----- Forwarded message from Gerald Carter <[EMAIL PROTECTED]> ----- > Date: Thu, 16 Dec 2004 06:17:29 -0600 > From: Gerald Carter <[EMAIL PROTECTED]> > User-Agent: Mozilla Thunderbird 0.9 (X11/20041103) > To: [EMAIL PROTECTED] > Cc: [EMAIL PROTECTED] > Subject: [SAMBA] CAN-2004-1154 : Integer overflow could lead to remote code > execution in Samba 2.x, 3.0.x <= 3.0.9 > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > ========================================================== > == > == Subject: Possible remote code execution > == CVE ID#: CAN-2004-1154 > == > == Versions: Samba 2.x & 3.0.x <= 3.0.9 > == > == Summary: A potential integer overflow when > == unmarshalling specific MS-RPC requests > == from clients could lead to heap > == corruption and remote code execution. > == > ========================================================== > > > =========== > Description > =========== > > Remote exploitation of an integer overflow vulnerability > in the smbd daemon included in Samba 2.0.x, Samba 2.2.x, > and Samba 3.0.x prior to and including 3.0.9 could > allow an attacker to cause controllable heap corruption, > leading to execution of arbitrary commands with root > privileges. > > Successful remote exploitation allows an attacker to > gain root privileges on a vulnerable system. In order > to exploit this vulnerability an attacker must possess > credentials that allow access to a share on the Samba server. > Unsuccessful exploitation attempts will cause the process > serving the request to crash with signal 11, and may leave > evidence of an attack in logs. > > > ================== > Patch Availability > ================== > > A patch for Samba 3.0.9 (samba-3.0.9-CAN-2004-1154.patch) > can be downloaded from > > http://www.samba.org/samba/ftp/patches/security/ > > The patch has been signed with the "Samba Distribution > Verification Key" (ID F17F9772). > > > ============================= > Protecting Unpatched Servers > ============================= > > The Samba Team always encourages users to run the latest > stable release as a defense against attacks. However, > under certain circumstances it may not be possible to > immediately upgrade important installations. In such > cases, administrators should read the "Server Security" > documentation found at > > http://www.samba.org/samba/docs/server_security.html. > > > ======= > Credits > ======= > > This security issue was reported to Samba developers by > iDEFENSE Labs. The vulnerability was discovered by Greg > MacManus, iDEFENSE Labs. > > > ========================================================== > == Our Code, Our Bugs, Our Responsibility. > == The Samba Team > ========================================================== > > > > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.2.4 (GNU/Linux) > Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org > > iD8DBQFBwXzZIR7qMdg1EfYRAqv1AJ9FqoFnBPnjNMGVjlsjO47yAk/UYACg9KMa > L+VEkr69J9oGg48m771bC7U= > =gtGA > -----END PGP SIGNATURE----- >
----- End forwarded message ----- -- --= Michal Kochanowicz =--==--==BOFH==--==--= [EMAIL PROTECTED] =-- --= finger me for PGP public key or visit http://michal.waw.pl/PGP =-- --==--==--==--==--==-- Vodka. Connecting people.--==--==--==--==--==-- A chodzenie po górach SSIE!!! _______________________________________________ pld-devel-pl mailing list [EMAIL PROTECTED] http://lists.pld-linux.org/mailman/listinfo/pld-devel-pl
