----------------------------------------------------------------------- Immunix Secured OS Security Advisory Packages updated: samba Affected products: ImmunixOS 6.2, 7.0, 7+ Bugs fixed: CAN-2003-0085 Date: Mon Mar 31 2003 Advisory ID: IMNX-2003-7+-003-01 Author: Seth Arnold <sarnoldat_private> ----------------------------------------------------------------------- Description: Quoting from the Samba security advisory: The SuSE security audit team, in particular Sebastian Krahmer <krahmerat_private>, has found a flaw in the Samba main smbd code which could allow an external attacker to remotely and anonymously gain Super User (root) privileges on a server running a Samba server. in more detail: A buffer overrun condition exists in the SMB/CIFS packet fragment re-assembly code in smbd which would allow an attacker to cause smbd to overwrite arbitrary areas of memory in its own process address space. This could allow a skilled attacker to inject binary specific exploit code into smbd. The patch was prepared by "Jeremy Allison and reviewed by engineers from the Samba Team, SuSE, HP, SGI, Apple, and the Linux vendor engineers on the Linux Vendor security mailing list." We would like to thank Jay Fenlason at Red Hat for separating the security-critical portions of the patch apart from the rest of the Samba-supplied fix. References: http://us1.samba.org/samba/whatsnew/samba-2.2.8.html Package names and locations: Precompiled binary packages for Immunix 7+ are available at: http://download.immunix.org/ImmunixOS/7+/Updates/RPMS/samba-2.0.10-2_imnx_2.i386.rpm http://download.immunix.org/ImmunixOS/7+/Updates/RPMS/samba-client-2.0.10-2_imnx_2.i386.rpm http://download.immunix.org/ImmunixOS/7+/Updates/RPMS/samba-common-2.0.10-2_imnx_2.i386.rpm Immunix OS 7+ md5sums: a74de332ef912b659dee405e996682b9 samba-2.0.10-2_imnx_2.i386.rpm 0ea784704399dd90280766d378cbf410 samba-client-2.0.10-2_imnx_2.i386.rpm 2c206898ffed86f63eb1c96bf8b542c2 samba-common-2.0.10-2_imnx_2.i386.rpm GPG verification: Our public key is available at <http://wirex.com/security/GPG_KEY>. NOTE: Ibiblio is graciously mirroring our updates, so if the links above are slow, please try: ftp://ftp.ibiblio.org/pub/Linux/distributions/immunix/ or one of the many mirrors available at: http://www.ibiblio.org/pub/Linux/MIRRORS.html ImmunixOS 6.2 is no longer officially supported. ImmunixOS 7.0 is no longer officially supported. Contact information: To report vulnerabilities, please contact securityat_private WireX attempts to conform to the RFP vulnerability disclosure protocol <http://www.wiretrip.net/rfp/policy.html>.
This archive was generated by hypermail 2b30 : Mon Mar 31 2003 - 23:57:13 PST