|
|
Subscribe / Log in / New account

Mandrake alert MDKSA-2004:071 (samba)



From:
    	      Mandrake Linux Security Team <security@linux-mandrake.com>


To:
    	      bugtraq@securityfocus.com


Subject:
    	      MDKSA-2004:071 - Updated samba packages fix vulnerability in SWAT, samba-server.


Date:
    	      22 Jul 2004 22:40:09 -0000



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                 Mandrakelinux Security Update Advisory
 _______________________________________________________________________

 Package name:           samba
 Advisory ID:            MDKSA-2004:071
 Date:                   July 22nd, 2004

 Affected versions:	 10.0, 9.1, 9.2, Corporate Server 2.1,
			 Multi Network Firewall 8.2
 ______________________________________________________________________

 Problem Description:

 A vulnerability was discovered in SWAT, the Samba Web Administration
 Tool.  The routine used to decode the base64 data during HTTP basic
 authentication is subject to a buffer overrun caused by an invalid
 base64 character.  This same code is also used to internally decode
 the sambaMungedDial attribute value when using the ldapsam passdb
 backend, and to decode input given to the ntlm_auth tool.
 
 This vulnerability only exists in Samba versions 3.0.2 or later; 
 the 3.0.5 release fixes the vulnerability.  Systems using SWAT, the
 ldapsam passdb backend, and tose running winbindd and allowing third-
 party applications to issue authentication requests via ntlm_auth
 tool should upgrade immediately. (CAN-2004-0600)
 
 A buffer overrun has been located in the code used to support
 the 'mangling method = hash' smb.conf option.  Please be aware
 that the default setting for this parameter is 'mangling method
 = hash2' and therefore not vulnerable. This bug is present in 
 Samba 3.0.0 and later, as well as Samba 2.2.X (CAN-2004-0686)
 										
 This update also fixes a bug where attempting to print in some cases
 would cause smbd to exit with a signal 11.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0600
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0686
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.0:
 3dc64ca8fe0f7b0aa51a2c84dc514592  10.0/RPMS/libsmbclient0-3.0.2a-3.2.100mdk.i586.rpm
 779356b9c230eb85ce37f315232cdc95  10.0/RPMS/libsmbclient0-devel-3.0.2a-3.2.100mdk.i586.rpm
 bb4d71ecdefacd3dddddc3688a5eaad5  10.0/RPMS/libsmbclient0-static-devel-3.0.2a-3.2.100mdk.i586.rpm
 74df83eb93096ffb23165dbbd28d2011  10.0/RPMS/nss_wins-3.0.2a-3.2.100mdk.i586.rpm
 02c7352e5e845c2a3e38d7e321bcbd4b  10.0/RPMS/samba-client-3.0.2a-3.2.100mdk.i586.rpm
 28e209b5899bd01b8d39f4dec3677424  10.0/RPMS/samba-common-3.0.2a-3.2.100mdk.i586.rpm
 6c5bcd82b4544fe8ddb1e0d70bacfcec  10.0/RPMS/samba-doc-3.0.2a-3.2.100mdk.i586.rpm
 43bf0b8c550df90bbe7aee619c5f27b6  10.0/RPMS/samba-passdb-mysql-3.0.2a-3.2.100mdk.i586.rpm
 b34d77cf576bc3c6a39e50ccb04fc1ee  10.0/RPMS/samba-passdb-xml-3.0.2a-3.2.100mdk.i586.rpm
 1a60acc6cc523537987c789daaa17b99  10.0/RPMS/samba-server-3.0.2a-3.2.100mdk.i586.rpm
 d5f09f07939dadda6d39ce619d918dce  10.0/RPMS/samba-swat-3.0.2a-3.2.100mdk.i586.rpm
 3f4abab7d5fe16d8db612b07c1c1165d  10.0/RPMS/samba-winbind-3.0.2a-3.2.100mdk.i586.rpm
 954256f8fb2dcbff886b1d6a4535bc03  10.0/SRPMS/samba-3.0.2a-3.2.100mdk.src.rpm

 Mandrakelinux 10.0/AMD64:
 cb4d44e5e85e240a61d601d94b423e82  amd64/10.0/RPMS/nss_wins-3.0.2a-3.2.100mdk.amd64.rpm
 99906563140b9dee6e919ab4ca0e61fe  amd64/10.0/RPMS/samba-client-3.0.2a-3.2.100mdk.amd64.rpm
 cf0c4f39aa078547923032562c170884  amd64/10.0/RPMS/samba-common-3.0.2a-3.2.100mdk.amd64.rpm
 a3a2cfd0fe222cf59408720a97eae315  amd64/10.0/RPMS/samba-doc-3.0.2a-3.2.100mdk.amd64.rpm
 3adb7cbc3f031e1985fc356fd6cd28d6  amd64/10.0/RPMS/samba-passdb-mysql-3.0.2a-3.2.100mdk.amd64.rpm
 d3626d21a8dfd121e6126f2c20c68b12  amd64/10.0/RPMS/samba-passdb-xml-3.0.2a-3.2.100mdk.amd64.rpm
 7bce8bf6a2ce61b6d067d29e50cb5959  amd64/10.0/RPMS/samba-server-3.0.2a-3.2.100mdk.amd64.rpm
 820dbe19028f73bebf2c1615aa41506c  amd64/10.0/RPMS/samba-swat-3.0.2a-3.2.100mdk.amd64.rpm
 527d993e2e001ab8585d01f6abd5fed1  amd64/10.0/RPMS/samba-winbind-3.0.2a-3.2.100mdk.amd64.rpm
 954256f8fb2dcbff886b1d6a4535bc03  amd64/10.0/SRPMS/samba-3.0.2a-3.2.100mdk.src.rpm

 Corporate Server 2.1:
 2e17c334f02b4247f1bf2f6e4b5837e3  corporate/2.1/RPMS/nss_wins-2.2.7a-10.2.C21mdk.i586.rpm
 a3c3a6dce249f920c2ebef2e42d22efb  corporate/2.1/RPMS/samba-client-2.2.7a-10.2.C21mdk.i586.rpm
 7e66a36c672abc713c3b78afa62cec4f  corporate/2.1/RPMS/samba-common-2.2.7a-10.2.C21mdk.i586.rpm
 bf9cb0590bb03749f67b969a8ce47d5b  corporate/2.1/RPMS/samba-doc-2.2.7a-10.2.C21mdk.i586.rpm
 ba68c6016296c95ba5e60b0caada3d7b  corporate/2.1/RPMS/samba-server-2.2.7a-10.2.C21mdk.i586.rpm
 33d9a4c1ad830727fcc8c0c74c15b133  corporate/2.1/RPMS/samba-swat-2.2.7a-10.2.C21mdk.i586.rpm
 045eb0d5f4564a344dd1ec52affba34e  corporate/2.1/RPMS/samba-winbind-2.2.7a-10.2.C21mdk.i586.rpm
 f24a2423c032564d94bc4fb7166aab93  corporate/2.1/SRPMS/samba-2.2.7a-10.2.C21mdk.src.rpm

 Corporate Server 2.1/x86_64:
 64cf3d1928c082f359ee77114a013c09  x86_64/corporate/2.1/RPMS/nss_wins-2.2.7a-10.2.C21mdk.x86_64.rpm
 cc53b273802b83a7bde754964f6c1a6a  x86_64/corporate/2.1/RPMS/samba-client-2.2.7a-10.2.C21mdk.x86_64.rpm
 5cb1a2021b4b122c1a43372afce7f4a7  x86_64/corporate/2.1/RPMS/samba-common-2.2.7a-10.2.C21mdk.x86_64.rpm
 664628aa6e499379662cd6dda3eb3194  x86_64/corporate/2.1/RPMS/samba-doc-2.2.7a-10.2.C21mdk.x86_64.rpm
 55a1275bee7a01f3a01629bfafade340  x86_64/corporate/2.1/RPMS/samba-server-2.2.7a-10.2.C21mdk.x86_64.rpm
 be77b207466e796e3f0625b3e6b2137f  x86_64/corporate/2.1/RPMS/samba-swat-2.2.7a-10.2.C21mdk.x86_64.rpm
 fe9fad601a5c9086d49ec7c7ff5178db  x86_64/corporate/2.1/RPMS/samba-winbind-2.2.7a-10.2.C21mdk.x86_64.rpm
 f24a2423c032564d94bc4fb7166aab93  x86_64/corporate/2.1/SRPMS/samba-2.2.7a-10.2.C21mdk.src.rpm

 Mandrakelinux 9.1:
 379a81194ac29a44ed5413f504b3f9c6  9.1/RPMS/nss_wins-2.2.7a-9.4.91mdk.i586.rpm
 0d8bbc2ff31eb4759171066f87d586ec  9.1/RPMS/samba-client-2.2.7a-9.4.91mdk.i586.rpm
 b2699829ae743ca3a3d8c7af7f2287d0  9.1/RPMS/samba-common-2.2.7a-9.4.91mdk.i586.rpm
 edcb7e669f0b7fc25a23909add4eeb84  9.1/RPMS/samba-doc-2.2.7a-9.4.91mdk.i586.rpm
 dff7e002231035a7bb9c1d6cea97e9b5  9.1/RPMS/samba-server-2.2.7a-9.4.91mdk.i586.rpm
 31ac013951ba5e625184a13532208666  9.1/RPMS/samba-swat-2.2.7a-9.4.91mdk.i586.rpm
 2ba7a3214babff3bd3294ffd72d023a1  9.1/RPMS/samba-winbind-2.2.7a-9.4.91mdk.i586.rpm
 127103f4f0b34572507ef4c94bb7356e  9.1/SRPMS/samba-2.2.7a-9.4.91mdk.src.rpm

 Mandrakelinux 9.1/PPC:
 d7d1301be1efededc96cb6b1793a8fab  ppc/9.1/RPMS/nss_wins-2.2.7a-9.4.91mdk.ppc.rpm
 95b7a0ac457b26b72349242b626dc04f  ppc/9.1/RPMS/samba-client-2.2.7a-9.4.91mdk.ppc.rpm
 2261c5a2b3260ad8352feba778f5e826  ppc/9.1/RPMS/samba-common-2.2.7a-9.4.91mdk.ppc.rpm
 3e7b43389cb32844862513726aee3ae2  ppc/9.1/RPMS/samba-doc-2.2.7a-9.4.91mdk.ppc.rpm
 326b16a7121fdbe3d16aa33862de8d45  ppc/9.1/RPMS/samba-server-2.2.7a-9.4.91mdk.ppc.rpm
 4bdb189ad68d5b9eeab6da7b581295ce  ppc/9.1/RPMS/samba-swat-2.2.7a-9.4.91mdk.ppc.rpm
 1abeacc0d08792e4e38a9ed22c9a0ebe  ppc/9.1/RPMS/samba-winbind-2.2.7a-9.4.91mdk.ppc.rpm
 127103f4f0b34572507ef4c94bb7356e  ppc/9.1/SRPMS/samba-2.2.7a-9.4.91mdk.src.rpm

 Mandrakelinux 9.2:
 9bb1f0e25ed2389657501283bf52c054  9.2/RPMS/libsmbclient0-2.2.8a-13.2.92mdk.i586.rpm
 eec1734ea897176812921f443fe69d61  9.2/RPMS/libsmbclient0-devel-2.2.8a-13.2.92mdk.i586.rpm
 1d179c626717703f6a49a9fd20894dcb  9.2/RPMS/libsmbclient0-static-devel-2.2.8a-13.2.92mdk.i586.rpm
 e12cfed3fe15749d43857b8aafe31b02  9.2/RPMS/nss_wins-2.2.8a-13.2.92mdk.i586.rpm
 f0cd976a453e8b23f0ef9c2c135fc5d7  9.2/RPMS/samba-client-2.2.8a-13.2.92mdk.i586.rpm
 8475ca3829dc64ceea8f01abdcade21c  9.2/RPMS/samba-common-2.2.8a-13.2.92mdk.i586.rpm
 9fc072548adc6bdd4d30dc9712a78c20  9.2/RPMS/samba-debug-2.2.8a-13.2.92mdk.i586.rpm
 cd67210e062a76a83249bf8b55741d1e  9.2/RPMS/samba-doc-2.2.8a-13.2.92mdk.i586.rpm
 8f0abb6bc0a82843c5b448c86bb91165  9.2/RPMS/samba-server-2.2.8a-13.2.92mdk.i586.rpm
 61c3cfb487802d83d3590f2a1e9d3e23  9.2/RPMS/samba-swat-2.2.8a-13.2.92mdk.i586.rpm
 f2f768247a5739b1bff40f2ec691b987  9.2/RPMS/samba-winbind-2.2.8a-13.2.92mdk.i586.rpm
 783d6e588fdc85cfb3ba985b2d6abc9e  9.2/SRPMS/samba-2.2.8a-13.2.92mdk.src.rpm

 Mandrakelinux 9.2/AMD64:
 2352a24ec2b246314b184825cbe63852  amd64/9.2/RPMS/nss_wins-2.2.8a-13.2.92mdk.amd64.rpm
 9d06697503f19e780963c5084d826f26  amd64/9.2/RPMS/samba-client-2.2.8a-13.2.92mdk.amd64.rpm
 0c3b8f01c1aa411a72cffa24e0e3a321  amd64/9.2/RPMS/samba-common-2.2.8a-13.2.92mdk.amd64.rpm
 056c03f2f44fca64ace44c791f8033d9  amd64/9.2/RPMS/samba-debug-2.2.8a-13.2.92mdk.amd64.rpm
 e241a63aa9b72f636fd40227bdb6ed84  amd64/9.2/RPMS/samba-doc-2.2.8a-13.2.92mdk.amd64.rpm
 5c5cf771ce52300c3908a751ab2a0851  amd64/9.2/RPMS/samba-server-2.2.8a-13.2.92mdk.amd64.rpm
 fdc494fde0bf4a1562c9b78e2305792d  amd64/9.2/RPMS/samba-swat-2.2.8a-13.2.92mdk.amd64.rpm
 64abc0d71c0971febc1202bd47b57496  amd64/9.2/RPMS/samba-winbind-2.2.8a-13.2.92mdk.amd64.rpm
 783d6e588fdc85cfb3ba985b2d6abc9e  amd64/9.2/SRPMS/samba-2.2.8a-13.2.92mdk.src.rpm

 Multi Network Firewall 8.2:
 46210227d2e283898c2ca3e43dc22634  mnf8.2/RPMS/nss_wins-2.2.7a-9.4.M82mdk.i586.rpm
 30aff3d72c2c21f9a4adf930be4a4741  mnf8.2/RPMS/samba-client-2.2.7a-9.4.M82mdk.i586.rpm
 2ef26ca649d580ef375a7f0f8680b764  mnf8.2/RPMS/samba-common-2.2.7a-9.4.M82mdk.i586.rpm
 26c1fd8143ff302426882ed1973bd738  mnf8.2/RPMS/samba-doc-2.2.7a-9.4.M82mdk.i586.rpm
 ec39d9eaf0af9590e4e4030375e21fc3  mnf8.2/RPMS/samba-server-2.2.7a-9.4.M82mdk.i586.rpm
 2bfb7365c2d27f5523d552561af50e7b  mnf8.2/RPMS/samba-swat-2.2.7a-9.4.M82mdk.i586.rpm
 8fdd11d88ae4895125faf90eae606604  mnf8.2/RPMS/samba-winbind-2.2.7a-9.4.M82mdk.i586.rpm
 b7ea85f4455756d7e7d1c9afe19977b5  mnf8.2/SRPMS/samba-2.2.7a-9.4.M82mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandrakesoft for security.  You can obtain
 the GPG public key of the Mandrakelinux Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandrakelinux at:

  http://www.mandrakesoft.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_linux-mandrake.com

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Linux Mandrake Security Team
  <security linux-mandrake.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQFBAEJImqjQ0CJFipgRAg0ZAKDziosMuyE/anynDW/Av175LfDQxQCfd2VZ
XCPU49LQ0xM4hZ6bzmfBtYE=
=SWMZ
-----END PGP SIGNATURE-----
(Log in to post comments)


Copyright © 2024, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds