  2708564 1f326153293c8290d071e53bbf593c8b
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.0.7-1ubuntu6.1_amd64.deb
      Size/MD5:   360810 60ed4686706939d0b228b7d6e0dff66b
    http://security.ubuntu.com/ubuntu/pool/universe/s/samba/swat_3.0.7-1ubuntu6.1_amd64.deb
      Size/MD5:  4026612 04f36ca860b63b94131d7a2c581564ff
    http://security.ubuntu.com/ubuntu/pool/universe/s/samba/winbind_3.0.7-1ubuntu6.1_amd64.deb
      Size/MD5:  1525886 e32cb58e47a95678c1bfe6aa99268d7c

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/universe/s/samba/libpam-smbpass_3.0.7-1ubuntu6.1_i386.deb
      Size/MD5:   326630 e25c3503d3d79d5cadb7c2f5071705d2
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.0.7-1ubuntu6.1_i386.deb
      Size/MD5:   686410 9e9a9da91ab3d0745cbbf2f33070fc9f
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.0.7-1ubuntu6.1_i386.deb
      Size/MD5:   509394 b52b52332916491f5b28465b0a616ec0
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/python2.3-samba_3.0.7-1ubuntu6.1_i386.deb
      Size/MD5:  4413946 ccbce0f6159af8d7d47128c4b681163c
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.0.7-1ubuntu6.1_i386.deb
      Size/MD5:  1834886 0aefc1a55bb09f77daf9b908d343e479
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.7-1ubuntu6.1_i386.deb
      Size/MD5:  2297516 a17857a9a303f71c3a0f4d5d2aeed487
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.0.7-1ubuntu6.1_i386.deb
      Size/MD5:  2300060 529c680e4e6f7ee0f4f7ef9e8bafc116
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.0.7-1ubuntu6.1_i386.deb
      Size/MD5:   308602 ed2913bc3c0ef8fe4860892adbec4100
    http://security.ubuntu.com/ubuntu/pool/universe/s/samba/swat_3.0.7-1ubuntu6.1_i386.deb
      Size/MD5:  3938212 b7aed614acd5c92acb5dfdf7ceae287c
    http://security.ubuntu.com/ubuntu/pool/universe/s/samba/winbind_3.0.7-1ubuntu6.1_i386.deb
      Size/MD5:  1298904 9d5be4e720308bee883c093185be751d

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/universe/s/samba/libpam-smbpass_3.0.7-1ubuntu6.1_powerpc.deb
      Size/MD5:   355868 00aae8cee620f7bcfedb7da199b14c22
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.0.7-1ubuntu6.1_powerpc.deb
      Size/MD5:   705332 05e696fe13483d335b04eb2261cc3081
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.0.7-1ubuntu6.1_powerpc.deb
      Size/MD5:   565732 951094e550c17329035a9a3a57ba7ba5
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/python2.3-samba_3.0.7-1ubuntu6.1_powerpc.deb
      Size/MD5:  4809282 89b755dac91fc73ff5aad9dc58ab8065
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.0.7-1ubuntu6.1_powerpc.deb
      Size/MD5:  2043874 f6959d09f9c61d2c24fb17077d4f502f
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.7-1ubuntu6.1_powerpc.deb
      Size/MD5:  2619182 1ad240b566854fd6b884aa7f6932bc82
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.0.7-1ubuntu6.1_powerpc.deb
      Size/MD5:  2655140 2c55bb66a11aaab9e7a22300b20aaa4e
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.0.7-1ubuntu6.1_powerpc.deb
      Size/MD5:   353042 1d9fb3a59a2fb52a3f44a3eda74c072f
    http://security.ubuntu.com/ubuntu/pool/universe/s/samba/swat_3.0.7-1ubuntu6.1_powerpc.deb
      Size/MD5:  4015602 5f44922fc18958e3b8c9e4c2b86a608a
    http://security.ubuntu.com/ubuntu/pool/universe/s/samba/winbind_3.0.7-1ubuntu6.1_powerpc.deb
      Size/MD5:  1481272 b3a9a0f54c103434955e319cdfd37975
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20041110/dba04e34/attachment.bin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ