[<prev] [next>] [day] [month] [year] [list]
Message-id: <E1Hr584-0001aZ-5R@artemis.annvix.ca>
Date: Wed, 23 May 2007 22:40:48 -0600
From: security@...driva.com
To: full-disclosure@...ts.grok.org.uk
Subject: [ MDKSA-2007:104-1 ] - Updated samba packages fix
multiple vulnerabilities
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDKSA-2007:104-1
http://www.mandriva.com/security/
_______________________________________________________________________
Package : samba
Date : May 23, 2007
Affected: 2007.0, 2007.1
_______________________________________________________________________
Problem Description:
A number of bugs were discovered in the NDR parsing support in Samba
that is used to decode MS-RPC requests. A remote attacker could
send a carefully crafted request that would cause a heap overflow,
possibly leading to the ability to execute arbitrary code on the server
(CVE-2007-2446).
A remote authenticated user could trigger a flaw where unescaped
user input parameters were being passed as arguments to /bin/sh
(CVE-2007-2447).
Finally, on Samba 3.0.23d and higher, when Samba translated SID to/from
name using the Samba local list of user and group accounts, a logic
error in smbd's internal security stack could result in a transition
to the root user id rather than the non-root user (CVE-2007-2444).
Update:
The fix for CVE-2007-2444 broke the behaviour of force group when
the forced group is a local Unix group for domain member servers.
This update corrects that regression.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2444
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2007.0:
2ba4a54f7c3ea9fa3e7d716b78a9ccf3 2007.0/i586/libsmbclient0-3.0.23d-2.3mdv2007.0.i586.rpm
8d5cd8a8d91808cf5b28173399a4dccd 2007.0/i586/libsmbclient0-devel-3.0.23d-2.3mdv2007.0.i586.rpm
2afc7a841894a7d1ec6a10e43be56cb3 2007.0/i586/libsmbclient0-static-devel-3.0.23d-2.3mdv2007.0.i586.rpm
862bcb6362c116f547bcbb34c32d7382 2007.0/i586/mount-cifs-3.0.23d-2.3mdv2007.0.i586.rpm
153b0bb5e27b67e8bae513774b25d4fb 2007.0/i586/nss_wins-3.0.23d-2.3mdv2007.0.i586.rpm
29d1b0a886865dd4f7d23f0cf47d754c 2007.0/i586/samba-client-3.0.23d-2.3mdv2007.0.i586.rpm
c0df231352bf46e322ad1ff8805ba25a 2007.0/i586/samba-common-3.0.23d-2.3mdv2007.0.i586.rpm
4870de87bdf5da9e6b056ffbe55a95aa 2007.0/i586/samba-doc-3.0.23d-2.3mdv2007.0.i586.rpm
f8c445732224a5c8db8b3765737ecf09 2007.0/i586/samba-server-3.0.23d-2.3mdv2007.0.i586.rpm
a15627b69d8c7865473257aa71475a41 2007.0/i586/samba-smbldap-tools-3.0.23d-2.3mdv2007.0.i586.rpm
28271a81e11470645e1b8287c755a4c3 2007.0/i586/samba-swat-3.0.23d-2.3mdv2007.0.i586.rpm
26eb7109048d443c280244c8c871b6c4 2007.0/i586/samba-vscan-clamav-3.0.23d-2.3mdv2007.0.i586.rpm
fdd8e8f3a9d098a75c6517098f7a4e5f 2007.0/i586/samba-vscan-icap-3.0.23d-2.3mdv2007.0.i586.rpm
e16d790fdd80e78b1ad0c796b3fc62f0 2007.0/i586/samba-winbind-3.0.23d-2.3mdv2007.0.i586.rpm
9725d3da0b4394c46c5a11718b02681c 2007.0/SRPMS/samba-3.0.23d-2.3mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64:
5a40a67af7bddbac6f1a12ccc04eb71a 2007.0/x86_64/lib64smbclient0-3.0.23d-2.3mdv2007.0.x86_64.rpm
c2d3958fb241f8425a6c4b471a7e9ff0 2007.0/x86_64/lib64smbclient0-devel-3.0.23d-2.3mdv2007.0.x86_64.rpm
d896b8848adf231e7ca9732cedd1df14 2007.0/x86_64/lib64smbclient0-static-devel-3.0.23d-2.3mdv2007.0.x86_64.rpm
5bb35783003fb0598a1c8d004f1b7e89 2007.0/x86_64/mount-cifs-3.0.23d-2.3mdv2007.0.x86_64.rpm
936b0b4727ced4c51487d22eb4c728c2 2007.0/x86_64/nss_wins-3.0.23d-2.3mdv2007.0.x86_64.rpm
697a37f58cd7ee86bcb6d25fe5ce99a4 2007.0/x86_64/samba-client-3.0.23d-2.3mdv2007.0.x86_64.rpm
a2c89ccbb926ab10134bb6c08de1e708 2007.0/x86_64/samba-common-3.0.23d-2.3mdv2007.0.x86_64.rpm
a4f423f84d2de83ce0e08f7617c93dd7 2007.0/x86_64/samba-doc-3.0.23d-2.3mdv2007.0.x86_64.rpm
7f95a390b3d8a8f50b4ed742222b5cd1 2007.0/x86_64/samba-server-3.0.23d-2.3mdv2007.0.x86_64.rpm
46d3c6533ebd7bee01721ca614e955ca 2007.0/x86_64/samba-smbldap-tools-3.0.23d-2.3mdv2007.0.x86_64.rpm
ed30c61f6884f8b26187e6e3a9885a24 2007.0/x86_64/samba-swat-3.0.23d-2.3mdv2007.0.x86_64.rpm
e8ef3da7af8952bebd84406c4a638e39 2007.0/x86_64/samba-vscan-clamav-3.0.23d-2.3mdv2007.0.x86_64.rpm
559d43f9a8f2a8a361b11a97d437c321 2007.0/x86_64/samba-vscan-icap-3.0.23d-2.3mdv2007.0.x86_64.rpm
76963cced45f658ab0ad5412a5aa794b 2007.0/x86_64/samba-winbind-3.0.23d-2.3mdv2007.0.x86_64.rpm
9725d3da0b4394c46c5a11718b02681c 2007.0/SRPMS/samba-3.0.23d-2.3mdv2007.0.src.rpm
Mandriva Linux 2007.1:
2e8c595bb959e2acb3ae05b04e8387d5 2007.1/i586/libsmbclient0-3.0.24-2.2mdv2007.1.i586.rpm
f398435995e18d601ddb9dc1f1128129 2007.1/i586/libsmbclient0-devel-3.0.24-2.2mdv2007.1.i586.rpm
be221059ee4f4c8dd62f23f27b636943 2007.1/i586/libsmbclient0-static-devel-3.0.24-2.2mdv2007.1.i586.rpm
63989fd2a666fd804e93fb6de50faf79 2007.1/i586/mount-cifs-3.0.24-2.2mdv2007.1.i586.rpm
df903048b4ccde8195a48aa1c94993a1 2007.1/i586/nss_wins-3.0.24-2.2mdv2007.1.i586.rpm
43de3b657ec9bd2e99a545b93bc66826 2007.1/i586/samba-client-3.0.24-2.2mdv2007.1.i586.rpm
727d37be44200376dcddf14682f4fc7a 2007.1/i586/samba-common-3.0.24-2.2mdv2007.1.i586.rpm
de76cf361d6d6b9f25ea9e65461bcf92 2007.1/i586/samba-doc-3.0.24-2.2mdv2007.1.i586.rpm
3ddcfa99a20b0b2c5af4318e947ca5a1 2007.1/i586/samba-server-3.0.24-2.2mdv2007.1.i586.rpm
d9f5b95d336826c9787ef0232701986c 2007.1/i586/samba-smbldap-tools-3.0.24-2.2mdv2007.1.i586.rpm
9c41b0d842310e8a8583fb5b52f00680 2007.1/i586/samba-swat-3.0.24-2.2mdv2007.1.i586.rpm
abcfc7652487f311edb1adb2fc1855ea 2007.1/i586/samba-vscan-clamav-3.0.24-2.2mdv2007.1.i586.rpm
d2b387577c52b4a4c7128275a1055d8f 2007.1/i586/samba-vscan-icap-3.0.24-2.2mdv2007.1.i586.rpm
1c38d939eeb3a56511fb6aa1c80ead9b 2007.1/i586/samba-winbind-3.0.24-2.2mdv2007.1.i586.rpm
1138acd0612b3e1c235cd8e4d5a0e154 2007.1/SRPMS/samba-3.0.24-2.2mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64:
4e28c912966b246dc09a076ebfe14a1c 2007.1/x86_64/lib64smbclient0-3.0.24-2.2mdv2007.1.x86_64.rpm
1604483d1d16e404a12317faad97d8eb 2007.1/x86_64/lib64smbclient0-devel-3.0.24-2.2mdv2007.1.x86_64.rpm
ef43dae21969f6ce04de5685b389fbf4 2007.1/x86_64/lib64smbclient0-static-devel-3.0.24-2.2mdv2007.1.x86_64.rpm
37103982308436b13a95c62dd5a6d382 2007.1/x86_64/mount-cifs-3.0.24-2.2mdv2007.1.x86_64.rpm
1d8eb64a30be1483ae35e0a822b03f62 2007.1/x86_64/nss_wins-3.0.24-2.2mdv2007.1.x86_64.rpm
5d4a67c2df92af2c8ea27b5583e90862 2007.1/x86_64/samba-client-3.0.24-2.2mdv2007.1.x86_64.rpm
b79344c4f8b2fdad0cc201cfece51402 2007.1/x86_64/samba-common-3.0.24-2.2mdv2007.1.x86_64.rpm
cb576100d93054942f7b2451246c873c 2007.1/x86_64/samba-doc-3.0.24-2.2mdv2007.1.x86_64.rpm
53007b67f56550799239b3fb17f0a71a 2007.1/x86_64/samba-server-3.0.24-2.2mdv2007.1.x86_64.rpm
cc7ebaa88c88dc7d1903ed72cfe6dbe0 2007.1/x86_64/samba-smbldap-tools-3.0.24-2.2mdv2007.1.x86_64.rpm
ba3d1524f07c35c5cac0dbc2ff2f8fe7 2007.1/x86_64/samba-swat-3.0.24-2.2mdv2007.1.x86_64.rpm
a61531290699912b3bcd6d119e49af5a 2007.1/x86_64/samba-vscan-clamav-3.0.24-2.2mdv2007.1.x86_64.rpm
3ec8fd40efdd0355c3376a7f2b12bb7f 2007.1/x86_64/samba-vscan-icap-3.0.24-2.2mdv2007.1.x86_64.rpm
779e7ff7d9af28d3f738f7fc65b1b394 2007.1/x86_64/samba-winbind-3.0.24-2.2mdv2007.1.x86_64.rpm
1138acd0612b3e1c235cd8e4d5a0e154 2007.1/SRPMS/samba-3.0.24-2.2mdv2007.1.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFGVOzqmqjQ0CJFipgRAtW5AKDaH6H9/e+8blA6CWIxQ6/ztdfjwwCgq1id
yNfTE1IaN5b+XGk4fbmBQCQ=
=8R4s
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists