Bug#451385: CVE-2007-5398 remote code execution via NetBIOS replies
Package: samba Version: 3.0.24-6etch4 Severity: grave Tags: security patch Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for samba. CVE-2007-5398: | Secunia Research has discovered a vulnerability in Samba, which can be | exploited by malicious people to compromise a vulnerable system. | | The vulnerability is caused due to a boundary error within the | "reply_netbios_packet()" function in nmbd/nmbd_packets.c when sending | NetBIOS replies. This can be exploited to cause a stack-based buffer | overflow by sending multiple specially crafted WINS "Name Registration" | requests followed by a WINS "Name Query" request. | | Successful exploitation allows execution of arbitrary code, but | requires that Samba is configured to run as a WINS server (the "wins | support" option is enabled). This information is from: http://secunia.com/secunia_research/2007-90/advisory/ Mitre did not yet published it but it will be available later on [0]. Please also see: http://us1.samba.org/samba/security/CVE-2007-4572.html and http://us1.samba.org/samba/ftp/patches/security/samba-3.0.26a-CVE-2007-5398.patch for the patch. If you fix this vulnerability please also include the CVE id in your changelog entry. For further information: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5398 Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. pgpfRajMsAICe.pgp Description: PGP signature
Bug#451385: [Pkg-samba-maint] Bug#451385: CVE-2007-5398 remote code execution via NetBIOS replies
Hi, * Christian Perrier <[EMAIL PROTECTED]> [2007-11-15 19:31]: > Quoting Nico Golde ([EMAIL PROTECTED]): [...] > > the following CVE (Common Vulnerabilities & Exposures) id was > > published for samba. > > Thanks for caring to report. We were indeed aware of the issue as > upstream kindly keeps up posted before the unveil embargoed security > issues. > > As a consequence, we are all working on fixes for sarge, etch, and > lenny. I also saw Steves mail, great thanks! Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. pgpeKEDnTQHje.pgp Description: PGP signature
Bug#451385: [Pkg-samba-maint] Bug#451385: CVE-2007-5398 remote code execution via NetBIOS replies
Quoting Nico Golde ([EMAIL PROTECTED]): > Package: samba > Version: 3.0.24-6etch4 > Severity: grave > Tags: security patch > > Hi, > the following CVE (Common Vulnerabilities & Exposures) id was > published for samba. Thanks for caring to report. We were indeed aware of the issue as upstream kindly keeps up posted before the unveil embargoed security issues. As a consequence, we are all working on fixes for sarge, etch, and lenny. signature.asc Description: Digital signature
Processed: Re: Bug#451385: CVE-2007-5398 remote code execution via NetBIOS replies
Processing commands for [EMAIL PROTECTED]: > notfound 451385 3.0.24-6etch4 Bug#451385: CVE-2007-5398 remote code execution via NetBIOS replies Bug no longer marked as found in version 3.0.24-6etch4. > found 451385 3.0.14a-1 Bug#451385: CVE-2007-5398 remote code execution via NetBIOS replies Bug marked as found in version 3.0.14a-1. > close 451385 3.0.14a-3sarge7 Bug#451385: CVE-2007-5398 remote code execution via NetBIOS replies 'close' is deprecated; see http://www.debian.org/Bugs/Developer#closing. Bug marked as fixed in version 3.0.14a-3sarge7, send any further explanations to Nico Golde <[EMAIL PROTECTED]> > thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#451385: CVE-2007-5398 remote code execution via NetBIOS replies
notfound 451385 3.0.24-6etch4 found 451385 3.0.14a-1 close 451385 3.0.14a-3sarge7 thanks On Thu, Nov 15, 2007 at 04:48:41PM +0100, Nico Golde wrote: > Hi, > the following CVE (Common Vulnerabilities & Exposures) id was > published for samba. Yes, upstream keeps us informed of pending security issues and fixed packages are already in process, thanks. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. [EMAIL PROTECTED] http://www.debian.org/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]