The OpenNET Project
 
Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY
LINKS NEWS MAN DOCUMENTATION


[USN-680-1] Samba vulnerability


<< Previous INDEX Search src / Print Next >>
Subject: [USN-680-1] Samba vulnerability
From: Marc Deslauriers <marc.deslauriers@canonical.com.>
To: [email protected]
Cc: "[email protected]" <bugtraq@securityfocus.com.>,
        [email protected]
X-Original-To: [email protected]
X-Mailcontrol-Inbound: 
 uq3drnD2P+ps5SfEb0fvr78+NoP1DHBZwGqKpaXB2eTgNv8D6KLIxb8+NoP1DHBZ8VSaBg0k0xw=
X-Spam-Score: -8.2
X-Scanned-By: MailControl A_08_51_00 (www.mailcontrol.com) on 10.74.0.140
Content-Type: multipart/signed; micalg="pgp-sha1"; protocol="application/pgp-signature"; boundary="=-ATOrbRjUE+KJweMWF8u2"
Date: Thu, 27 Nov 2008 09:22:56 -0500
Message-Id: <1227795776.7497.25.camel@mdlinux.technorage.com.>
Mime-Version: 1.0
X-Mailer: Evolution 2.24.1 
X-Virus-Scanned: antivirus-gw at tyumen.ru


--=-ATOrbRjUE+KJweMWF8u2
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D
Ubuntu Security Notice USN-680-1          November 27, 2008
samba vulnerability
CVE-2008-4314
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D

A security issue affects the following Ubuntu releases:

Ubuntu 8.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 8.10:
  samba                           2:3.2.3-1ubuntu3.3

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

It was discovered that Samba did not properly perform bounds checking
in certain operations. A remote attacker could possibly exploit this to
read arbitrary memory contents of the smb process, which could contain
sensitive infomation or possibly have other impacts, such as a denial of
service.


Updated packages for Ubuntu 8.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.2.3-1ubuntu=
3.3.diff.gz
      Size/MD5:   228354 f83899fe1c0310461296b328ad6bfd8a
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.2.3-1ubuntu=
3.3.dsc
      Size/MD5:     1902 bddef52582baae072593399147119e19
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.2.3.orig.ta=
r.gz
      Size/MD5: 23704996 c1630a57ac0ec24bc364c6d11c93ec35

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-doc-pdf_3.2.3=
-1ubuntu3.3_all.deb
      Size/MD5:  6261250 3cba32a86b765dfea7077fa0ef8a3672
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-doc_3.2.3-1ub=
untu3.3_all.deb
      Size/MD5:  7954632 af31dc4ce959b1a05be7944262bb460a

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libpam-smbpass_3.2.=
3-1ubuntu3.3_amd64.deb
      Size/MD5:   638612 859812590427a224dec70dc759d818c3
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.=
2.3-1ubuntu3.3_amd64.deb
      Size/MD5:  1968518 6ab7366368c73cb7f946a28e1d20ad2c
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.2.3-=
1ubuntu3.3_amd64.deb
      Size/MD5:  1370096 9582a74126b77e3f869f42e5c0379e6f
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libwbclient0_3.2.3-=
1ubuntu3.3_amd64.deb
      Size/MD5:    88960 23c38ec3c526226430c1173f5c50ac47
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.2.3-=
1ubuntu3.3_amd64.deb
      Size/MD5:  3815516 e3c4879c048360a4daa5abccd509d029
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-dbg_3.2.3-1ub=
untu3.3_amd64.deb
      Size/MD5:  1993296 0abd10cc0387017d20dfadfa24f190fd
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-tools_3.2.3-1=
ubuntu3.3_amd64.deb
      Size/MD5:  5802316 417b6dca7b8e975b3acac82e4c58bf14
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.2.3-1ubuntu=
3.3_amd64.deb
      Size/MD5:  4908438 1f5a980c1c5d2f9d88ea3094299f5387
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.2.3-1ub=
untu3.3_amd64.deb
      Size/MD5:  7173420 abba71e4d522228c21dc69192ab3cd54
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.2.3-1ubuntu=
3.3_amd64.deb
      Size/MD5:  1529316 51431c5d7a5f197af8afcc09517a399d
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/swat_3.2.3-1ubuntu3=
.3_amd64.deb
      Size/MD5:  1112612 7cd0400093eb599cba999997ed5fae88
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/winbind_3.2.3-1ubun=
tu3.3_amd64.deb
      Size/MD5:  3349842 f7d99beef190cf414929348909a804df

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libpam-smbpass_3.2.=
3-1ubuntu3.3_i386.deb
      Size/MD5:   573952 859f986a3de794cf5ed27dd389ee5af4
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.=
2.3-1ubuntu3.3_i386.deb
      Size/MD5:  1844424 30c0faf257433a05bfb52b9bea4865e3
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.2.3-=
1ubuntu3.3_i386.deb
      Size/MD5:  1217612 a5a83d72421dbb1515664ede686c12b0
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libwbclient0_3.2.3-=
1ubuntu3.3_i386.deb
      Size/MD5:    87500 fd76021d354c819a59785feccc4d33ea
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.2.3-=
1ubuntu3.3_i386.deb
      Size/MD5:  3459318 afe074065bb487232a2225bef9b190e3
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-dbg_3.2.3-1ub=
untu3.3_i386.deb
      Size/MD5:  2077272 acf1cad8b773d7ad2a72491c8d4422af
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-tools_3.2.3-1=
ubuntu3.3_i386.deb
      Size/MD5:  5161222 28214840e0f4335658d203c8746a6f94
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.2.3-1ubuntu=
3.3_i386.deb
      Size/MD5:  4368894 1bf3bef3fbe5b302ec646a00d1c06bfe
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.2.3-1ub=
untu3.3_i386.deb
      Size/MD5:  6402702 d9e0653f05f4ec133e52560ee6f50946
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.2.3-1ubuntu=
3.3_i386.deb
      Size/MD5:  1375852 8a134dc464ab4ffed997918f6b3206be
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/swat_3.2.3-1ubuntu3=
.3_i386.deb
      Size/MD5:  1006506 02f42b331a7fb36a0642a37cb1fe68b3
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/winbind_3.2.3-1ubun=
tu3.3_i386.deb
      Size/MD5:  2975264 11b04715205be1568369645b83e33636

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/s/samba/libpam-smbpass_3.2.3-1ubuntu3=
.3_lpia.deb
      Size/MD5:   553626 f5c3dce8e75a3b2830c0060286302d16
    http://ports.ubuntu.com/pool/main/s/samba/libsmbclient-dev_3.2.3-1ubunt=
u3.3_lpia.deb
      Size/MD5:  1769074 0982655253fa1150bc65aee04d3e8dde
    http://ports.ubuntu.com/pool/main/s/samba/libsmbclient_3.2.3-1ubuntu3.3=
_lpia.deb
      Size/MD5:  1160830 e9a8e86dd90a0002ccb11e4edba9361a
    http://ports.ubuntu.com/pool/main/s/samba/libwbclient0_3.2.3-1ubuntu3.3=
_lpia.deb
      Size/MD5:    86950 5820ad4178a4bcc540b450dc04a22249
    http://ports.ubuntu.com/pool/main/s/samba/samba-common_3.2.3-1ubuntu3.3=
_lpia.deb
      Size/MD5:  3328568 b2b7ad364090ad386190585312866a26
    http://ports.ubuntu.com/pool/main/s/samba/samba-dbg_3.2.3-1ubuntu3.3_lp=
ia.deb
      Size/MD5:  2069634 1b7c75e44b5fc2e493e588973070437d
    http://ports.ubuntu.com/pool/main/s/samba/samba-tools_3.2.3-1ubuntu3.3_=
lpia.deb
      Size/MD5:  4949830 c8521b495f15ed0bff9adbc14d60048c
    http://ports.ubuntu.com/pool/main/s/samba/samba_3.2.3-1ubuntu3.3_lpia.d=
eb
      Size/MD5:  4197320 3f8e36ba5e4b1eea985592e29899b363
    http://ports.ubuntu.com/pool/main/s/samba/smbclient_3.2.3-1ubuntu3.3_lp=
ia.deb
      Size/MD5:  6136768 72a65ce1b83ea7d47577bc6d5e0a2eda
    http://ports.ubuntu.com/pool/main/s/samba/smbfs_3.2.3-1ubuntu3.3_lpia.d=
eb
      Size/MD5:  1317110 321bdeeb2b86304c127808ea96ec1c5a
    http://ports.ubuntu.com/pool/main/s/samba/swat_3.2.3-1ubuntu3.3_lpia.de=
b
      Size/MD5:   968290 4727bed25a79e31cad479372e2fc7642
    http://ports.ubuntu.com/pool/main/s/samba/winbind_3.2.3-1ubuntu3.3_lpia=
.deb
      Size/MD5:  2855842 fc0f25c386587abc402bbf21641c6d59

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/s/samba/libpam-smbpass_3.2.3-1ubuntu3=
.3_powerpc.deb
      Size/MD5:   606438 02c15552b12b7628b0b2aaf1489d639c
    http://ports.ubuntu.com/pool/main/s/samba/libsmbclient-dev_3.2.3-1ubunt=
u3.3_powerpc.deb
      Size/MD5:  1730286 81ec2b2edd4b2bc80b0ef2840cb0a7d8
    http://ports.ubuntu.com/pool/main/s/samba/libsmbclient_3.2.3-1ubuntu3.3=
_powerpc.deb
      Size/MD5:  1255004 e01291af6798ff5c11a64b9787e8fdfc
    http://ports.ubuntu.com/pool/main/s/samba/libwbclient0_3.2.3-1ubuntu3.3=
_powerpc.deb
      Size/MD5:    88902 14c7c4184eb595364872552e92969a68
    http://ports.ubuntu.com/pool/main/s/samba/samba-common_3.2.3-1ubuntu3.3=
_powerpc.deb
      Size/MD5:  3600158 08f75422765fc166c3b52d76e3ee3975
    http://ports.ubuntu.com/pool/main/s/samba/samba-dbg_3.2.3-1ubuntu3.3_po=
werpc.deb
      Size/MD5:  2058508 98110429e0addce3671bc3752687765b
    http://ports.ubuntu.com/pool/main/s/samba/samba-tools_3.2.3-1ubuntu3.3_=
powerpc.deb
      Size/MD5:  5474700 fedc748ab8921bcab6a8c43f32dc1155
    http://ports.ubuntu.com/pool/main/s/samba/samba_3.2.3-1ubuntu3.3_powerp=
c.deb
      Size/MD5:  4639906 0a9141a34e4e7b4562ac9ac377b6f346
    http://ports.ubuntu.com/pool/main/s/samba/smbclient_3.2.3-1ubuntu3.3_po=
werpc.deb
      Size/MD5:  6653490 030bbc895d8cd8d6c7a77362d46cbf11
    http://ports.ubuntu.com/pool/main/s/samba/smbfs_3.2.3-1ubuntu3.3_powerp=
c.deb
      Size/MD5:  1417392 3a8a72968d94cd30997d9e7df003e4a0
    http://ports.ubuntu.com/pool/main/s/samba/swat_3.2.3-1ubuntu3.3_powerpc=
.deb
      Size/MD5:  1046090 e9e435264613362d54c3992811163638
    http://ports.ubuntu.com/pool/main/s/samba/winbind_3.2.3-1ubuntu3.3_powe=
rpc.deb
      Size/MD5:  3122962 5796717921a7f8fc6ed4953f0060164f

  sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/s/samba/libpam-smbpass_3.2.3-1ubuntu3=
.3_sparc.deb
      Size/MD5:   592598 f16838642c3e5671ae85740b83872e3c
    http://ports.ubuntu.com/pool/main/s/samba/libsmbclient-dev_3.2.3-1ubunt=
u3.3_sparc.deb
      Size/MD5:  2008144 aa0f3ceb8e34e4563c799e04d91503b5
    http://ports.ubuntu.com/pool/main/s/samba/libsmbclient_3.2.3-1ubuntu3.3=
_sparc.deb
      Size/MD5:  1215988 3377b235769c891b5ad54ec0a92cc0e9
    http://ports.ubuntu.com/pool/main/s/samba/libwbclient0_3.2.3-1ubuntu3.3=
_sparc.deb
      Size/MD5:    87522 3ece3744e0724f32a9944f42f2e6ef74
    http://ports.ubuntu.com/pool/main/s/samba/samba-common_3.2.3-1ubuntu3.3=
_sparc.deb
      Size/MD5:  3501358 fd3fcb79e4510295ca1e60e5d988143e
    http://ports.ubuntu.com/pool/main/s/samba/samba-dbg_3.2.3-1ubuntu3.3_sp=
arc.deb
      Size/MD5:  2007530 f70762bdf8e0d52ef368591208b3ed15
    http://ports.ubuntu.com/pool/main/s/samba/samba-tools_3.2.3-1ubuntu3.3_=
sparc.deb
      Size/MD5:  5327728 863297237833a73d8de68ab2f17d044b
    http://ports.ubuntu.com/pool/main/s/samba/samba_3.2.3-1ubuntu3.3_sparc.=
deb
      Size/MD5:  4502036 47a9306d4265522b980ae835fd711697
    http://ports.ubuntu.com/pool/main/s/samba/smbclient_3.2.3-1ubuntu3.3_sp=
arc.deb
      Size/MD5:  6448006 8aeae36c0d511196a6bbbe3bfcf78370
    http://ports.ubuntu.com/pool/main/s/samba/smbfs_3.2.3-1ubuntu3.3_sparc.=
deb
      Size/MD5:  1371010 777c03deb6f03eb87a500b95af21a5c6
    http://ports.ubuntu.com/pool/main/s/samba/swat_3.2.3-1ubuntu3.3_sparc.d=
eb
      Size/MD5:  1019660 95a8a0591ba092a066ce2789644ed538
    http://ports.ubuntu.com/pool/main/s/samba/winbind_3.2.3-1ubuntu3.3_spar=
c.deb
      Size/MD5:  3028816 eaae5c19dff7595cdc553106879621c7



--=-ATOrbRjUE+KJweMWF8u2
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEABECAAYFAkkurT0ACgkQLMAs/0C4zNprAwCfS9EmSnn7rED11SKj4TF9gu+r
1bAAoL+/Aaazb+9XscnLWTpDsO1Yj+TM
=WrIZ
-----END PGP SIGNATURE-----

--=-ATOrbRjUE+KJweMWF8u2--



<< Previous INDEX Search src / Print Next >>



Партнёры:
PostgresPro
Inferno Solutions
Hosting by Hoster.ru
Хостинг:

Закладки на сайте
Проследить за страницей
Created 1996-2024 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру