-----------------------------------------------------------------------
Immunix Secured OS Security Advisory
Packages updated: samba
Affected products: ImmunixOS 6.2, 7.0, 7+
Bugs fixed: CAN-2003-0085
Date: Mon Mar 31 2003
Advisory ID: IMNX-2003-7+-003-01
Author: Seth Arnold <sarnoldat_private>
-----------------------------------------------------------------------
Description:
Quoting from the Samba security advisory:
The SuSE security audit team, in particular Sebastian Krahmer
<krahmerat_private>, has found a flaw in the Samba main smbd code
which could allow an external attacker to remotely and anonymously
gain Super User (root) privileges on a server running a Samba server.
in more detail:
A buffer overrun condition exists in the SMB/CIFS packet fragment
re-assembly code in smbd which would allow an attacker to cause smbd
to overwrite arbitrary areas of memory in its own process address
space. This could allow a skilled attacker to inject binary specific
exploit code into smbd.
The patch was prepared by "Jeremy Allison and reviewed by engineers
from the Samba Team, SuSE, HP, SGI, Apple, and the Linux vendor
engineers on the Linux Vendor security mailing list."
We would like to thank Jay Fenlason at Red Hat for separating the
security-critical portions of the patch apart from the rest of the
Samba-supplied fix.
References: http://us1.samba.org/samba/whatsnew/samba-2.2.8.html
Package names and locations:
Precompiled binary packages for Immunix 7+ are available at:
http://download.immunix.org/ImmunixOS/7+/Updates/RPMS/samba-2.0.10-2_imnx_2.i386.rpm
http://download.immunix.org/ImmunixOS/7+/Updates/RPMS/samba-client-2.0.10-2_imnx_2.i386.rpm
http://download.immunix.org/ImmunixOS/7+/Updates/RPMS/samba-common-2.0.10-2_imnx_2.i386.rpm
Immunix OS 7+ md5sums:
a74de332ef912b659dee405e996682b9 samba-2.0.10-2_imnx_2.i386.rpm
0ea784704399dd90280766d378cbf410 samba-client-2.0.10-2_imnx_2.i386.rpm
2c206898ffed86f63eb1c96bf8b542c2 samba-common-2.0.10-2_imnx_2.i386.rpm
GPG verification:
Our public key is available at <http://wirex.com/security/GPG_KEY>.
NOTE:
Ibiblio is graciously mirroring our updates, so if the links above are
slow, please try:
ftp://ftp.ibiblio.org/pub/Linux/distributions/immunix/
or one of the many mirrors available at:
http://www.ibiblio.org/pub/Linux/MIRRORS.html
ImmunixOS 6.2 is no longer officially supported.
ImmunixOS 7.0 is no longer officially supported.
Contact information:
To report vulnerabilities, please contact securityat_private WireX
attempts to conform to the RFP vulnerability disclosure protocol
<http://www.wiretrip.net/rfp/policy.html>.
This archive was generated by hypermail 2b30 : Tue Apr 01 2003 - 20:40:16 PST