From aliz@gentoo.org Sat Nov 23 11:29:58 2002 From: Daniel Ahlberg To: bugtraq@securityfocus.com Date: Thu, 21 Nov 2002 10:08:19 +0100 Subject: GLSA: samba -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - -------------------------------------------------------------------- GENTOO LINUX SECURITY ANNOUNCEMENT 200211-007 - - -------------------------------------------------------------------- PACKAGE : samba SUMMARY : remote root access DATE    : 2002-11-21 09:11 UTC EXPLOIT : remote - - -------------------------------------------------------------------- - From 2.2.7 release notes: There was a bug in the length checking for encrypted password change requests from clients. A client could potentially send an encrypted password, which, when decrypted with the old hashed password could be used as a buffer overrun attack on the stack of smbd. The attach would have to be crafted such that converting a DOS codepage string to little endian UCS2 unicode would translate into an executable block of code. Read the full release notes at http://se.samba.org/samba/whatsnew/samba-2.2.7.html SOLUTION It is recommended that all Gentoo Linux users who are running net-fs/samba-2.2.5-r1 and earlier update their systems as follows: emerge rsync emerge samba emerge clean - - -------------------------------------------------------------------- aliz@gentoo.org - GnuPG key is available at www.gentoo.org/~aliz woodchip@gentoo.org - - -------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE93KKCfT7nyhUpoZMRAoZeAKCb7Jdu+glo0BIN3wq4+cDSbmQLKACgnbaY 2+7FwJUYxYALLzhRpckJuNE= =PWpJ -----END PGP SIGNATURE-----