-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
______________________________________________________________________________
Caldera International, Inc. Security Advisory
Subject: Linux - samba /tmp problems
Advisory number: CSSA-2001-018.1
Issue date: 2001 May, 18
Last change: 2001 June, 26
Cross reference: CSSA-2001-015.0
______________________________________________________________________________
1. Problem Description
The previous Samba update fixed several places within the
samba server code that allowed local attackers to gain root
access.
Unfortunately the patch used was slightly incorrect and did not
fix the problem completely.
The Samba 2.0.9 release fixes this problem, this security
update backports it to our released Samba packages.
This additional CSSA releases fixed packages for the OpenLinux
3.1 series of products.
2. Vulnerable Versions
System Package
-----------------------------------------------------------
OpenLinux 2.3 All packages previous to
samba-2.0.5-3
OpenLinux eServer 2.3.1 All packages previous to
and OpenLinux eBuilder samba-2.0.5-3S
OpenLinux eDesktop 2.4 All packages previous to
samba-2.0.6-4
OpenLinux 3.1 Server All packages previous to
samba-2.0.9-1
OpenLinux 3.1 Workstation All packages previous to
samba-2.0.9-1
3. Solution
Workaround
none
The proper solution is to upgrade to the latest packages.
4. OpenLinux 2.3
4.1 Location of Fixed Packages
The upgrade packages can be found on Caldera's FTP site at:
ftp://ftp.calderasystems.com/pub/updates/OpenLinux/2.3/current/RPMS/
The corresponding source code package can be found at:
ftp://ftp.calderasystems.com/pub/updates/OpenLinux/2.3/current/SRPMS
4.2 Verification
6538311492da60de2fd81e4579c786af RPMS/samba-2.0.5-3.i386.rpm
098d66faee2cc1c50921f39dcd473aa2 RPMS/samba-doc-2.0.5-3.i386.rpm
fd564ec85358666bcfb5b691bd86f416 RPMS/smbfs-2.0.5-3.i386.rpm
111c64faf3524930b6c648beba2a7e62 RPMS/swat-2.0.5-3.i386.rpm
8fb09b8512aee8d5164d5fa9abef8205 SRPMS/samba-2.0.5-3.src.rpm
4.3 Installing Fixed Packages
Upgrade the affected packages with the following commands:
rpm -Fhv s*.i386.rpm
5. OpenLinux eServer 2.3.1 and OpenLinux eBuilder for ECential 3.0
5.1 Location of Fixed Packages
The upgrade packages can be found on Caldera's FTP site at:
ftp://ftp.calderasystems.com/pub/updates/eServer/2.3/current/RPMS/
The corresponding source code package can be found at:
ftp://ftp.calderasystems.com/pub/updates/eServer/2.3/current/SRPMS
5.2 Verification
39cc6ebd5216649346a7091395aee135 RPMS/samba-2.0.5-3S.i386.rpm
b4278e491326d4ce3a7b81d017872bce RPMS/samba-doc-2.0.5-3S.i386.rpm
d3b59dfa2a365a6c0a13d580164f8b58 RPMS/smbfs-2.0.5-3S.i386.rpm
cef24c9d65a9365ccec3753828c5c945 RPMS/swat-2.0.5-3S.i386.rpm
e35e8e614a4d5f597b5f9a764162778d SRPMS/samba-2.0.5-3S.src.rpm
5.3 Installing Fixed Packages
Upgrade the affected packages with the following commands:
rpm -Fvh s*i386.rpm
6. OpenLinux eDesktop 2.4
6.1 Location of Fixed Packages
The upgrade packages can be found on Caldera's FTP site at:
ftp://ftp.calderasystems.com/pub/updates/eDesktop/2.4/current/RPMS/
The corresponding source code package can be found at:
ftp://ftp.calderasystems.com/pub/updates/eDesktop/2.4/current/SRPMS
6.2 Verification
1ff64fd57d531816037ac1c1d18b6abd RPMS/samba-2.0.6-4.i386.rpm
cdb3f575cbbc503699bf71e53354e382 RPMS/samba-doc-2.0.6-4.i386.rpm
e7b7c7eb3b1ad3a80f45904607488eec RPMS/smbfs-2.0.6-4.i386.rpm
3d1b49c60f4359b0ee95dd5457f72ccf RPMS/swat-2.0.6-4.i386.rpm
b7ec58e0edc4217b2c8f19f3edb3de95 SRPMS/samba-2.0.6-4.src.rpm
6.3 Installing Fixed Packages
Upgrade the affected packages with the following commands:
rpm -Fvh s*i386.rpm
7. OpenLinux 3.1 Server
7.1 Location of Fixed Packages
The upgrade packages can be found on Caldera's FTP site at:
ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/RPMS/
The corresponding source code package can be found at:
ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/SRPMS
7.2 Verification
e7c8db2cc3bfae03b5aba9fc9df595b5 RPMS/samba-2.0.9-1.i386.rpm
b2c321bc2662ed5a35738a8cbde612bd RPMS/samba-doc-2.0.9-1.i386.rpm
166ba51b4da417bda080ca8fbecf5fda RPMS/smbfs-2.0.9-1.i386.rpm
b3c5fd3f03c244b21942b2e4fb32f044 RPMS/swat-2.0.9-1.i386.rpm
8cf2bd7ab81c83bb15808a9c58e7383c SRPMS/samba-2.0.9-1.src.rpm
7.3 Installing Fixed Packages
Upgrade the affected packages with the following commands:
rpm -Fvh s*i386.rpm
or start kcupdate, the Caldera OpenLinux Update Manager
8. OpenLinux 3.1 Workstation
8.1 Location of Fixed Packages
The upgrade packages can be found on Caldera's FTP site at:
ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/RPMS/
The corresponding source code package can be found at:
ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/SRPMS
8.2 Verification
e7c8db2cc3bfae03b5aba9fc9df595b5 RPMS/samba-2.0.9-1.i386.rpm
b2c321bc2662ed5a35738a8cbde612bd RPMS/samba-doc-2.0.9-1.i386.rpm
166ba51b4da417bda080ca8fbecf5fda RPMS/smbfs-2.0.9-1.i386.rpm
b3c5fd3f03c244b21942b2e4fb32f044 RPMS/swat-2.0.9-1.i386.rpm
8cf2bd7ab81c83bb15808a9c58e7383c SRPMS/samba-2.0.9-1.src.rpm
8.3 Installing Fixed Packages
Upgrade the affected packages with the following commands:
rpm -Fvh s*i386.rpm
or start kcupdate, the Caldera OpenLinux Update Manager
9. References
This and other Caldera security resources are located at:
http://www.caldera.com/support/security/index.html
This security fix closes Caldera's internal Problem Report 9736.
10.Disclaimer
Caldera International, Inc. is not responsible for the misuse of
any of the information we provide on this website and/or through our
security advisories. Our advisories are a service to our customers
intended to promote secure installation and use of Caldera International
products.
11.Acknowledgements:
Caldera International wishes to thank the Samba Team for spotting and
fixing this problem.
______________________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE7OFXk18sy83A/qfwRApNnAKCVsyfb//eq6psoPy/0JPKKozSRmQCeNu4b
u0BmR6q7JZESKe+NX6GzrSM=
=Z6vG
-----END PGP SIGNATURE-----
This archive was generated by hypermail 2b30 : Wed Jun 27 2001 - 12:12:54 PDT