TSLSA-2001-0011 - Samba

From: Trustix Secure Linux Advisor (tslat_private)
Date: Wed Jun 27 2001 - 06:14:02 PDT

  • Next message: Cisco Systems Product Security Incident Response Team: "Cisco Security Advisory: Multiple SSH vulnerabilities" 

    -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Trustix Secure Linux Security Advisory #2001-0011

Package name:      Samba
Severity:          Possible root exploit
Date:              2001-06-27
Affected versions: TSL 1.01, 1.1, 1.2

 --------------------------------------------------------------------------

Problem description:
  From the Samba Advisory:
    A serious security hole has been discovered in all versions of Samba
    that allows an attacker to gain root access on the target machine for
    certain types of common Samba configuration.

    A remote attacker can use a netbios name containing unix path
    characters which will then be substituted into the %m macro wherever
    it occurs in smb.conf. This can be used to cause Samba to create a log
    file on top of an important system file, which in turn can be used to
    compromise security on the server.

  Note that default configuration on TSL configuration prevents this from
  being exploited, but we feel that you should update none the less.

Action:
  We recommend that all systems with this package installed are upgraded.


Location:
  All TSL updates are available from
  <URI:http://www.trustix.net/pub/Trustix/updates/>
  <URI:ftp://ftp.trustix.net/pub/Trustix/updates/>


Automatic updates:
  Users of the SWUP tool, can enjoy having updates automatically
  installed using 'swup --upgrade'.
  Note that kernel packages are not normally fit to be upgraded this way
  and therefore excluded in the default configuration.

  Get SWUP from:
  <URI:ftp://ftp.trustix.net/pub/Trustix/software/swup/>


Questions?
  Check out our mailing lists:
  <URI:http://www.trustix.net/support/>


Verification:
  This advisory along with all TSL packages are signed with the TSL sign key.
  This key available from:
  <URI:http://www.trustix.net/TSL-GPG-KEY>

  The advisory itself is available from the errata page at
  <URI:http://www.trustix.net/errata/trustix-1.2/>
  or directly at
  <URI:http://www.trustix.net/errata/misc/2001/TSL-2001-0011-samba.asc.txt>

MD5sums of the packages:
- --------------------------------------------------------------------------
7aeb593ced521cdaa6c3c994c2867342  ./1.2/SRPMS/samba-2.0.10-1tr.src.rpm
2762fcc249b9ba26c9e1d8af61470c63  ./1.2/RPMS/samba-common-2.0.10-1tr.i586.rpm
9fecd414c6a7f8bad9dad887e57264ca  ./1.2/RPMS/samba-client-2.0.10-1tr.i586.rpm
81e93eb9c8117311a72e9873e68983fa  ./1.2/RPMS/samba-2.0.10-1tr.i586.rpm
7aeb593ced521cdaa6c3c994c2867342  ./1.1/SRPMS/samba-2.0.10-1tr.src.rpm
e47c87466c56db39cc83d0bd8d3ae562  ./1.1/RPMS/samba-common-2.0.10-1tr.i586.rpm
f0655a28deff40849653d21623eb0467  ./1.1/RPMS/samba-client-2.0.10-1tr.i586.rpm
54a66d71751d0d0347c984bf743f8db6  ./1.1/RPMS/samba-2.0.10-1tr.i586.rpm
- --------------------------------------------------------------------------


Trustix Security Team
 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE7OcliwRTcg4BxxS0RAvHHAJ9MHGvkDSdB73geOiwyDYQYVsYKtACfc8cw
Z8cl/wivorqYDxiZqP1op6A=
=PRmt
-----END PGP SIGNATURE-----

    This archive was generated by hypermail 2b30 : Wed Jun 27 2001 - 12:57:23 PDT