lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1NHMdJ-0008L9-65@titan.mandriva.com>
Date: Sun, 06 Dec 2009 20:19:01 +0100
From: security@...driva.com
To: full-disclosure@...ts.grok.org.uk
Subject: [ MDVSA-2009:320 ] samba


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2009:320
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : samba
 Date    : December 6, 2009
 Affected: 2008.0
 _______________________________________________________________________

 Problem Description:

 Multiple vulnerabilities has been found and corrected in samba:
 
 The acl_group_override function in smbd/posix_acls.c in smbd in Samba
 3.0.x before 3.0.35, 3.1.x and 3.2.x before 3.2.13, and 3.3.x before
 3.3.6, when dos filemode is enabled, allows remote attackers to modify
 access control lists for files via vectors related to read access to
 uninitialized memory (CVE-2009-1888).
 
 The SMB (aka Samba) subsystem in Apple Mac OS X 10.5.8, when Windows
 File Sharing is enabled, does not properly handle errors in resolving
 pathnames, which allows remote authenticated users to bypass intended
 sharing restrictions, and read, create, or modify files, in certain
 circumstances involving user accounts that lack home directories
 (CVE-2009-2813).
 
 smbd in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8,
 and 3.4 before 3.4.2 allows remote authenticated users to cause a
 denial of service (infinite loop) via an unanticipated oplock break
 notification reply packet (CVE-2009-2906).
 
 mount.cifs in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before
 3.3.8 and 3.4 before 3.4.2, when mount.cifs is installed suid root,
 does not properly enforce permissions, which allows local users to
 read part of the credentials file and obtain the password by specifying
 the path to the credentials file and using the --verbose or -v option
 (CVE-2009-2948).
 
 The version of samba shipping with Mandriva Linux 2008.0 has been
 updated to the latest version (3.0.37) that includes the fixes for
 these issues.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1888
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2813
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2906
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2948
 http://www.samba.org/samba/security/CVE-2009-2813.html
 http://www.samba.org/samba/security/CVE-2009-2906.html
 http://www.samba.org/samba/security/CVE-2009-2948.html
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2008.0:
 dd63a83b66113c6868679d69c6465bc3  2008.0/i586/libsmbclient0-3.0.37-0.1mdv2008.0.i586.rpm
 93bfb74360ddc2dd279d4e2101f84fbc  2008.0/i586/libsmbclient0-devel-3.0.37-0.1mdv2008.0.i586.rpm
 321d998b7db0645174182d55ef20fcf7  2008.0/i586/libsmbclient0-static-devel-3.0.37-0.1mdv2008.0.i586.rpm
 be767601a25c3d2f7e3774a5389d4592  2008.0/i586/mount-cifs-3.0.37-0.1mdv2008.0.i586.rpm
 b907c06e94f80e049dcd70004f594c02  2008.0/i586/nss_wins-3.0.37-0.1mdv2008.0.i586.rpm
 917d9b433270264e4cf3b34f34d2321c  2008.0/i586/samba-client-3.0.37-0.1mdv2008.0.i586.rpm
 5708af3868e7285d8236438a86300f6b  2008.0/i586/samba-common-3.0.37-0.1mdv2008.0.i586.rpm
 ad4879729e556f3301081783bcaac490  2008.0/i586/samba-doc-3.0.37-0.1mdv2008.0.i586.rpm
 4e015a64b77bce05dfa3d867f050d012  2008.0/i586/samba-server-3.0.37-0.1mdv2008.0.i586.rpm
 d64cca7a719a74ec788a23fd312e3a99  2008.0/i586/samba-swat-3.0.37-0.1mdv2008.0.i586.rpm
 4e24335e02b04cc4c5bdd6ded27fdbe4  2008.0/i586/samba-vscan-icap-3.0.37-0.1mdv2008.0.i586.rpm
 c2db429ba1a00044a5e982737d1a182e  2008.0/i586/samba-winbind-3.0.37-0.1mdv2008.0.i586.rpm 
 3c440be2ff2004d3e3e79c30fd744991  2008.0/SRPMS/samba-3.0.37-0.1mdv2008.0.src.rpm

 Mandriva Linux 2008.0/X86_64:
 11fd683e8881b23604d2087550abf530  2008.0/x86_64/lib64smbclient0-3.0.37-0.1mdv2008.0.x86_64.rpm
 64ecceaa599d680b8373efa8ad2a9d8d  2008.0/x86_64/lib64smbclient0-devel-3.0.37-0.1mdv2008.0.x86_64.rpm
 57d8e14a11103a828c3159173680ff9c  2008.0/x86_64/lib64smbclient0-static-devel-3.0.37-0.1mdv2008.0.x86_64.rpm
 0417912110787278d827193a39ba9e2e  2008.0/x86_64/mount-cifs-3.0.37-0.1mdv2008.0.x86_64.rpm
 142d13cb94cb2daba8d7db19b73bd5f8  2008.0/x86_64/nss_wins-3.0.37-0.1mdv2008.0.x86_64.rpm
 18e53c0c6376e59454d82e24df113e6b  2008.0/x86_64/samba-client-3.0.37-0.1mdv2008.0.x86_64.rpm
 4bc6e0d1b91696270ef591f700a96d10  2008.0/x86_64/samba-common-3.0.37-0.1mdv2008.0.x86_64.rpm
 7394ea34d00d1cc231d9755c553bb8c0  2008.0/x86_64/samba-doc-3.0.37-0.1mdv2008.0.x86_64.rpm
 d406df053249c2970cd180e4a1501d2d  2008.0/x86_64/samba-server-3.0.37-0.1mdv2008.0.x86_64.rpm
 34a7b8af585211e478e32182d7290f2b  2008.0/x86_64/samba-swat-3.0.37-0.1mdv2008.0.x86_64.rpm
 31fda5329b280c33c5ea5257af8ffb9e  2008.0/x86_64/samba-vscan-icap-3.0.37-0.1mdv2008.0.x86_64.rpm
 15e1b26b58908f28cf82d98f5f074304  2008.0/x86_64/samba-winbind-3.0.37-0.1mdv2008.0.x86_64.rpm 
 3c440be2ff2004d3e3e79c30fd744991  2008.0/SRPMS/samba-3.0.37-0.1mdv2008.0.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFLG9hWmqjQ0CJFipgRAkzjAJ9l9txmIdbMpLFLEDOsZAcRVotVYgCg4eWs
eY4frRg9jJHVk9bBK6TtUoI=
=AOrt
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ