[<prev] [next>] [day] [month] [year] [list]
Message-id: <E1IvhdR-0002bN-56@artemis.annvix.ca>
Date: Fri, 23 Nov 2007 16:08:33 -0700
From: security@...driva.com
To: full-disclosure@...ts.grok.org.uk
Subject: [ MDKSA-2007:224-2 ] - Updated samba packages fix
vulnerabilities
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDKSA-2007:224-2
http://www.mandriva.com/security/
_______________________________________________________________________
Package : samba
Date : November 23, 2007
Affected: Corporate 4.0
_______________________________________________________________________
Problem Description:
The samba developers discovered that nmbd could be made to overrun a
buffer during the processing of GETDC logon server requests. If samba
is configured as a Primary or Backup Domain Controller, this could
be used by a remote attacker to send malicious logon requests and
possibly cause a denial of service (CVE-2007-4572).
As well, Alin Rad Pop of Secunia Research found that nmbd did not
properly check the length of netbios packets. If samba is configured
as a WINS server, this could be used by a remote attacker able to
send multiple crafted requests to nmbd, resulting in the execution
of arbitrary code with root privileges (CVE-2007-5398).
Update:
The update packages on Corporate Server 4.0 resulted in the nmbd daemon
crashing at startup. This update provides a newer version of samba
(3.0.23d) that does not exhibit this behaviour.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4572
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5398
https://bugzilla.samba.org/show_bug.cgi?id=5087
_______________________________________________________________________
Updated Packages:
Corporate 4.0:
41c2b0ec626a62d4636469f0a4abc122 corporate/4.0/i586/libsmbclient0-3.0.23d-2.5.20060mlcs4.i586.rpm
b2380f5bb41f43b140f712d2779c464b corporate/4.0/i586/libsmbclient0-devel-3.0.23d-2.5.20060mlcs4.i586.rpm
de0444838b89e9c131f6b0a4621e2e2f corporate/4.0/i586/libsmbclient0-static-devel-3.0.23d-2.5.20060mlcs4.i586.rpm
b873f3f0abfb534032b3af386e93d140 corporate/4.0/i586/mount-cifs-3.0.23d-2.5.20060mlcs4.i586.rpm
a19c2bcee8113213eb4604e5c0332911 corporate/4.0/i586/nss_wins-3.0.23d-2.5.20060mlcs4.i586.rpm
50b566c72bd6271192a7941ad59a7cb0 corporate/4.0/i586/samba-client-3.0.23d-2.5.20060mlcs4.i586.rpm
2dff89b3d6a67a01c6cafea248eb71d5 corporate/4.0/i586/samba-common-3.0.23d-2.5.20060mlcs4.i586.rpm
0bf0b632e3fc568419c97c1877f6bc4c corporate/4.0/i586/samba-doc-3.0.23d-2.5.20060mlcs4.i586.rpm
23c27abc018ae65533908a1baca2c0c7 corporate/4.0/i586/samba-server-3.0.23d-2.5.20060mlcs4.i586.rpm
60b7b583274f43499c3bdf3559aa302f corporate/4.0/i586/samba-smbldap-tools-3.0.23d-2.5.20060mlcs4.i586.rpm
5c9056e048d98cb58e8a35894c736276 corporate/4.0/i586/samba-swat-3.0.23d-2.5.20060mlcs4.i586.rpm
da5beb0046cd83d9933ea831b5e9c438 corporate/4.0/i586/samba-vscan-clamav-3.0.23d-2.5.20060mlcs4.i586.rpm
e0249c1674d0522193c3e70202435320 corporate/4.0/i586/samba-vscan-icap-3.0.23d-2.5.20060mlcs4.i586.rpm
796fedbfd45837999675bb5b4045235d corporate/4.0/i586/samba-winbind-3.0.23d-2.5.20060mlcs4.i586.rpm
5f40353a213e2bebebf371c72ddfe2b1 corporate/4.0/SRPMS/samba-3.0.23d-2.5.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
c9c0d5dcb254f6305600bb02eb0e3b18 corporate/4.0/x86_64/lib64smbclient0-3.0.23d-2.5.20060mlcs4.x86_64.rpm
09be16e2d1ea685279c37eeff6a90e0b corporate/4.0/x86_64/lib64smbclient0-devel-3.0.23d-2.5.20060mlcs4.x86_64.rpm
5e94d4196f379cfec358ed1b736b03bc corporate/4.0/x86_64/lib64smbclient0-static-devel-3.0.23d-2.5.20060mlcs4.x86_64.rpm
088f9e80ba87e192b8737bee83dac91a corporate/4.0/x86_64/mount-cifs-3.0.23d-2.5.20060mlcs4.x86_64.rpm
27a9ed71a0c76a375fc5e1120296d341 corporate/4.0/x86_64/nss_wins-3.0.23d-2.5.20060mlcs4.x86_64.rpm
9753f110549bd52f3bd84726318dc9ec corporate/4.0/x86_64/samba-client-3.0.23d-2.5.20060mlcs4.x86_64.rpm
11d1dce709be01ed76536298ad85885b corporate/4.0/x86_64/samba-common-3.0.23d-2.5.20060mlcs4.x86_64.rpm
6b282e5e806ac2d0d6f1562552fc73fa corporate/4.0/x86_64/samba-doc-3.0.23d-2.5.20060mlcs4.x86_64.rpm
c758477f5625979ae3068440c7abacb0 corporate/4.0/x86_64/samba-server-3.0.23d-2.5.20060mlcs4.x86_64.rpm
ffb25096a90df95d53130b2fa34a3163 corporate/4.0/x86_64/samba-smbldap-tools-3.0.23d-2.5.20060mlcs4.x86_64.rpm
0f6ead84c3367e6e5137e03318adccbf corporate/4.0/x86_64/samba-swat-3.0.23d-2.5.20060mlcs4.x86_64.rpm
93bf12146ec482a77a8ed3275a9dab36 corporate/4.0/x86_64/samba-vscan-clamav-3.0.23d-2.5.20060mlcs4.x86_64.rpm
664e2ce74d16bdced6d54e14d93b8fa2 corporate/4.0/x86_64/samba-vscan-icap-3.0.23d-2.5.20060mlcs4.x86_64.rpm
1e1807df9dafdd4492f73f09cca5aff4 corporate/4.0/x86_64/samba-winbind-3.0.23d-2.5.20060mlcs4.x86_64.rpm
5f40353a213e2bebebf371c72ddfe2b1 corporate/4.0/SRPMS/samba-3.0.23d-2.5.20060mlcs4.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFHRzKvmqjQ0CJFipgRAs5EAKCJQk0THNKipbkmLa9g8V7YqzQCqgCgyUng
oxNUAyTf1Yb0f1iysqfTW+s=
=7bX7
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists