-----BEGIN PGP SIGNED MESSAGE----- Subject: Caldera Security Advisory SA-1997.24: Vulnerability in Samba Caldera Security Advisory SA-1997.24 Original report date: 27-Sep-1997 RPM build date: 01-Oct-1997 Advisory issue date: 07-Oct-1997 Last update: 17-Dec-1997 Topic: Vulnerability in the Samba package I. Problem Description The Samba server had a buffer overflow problem that had various security related exploit possibilities. Details of the exploit had been made available on the Internet via the BUGTRAQ email list. II. Impact The samba-1.9.16p7-1 package distributed on the following OpenLinux releases are vulnerable: Lite 1.1 Base 1.1 Standard 1.1 This new Samba server has been found to function properly on all of the releases shown above. III. Solution Install the new samba-1.9.17p2-1 package, as described below. Both source and binary packages are located on Caldera's FTP server (ftp.caldera.com): Binary files can be obtained at: ftp://ftp.caldera.com/pub/openlinux/updates/1.1/current/RPMS Source files can be obtained at: ftp://ftp.caldera.com/pub/openlinux/updates/1.1/current/SRPMS To install the update on any OpenLinux 1.1 release use the following commands: /etc/rc.d/init.d/smb stop rpm -U RPMS/samba-1.9.17p2-1.i386.rpm mv /etc/smb.conf.rpmsave /etc/smb.conf The next step in the installation is to run lisa: lisa --daemons Scroll down to the entry reading "SMB server processes (Samba)" Mark this line using the space bar.(This toggles the state of the ONBOOT variable in /etc/sysconf/daemons/smb.) Exit the dialog by selecting the continue button and start samba. Samba will start when the machine is rebooted or can be started now by typing: /etc/rc.d/init.d/samba start The documentation in the new /etc/smb.conf.sample has been improved. It may be of help when setting up samba features with which you are unfamiliar. Please note the following filename changes: The names of the files in /etc/sysconfig/daemon/ and /etc/rc.d/init.d/ have changed from smb to samba. The default lock directory name /var/lock/samba/ has been changed to /var/lock/samba.d/. A default log directory named /var/log/samba.d has been added. If you are using the logrotate package, amend the logrotate.conf file to reflect this. IV. References / Credits Fixes a security problem originally reported on BUGTRAQ@netspace.org and CERT Vendor-Initiated Bulletin VB-97.10.samba (October 3, 1997). Reported internally at Caldera as PR #984 and #1006. This and other Caldera security resources are located at: http://www.caldera.com/tech-ref/security/ V. PGP Signature This message was signed with the PGP key for security@caldera.com. This key can be obtained from: ftp://ftp.caldera.com/pub/pgp-keys/ Or on an OpenLinux CDROM under: /OpenLinux/pgp-keys/ $Id: SA-1997.24,v 1.8 1997/12/17 17:59:11 ron Exp ron $ -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBNJgTG+n+9R4958LpAQGWFgP9GTCr0MZUWxolRt6jV7cUaNRzO+nP4eH8 1ztfvpMON6JmsEAio11uZKgMJj47HeklNwBq2DAlN7WAxJF7ICYPsa4C3qHqTpFa QNZpE4W6PL0pYai5pVIrf06XXU64M9DIwEJ6CkBX31l70sRWVx+2qLL8gkzPxvUQ ccGa9kDt8V4= =9Z+T -----END PGP SIGNATURE-----