From secure@conectiva.com.br Fri Apr 4 21:51:16 2003 From: Conectiva Updates To: conectiva-updates@papaleguas.conectiva.com.br, lwn@lwn.net, bugtraq@securityfocus.com, security-alerts@linuxsecurity.com, linsec@lists.seifried.org Date: Fri, 4 Apr 2003 16:11:06 -0300 Subject: [CLA-2003:615] Conectiva Security Announcement - samba -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- CONECTIVA LINUX SECURITY ANNOUNCEMENT - -------------------------------------------------------------------------- PACKAGE : samba SUMMARY : Remote vulnerability and local race condition DATE : 2003-04-04 16:00:00 ID : CLA-2003:615 RELEVANT RELEASES : 6.0, 7.0, 8 - ------------------------------------------------------------------------- DESCRIPTION Samba provides SMB/CIFS services (such as file and printer sharing) used by clients compatible with Microsoft Windows(TM). The SuSE Security Team performed a security audit in parts of the Samba project code and found various problems in both the client and server implementations. Among these problems is a buffer overflow[1] vulnerability in the packet fragment re-assembly code. A remote attacker who is able to connect to the samba server may gain root privileges on it by exploiting this vulnerability. The vulnerability also affects the client library code, thus it is possible to exploit applications which use samba library functions by using a malicious samba server to send traffic to them. Additionally, a race condition[2] was discovered which could allow a local attacker to overwrite critical system files. In Conectiva Linux versions 7.0 and 8 samba is being upgraded to the latest stable version: 2.2.8. This version fixes the above vulnerabilities and includes several other fixes and additional features[3]. In Conectiva Linux 6.0, a patch with fixes the above vulnerabilities was applied to the package originally distributed, keeping samba in its original version (2.0.9). SOLUTION All samba users should upgrade their packages immediately. This update will automatically restart the samba service if it is already running. REFERENCES: 1.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0085 2.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0086 3.http://www.samba.org/samba/whatsnew/samba-2.2.8.html UPDATED PACKAGES ftp://atualizacoes.conectiva.com.br/6.0/RPMS/samba-2.0.9-2U60_3cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/samba-clients-2.0.9-2U60_3cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/samba-doc-2.0.9-2U60_3cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/samba-swat-2.0.9-2U60_3cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/SRPMS/samba-2.0.9-2U60_3cl.src.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/samba-2.2.8-1U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/samba-clients-2.2.8-1U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/samba-codepagesource-2.2.8-1U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/samba-common-2.2.8-1U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/samba-doc-2.2.8-1U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/samba-swat-2.2.8-1U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/SRPMS/samba-2.2.8-1U70_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/8/RPMS/samba-2.2.8-1U80_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/8/RPMS/samba-clients-2.2.8-1U80_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/8/RPMS/samba-codepagesource-2.2.8-1U80_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/8/RPMS/samba-common-2.2.8-1U80_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/8/RPMS/samba-doc-2.2.8-1U80_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/8/RPMS/samba-swat-2.2.8-1U80_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/8/SRPMS/samba-2.2.8-1U80_1cl.src.rpm ADDITIONAL INSTRUCTIONS The apt tool can be used to perform RPM packages upgrades: - run: apt-get update - after that, execute: apt-get upgrade Detailed instructions reagarding the use of apt and upgrade examples can be found at http://distro.conectiva.com.br/atualizacoes/#apt?idioma=en - ------------------------------------------------------------------------- All packages are signed with Conectiva's GPG key. The key and instructions on how to import it can be found at http://distro.conectiva.com.br/seguranca/chave/?idioma=en Instructions on how to check the signatures of the RPM packages can be found at http://distro.conectiva.com.br/seguranca/politica/?idioma=en - ------------------------------------------------------------------------- All our advisories and generic update instructions can be viewed at http://distro.conectiva.com.br/atualizacoes/?idioma=en - ------------------------------------------------------------------------- Copyright 2003 (c) Conectiva Inc. http://www.conectiva.com - ------------------------------------------------------------------------- subscribe: conectiva-updates-subscribe@papaleguas.conectiva.com.br unsubscribe: conectiva-updates-unsubscribe@papaleguas.conectiva.com.br -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE+jdjJ42jd0JmAcZARAi+FAKDzpLt7tf+Yi+Py3qoloXH7cWPmRwCg47NF kFNcMNrJy3FuMczqvmWFg7E= =C7qa -----END PGP SIGNATURE-----