[securityat_private: [slackware-security] Samba buffer overflow fixed]

From: White Vampire (whitevampireat_private)
Date: Sat Mar 29 2003 - 10:09:04 PST

  • Next message: Michal Zalewski: "[Full-Disclosure] Sendmail: -1 gone wild" 

    -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ----- Forwarded message from Slackware Security Team <securityat_private> -----

Return-Path: <owner-slackware-securityat_private>
Delivered-To: whitvamp@localhost
Received: (qmail 18002 invoked from network); 25 Mar 2003 19:18:43 -0000
Received: from localhost (127.0.0.1)
  by localhost with SMTP; 25 Mar 2003 19:18:43 -0000
Delivered-To: vampwhitat_private
Received: from mail102.csoft.net [63.111.26.110]
	by localhost with POP3 (fetchmail-5.8.3)
	for whitvamp@localhost (single-drop); Tue, 25 Mar 2003 14:18:43 -0500 (EST)
Received: (qmail 7867 invoked from network); 16 Mar 2003 00:25:11 -0000
Received: from unknown (HELO mta1-3.us4.outblaze.com) (205.158.62.44)
  by mail102.csoft.net with SMTP; 16 Mar 2003 00:25:11 -0000
Received: from spf12.us4.outblaze.com (205-158-62-36.outblaze.com [205.158.62.36])
	by mta1-3.us4.outblaze.com (Postfix) with ESMTP id 55B766ECCB4
	for <vampwhitat_private>; Sun, 16 Mar 2003 00:21:13 +0000 (GMT)
Received: from spf8.us4.outblaze.com (205-158-62-35.outblaze.com [205.158.62.35])
	by spf12.us4.outblaze.com (Postfix) with ESMTP id 3D9BA58036
	for <whitevampireat_private>; Sun, 16 Mar 2003 00:16:13 +0000 (GMT)
Received: from bob.slackware.com (slackware.com [64.57.102.34])
	by spf8.us4.outblaze.com (8.12.8/8.12.7) with ESMTP id h2G0LCQu012305
	for <whitevampireat_private>; Sun, 16 Mar 2003 00:21:12 GMT
Received: (from daemon@localhost)
	by bob.slackware.com (8.11.6/8.11.6) id h2FMtNZ04882
	for slackware-security-outgoing; Sat, 15 Mar 2003 14:55:23 -0800
Received: from localhost (security@localhost)
	by bob.slackware.com (8.11.6/8.11.6) with ESMTP id h2FMtM704879
	for <slackware-securityat_private>; Sat, 15 Mar 2003 14:55:22 -0800
Date: Sat, 15 Mar 2003 14:55:22 -0800 (PST)
From: Slackware Security Team <securityat_private>
To: slackware-securityat_private
Subject: [slackware-security]  Samba buffer overflow fixed
Message-ID: <Pine.LNX.4.21.0303151454380.4864-100000at_private>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-slackware-securityat_private
Precedence: bulk
Reply-To: Slackware Security Team <securityat_private>


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security]  Samba buffer overflow fixed

The samba packages in Slackware 8.1 and -current have been patched to fix
a security problem.  All sites running samba should upgrade.  


Here are the details from the Slackware 8.1 ChangeLog:
+--------------------------+
Sat Mar 15 13:49:04 PST 2003
patches/packages/samba-2.2.8-i386-1.tgz:  Upgraded to Samba 2.2.8.

  From the Samba web site:

     * (14th Mar, 2003) Security Release - Samba 2.2.8

     A flaw has been detected in the Samba main smbd code which
     could allow an external attacker to remotely and anonymously
     gain Super User (root) privileges on a server running a
     Samba server. This flaw exists in previous versions of Samba
     from 2.0.x to 2.2.7a inclusive. This is a serious problem
     and all sites should either upgrade to Samba 2.2.8
     immediately or prohibit access to TCP ports 139 and 445.

(* Security fix *)
+--------------------------+

More information may be found in the Samba release notes.



WHERE TO FIND THE NEW PACKAGES:
+-----------------------------+

Updated Samba package for Slackware 8.1:
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/samba-2.2.8-i386-1.tgz

Updated Samba package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/samba-2.2.8-i386-1.tgz



MD5 SIGNATURES:
+-------------+

Here are the md5sums for the packages:

Slackware 8.1 package:
be4bee0ed2c50e9313150843e41b09ad  samba-2.2.8-i386-1.tgz

Slackware -current package:
940d26d3f74763524976a61f44637b22  samba-2.2.8-i386-1.tgz



INSTALLATION INSTRUCTIONS:
+------------------------+

As root, upgrade the samba package(s) with upgradepkg:

upgradepkg samba-2.2.8-i386-1.tgz

Then, restart samba:

/etc/rc.d/rc.samba restart



+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
securityat_private

+------------------------------------------------------------------------+
| HOW TO REMOVE YOURSELF FROM THIS MAILING LIST:                         |
+------------------------------------------------------------------------+
| Send an email to majordomoat_private with this text in the body of |
| the email message:                                                     |
|                                                                        |
|   unsubscribe slackware-security                                       |
|                                                                        |
| You will get a confirmation message back.  Follow the instructions to  |
| complete the unsubscription.  Do not reply to this message to          |
| unsubscribe!                                                           |
+------------------------------------------------------------------------+

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE+c6CcakRjwEAQIjMRAksxAJ4jbhqBtqRD2FqGIx5bVFg8isApwwCfSO2C
VZ9TRhF307P8DfFZn6jo4f4=
=V9F1
- -----END PGP SIGNATURE-----



- ----- End forwarded message -----

- -- 
\   | \  /  White Vampire\Rem                |  http://gammaforce.org/
 \|\|  \/   whitevampireat_private        |  http://gammagear.com/
"Silly hacker, root is for administrators."  |  http://webfringe.com/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.5 (GNU/Linux)

iD8DBQE+heFA3+rxmnEDyl8RAqv9AJ0RmzsMAB5ceihz9SO594A/BHo+vQCfe99d
QKPR5TuS7rEgagv4UpwecQk=
=SRoG
-----END PGP SIGNATURE-----

    This archive was generated by hypermail 2b30 : Sat Mar 29 2003 - 12:32:37 PST