lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20041118140826.GA1760@box79162.elkhouse.de>
From: martin.pitt at canonical.com (Martin Pitt)
Subject: [USN-29-1] samba vulnerability

===========================================================
Ubuntu Security Notice USN-29-1		  November 18, 2004
samba vulnerability
CAN-2004-0882
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)

The following packages are affected:

samba

The problem can be corrected by upgrading the affected package to
version 3.0.7-1ubuntu6.2.  In general, a standard system upgrade is
sufficient to effect the necessary changes.

Details follow:

During an audit of the Samba 3.x code base Stefan Esser discovered a
Unicode file name buffer overflow within the handling of
TRANSACT2_QFILEPATHINFO replies. A malicious samba user with write
access to a share could exploit this by creating specially crafted
path names (files with very long names containing Unicode characters)
that would overflow an internal buffer and could lead to remote
execution of arbitrary code with the privileges of the samba server.

Since the samba server usually (by default) runs as root, this flaw
can lead to privilege escalation and unbounded system compromise.

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.7-1ubuntu6.2.diff.gz
      Size/MD5:   287793 5fe703b1046fd5243fa69b6fa6d07294
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.7-1ubuntu6.2.dsc
      Size/MD5:      937 eab645e2ffeb3ffeda2938989f483c48
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.7.orig.tar.gz
      Size/MD5: 15012667 5906341429e64214909865a4be92e4ab

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-doc_3.0.7-1ubuntu6.2_all.deb
      Size/MD5: 11604214 141fc27096df90fb5f26b7166a3c9d6c

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/universe/s/samba/libpam-smbpass_3.0.7-1ubuntu6.2_amd64.deb
      Size/MD5:   370230 99101e2e61e368dc01179cb7dc2c0133
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.0.7-1ubuntu6.2_amd64.deb
      Size/MD5:   761668 e741cc9ab62203deb7280c7433f69706
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.0.7-1ubuntu6.2_amd64.deb
      Size/MD5:   574786 89ae7e66ce905ace97188609e440bde5
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/python2.3-samba_3.0.7-1ubuntu6.2_amd64.deb
      Size/MD5:  5013524 52f73085749169d113930486f59cbfaf
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.0.7-1ubuntu6.2_amd64.deb
      Size/MD5:  2089114 f1e43445204746bf37edf2ec41e4295b
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.7-1ubuntu6.2_amd64.deb
      Size/MD5:  2664486 eb3e05dcc644fb38bc73b0b9d8e0881a
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.0.7-1ubuntu6.2_amd64.deb
      Size/MD5:  2708734 184bf98f0408a4697850aa6919ebe4ef
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.0.7-1ubuntu6.2_amd64.deb
      Size/MD5:   360962 7efd7e60f4932c7274a9dca4c6bfff7c
    http://security.ubuntu.com/ubuntu/pool/universe/s/samba/swat_3.0.7-1ubuntu6.2_amd64.deb
      Size/MD5:  4026780 ddce360a66fd3e0caf65fccb007b0d18
    http://security.ubuntu.com/ubuntu/pool/universe/s/samba/winbind_3.0.7-1ubuntu6.2_amd64.deb
      Size/MD5:  1526042 f828ee46913e27507bab3886d82435c3

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/universe/s/samba/libpam-smbpass_3.0.7-1ubuntu6.2_i386.deb
      Size/MD5:   326852 c9629245ccda89fb9b1dda883879d54b
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.0.7-1ubuntu6.2_i386.deb
      Size/MD5:   686568 e42aa1a2af130297903b93f9e3e8ca2c
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.0.7-1ubuntu6.2_i386.deb
      Size/MD5:   509556 7d8076adf8c3eaac60b09ff27bacd911
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/python2.3-samba_3.0.7-1ubuntu6.2_i386.deb
      Size/MD5:  4414116 c04dabf99c10f32a3e9b799e52eda22b
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.0.7-1ubuntu6.2_i386.deb
      Size/MD5:  1835048 ce3604ef73e2d5fb4e7914cdd9050d8f
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.7-1ubuntu6.2_i386.deb
      Size/MD5:  2297606 b7e572d19fd4049bf320afdc77c3a6c9
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.0.7-1ubuntu6.2_i386.deb
      Size/MD5:  2300214 5383d4fee5aa87876ac5051593955873
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.0.7-1ubuntu6.2_i386.deb
      Size/MD5:   308746 1b624b3e4f6e19c3282bd5ac6696d646
    http://security.ubuntu.com/ubuntu/pool/universe/s/samba/swat_3.0.7-1ubuntu6.2_i386.deb
      Size/MD5:  3938366 46e2ae30a1e9dd7dbbdca463bcb9dd1f
    http://security.ubuntu.com/ubuntu/pool/universe/s/samba/winbind_3.0.7-1ubuntu6.2_i386.deb
      Size/MD5:  1298980 bf1f086f3baacf18e1def88b2de59c37

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/universe/s/samba/libpam-smbpass_3.0.7-1ubuntu6.2_powerpc.deb
      Size/MD5:   356040 4a139f0d03c2c58101009b020f5cd86f
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.0.7-1ubuntu6.2_powerpc.deb
      Size/MD5:   705486 c79dca16882996739bc326c4e49eef0d
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.0.7-1ubuntu6.2_powerpc.deb
      Size/MD5:   565886 021b551094f41419085bd536f3478719
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/python2.3-samba_3.0.7-1ubuntu6.2_powerpc.deb
      Size/MD5:  4809436 df7c43f27708fd1f0b714a42e62d11c9
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.0.7-1ubuntu6.2_powerpc.deb
      Size/MD5:  2044050 2fe8c9c72849c23f4352be940897bc92
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.7-1ubuntu6.2_powerpc.deb
      Size/MD5:  2619354 74a5ae3af513b9ebd4b3fe99f7ac4271
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.0.7-1ubuntu6.2_powerpc.deb
      Size/MD5:  2655304 9ac5438f2b4514df4c3e8adde4f6aec6
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.0.7-1ubuntu6.2_powerpc.deb
      Size/MD5:   353196 16b68de329667642f9520e81fff7ecee
    http://security.ubuntu.com/ubuntu/pool/universe/s/samba/swat_3.0.7-1ubuntu6.2_powerpc.deb
      Size/MD5:  4015742 68b4ddb082fa1756c18d7b244e5a0a5f
    http://security.ubuntu.com/ubuntu/pool/universe/s/samba/winbind_3.0.7-1ubuntu6.2_powerpc.deb
      Size/MD5:  1481436 53bd882613f2853683f39d48843cf4fc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20041118/9f1bc6a0/attachment.bin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ