Re: samba security -- more info?
Dear Folks,
If you know about the samba security problem, could you please send me
as soon as possible a pointer to more information, or to the (source)
patch or fix?
The fixed package is in bo-updates, on a (recent) mirror near you.
--
joost witteveen, [EMAIL PROTECTED]
#!/usr/bin/perl -sp0777iX+d*lMLa^*lN%0]dsXx++lMlN/dsM0j]dsj
$/=unpack('H*',$_);$_=`echo 16dio\U$kSK$/SM$n\EsN0p[lN*1
lK[d2%Sa2/d0$^Ixp|dc`;s/\W//g;$_=pack('H*',/((..)*)$/)
#what's this? see http://www.dcs.ex.ac.uk/~aba/rsa/
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to
[EMAIL PROTECTED] .
Trouble? e-mail to [EMAIL PROTECTED] .
Re: samba security -- more info?
Just don't expect to find and update your samba package with dselect. :-(
Usde dpkg instead.
On Tue, 30 Sep 1997, joost witteveen wrote:
Dear Folks,
If you know about the samba security problem, could you please send me
as soon as possible a pointer to more information, or to the (source)
patch or fix?
The fixed package is in bo-updates, on a (recent) mirror near you.
--
joost witteveen, [EMAIL PROTECTED]
#!/usr/bin/perl -sp0777iX+d*lMLa^*lN%0]dsXx++lMlN/dsM0j]dsj
$/=unpack('H*',$_);$_=`echo 16dio\U$kSK$/SM$n\EsN0p[lN*1
lK[d2%Sa2/d0$^Ixp|dc`;s/\W//g;$_=pack('H*',/((..)*)$/)
#what's this? see http://www.dcs.ex.ac.uk/~aba/rsa/
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to
[EMAIL PROTECTED] .
Trouble? e-mail to [EMAIL PROTECTED] .
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to
[EMAIL PROTECTED] .
Trouble? e-mail to [EMAIL PROTECTED] .
Re: samba security -- more info?
Just don't expect to find and update your samba package with dselect. :-(
Usde dpkg instead.
True. But I'll never think of saying that, as I never use dselect anyway.
I nearly always use dpkg (unless I really want to upgrade my whole system
to unstable, then dselect is useful, but otherwise, I just use dpkg -i).
--
joost witteveen, [EMAIL PROTECTED]
#!/usr/bin/perl -sp0777iX+d*lMLa^*lN%0]dsXx++lMlN/dsM0j]dsj
$/=unpack('H*',$_);$_=`echo 16dio\U$kSK$/SM$n\EsN0p[lN*1
lK[d2%Sa2/d0$^Ixp|dc`;s/\W//g;$_=pack('H*',/((..)*)$/)
#what's this? see http://www.dcs.ex.ac.uk/~aba/rsa/
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to
[EMAIL PROTECTED] .
Trouble? e-mail to [EMAIL PROTECTED] .
Re: samba security -- more info?
Thank you. Actually, I'm wondering if you could point me to the *source* fixes for samba (assuming it is not just a Debian security problem), since the information is to be passed on to a non-Debian sysadmin. John -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
Re: samba security -- more info?
Thank you. Actually, I'm wondering if you could point me to the
*source* fixes for samba (assuming it is not just a Debian security
problem), since the information is to be passed on to a non-Debian
sysadmin.
Well, I didn't look that far into it. Yes, you are right, it
isn't a Debian problem, and it was fixed by the samba team.
All I can do is send you the announcement made by (I presume) the
Samba team to bugtraq. It will give you the location of
the sourcefile where they say they fixed the problem.
Maybe on the ftp site they mention they also still have the
newest version without the bugfix, and then you'll be able to
diff the two samba sourcefiles.
Sorry, but I cannot do anything more.
From [EMAIL PROTECTED] Fri Sep 26 20:05:42 1997
Return-Path: [EMAIL PROTECTED]
Received: from hearnnt.nic.surfnet.nl ([192.87.5.133]) by rulcmc.leidenuniv.nl
with esmtp id [EMAIL PROTECTED]
(Debian Smail-3.2 1996-Jul-4 #2); Fri, 26 Sep 1997 20:05:42 +0200
(CEST)
Received: from hearnnt (192.87.5.133) by hearnnt.nic.surfnet.nl (LSMTP for
Windows N
T v1.1a) with SMTP id [EMAIL PROTECTED]; Fri, 26 Sep 1997 20:01:27
+0200
Received: from NETSPACE.ORG by NETSPACE.ORG (LISTSERV-TCP/IP release 1.8c)
with
spool id 4901339 for [EMAIL PROTECTED]; Fri, 26 Sep 1997 11:39:22
-0400
Received: from brimstone.netspace.org (brimstone [128.148.157.143]) by
netspace.org (8.8.7/8.8.2) with ESMTP id LAA12708 for
[EMAIL PROTECTED]; Fri, 26 Sep 1997 11:28:21 -0400
Received: from [EMAIL PROTECTED] (port 56069 [128.148.157.6]) by
brimstone.netspace.org with ESMTP id 16328-25824; Fri, 26 Sep 1997
11:28:13 -0400
Approved-By: [EMAIL PROTECTED]
Received: from samba.anu.edu.au (samba.anu.edu.au [150.203.164.44]) by
netspace.org (8.8.7/8.8.2) with ESMTP id KAA03099 for
[EMAIL PROTECTED]; Fri, 26 Sep 1997 10:08:02 -0400
Received: from [EMAIL PROTECTED] by samba.anu.edu.au id 12593854-13111; Sat,
27 Sep 1997 00:07:22 +1000
Message-ID: [EMAIL PROTECTED]
Date: Sat, 27 Sep 1997 00:07:19 +1000
Reply-To: [EMAIL PROTECTED]
Sender: Bugtraq List [EMAIL PROTECTED]
From: Andrew Tridgell [EMAIL PROTECTED]
Subject: Security bugfix for Samba
To: [EMAIL PROTECTED]
Status: RO
Security bugfix for Samba
-
A security hole in all versions of Samba has been recently
discovered. The security hole allows unauthorized remote users to
obtain root access on the Samba server.
An exploit for this security hole has been posted to the internet so
system administrators should assume that this hole is being actively
exploited.
The exploit for the security hole is very architecture specific and
has been only demonstrated to work for Samba servers running on Intel
based platforms. The exploit posted to the internet is specific to
Intel Linux servers. It would be very difficult to produce an exploit
for other architectures but it may be possible.
A new release of Samba has now been made that fixes the security
hole. The new release is version 1.9.17p2 and is available from
ftp://samba.anu.edu.au/pub/samba/samba-1.9.17p2.tar.gz
This release also adds a routine which logs a message if anyone
attempts to take advantage of the security hole. The message (in the
Samba log files) will look like this:
ERROR: Invalid password length 999
you're machine may be under attack by a user exploiting an old bug
Attack was from IP=aaa.bbb.ccc.ddd
where aaa.bbb.ccc.ddd is the IP address of the machine performing the attack.
The Samba Team
[EMAIL PROTECTED]
--
joost witteveen, [EMAIL PROTECTED]
#!/usr/bin/perl -sp0777iX+d*lMLa^*lN%0]dsXx++lMlN/dsM0j]dsj
$/=unpack('H*',$_);$_=`echo 16dio\U$kSK$/SM$n\EsN0p[lN*1
lK[d2%Sa2/d0$^Ixp|dc`;s/\W//g;$_=pack('H*',/((..)*)$/)
#what's this? see http://www.dcs.ex.ac.uk/~aba/rsa/
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to
[EMAIL PROTECTED] .
Trouble? e-mail to [EMAIL PROTECTED] .
Re: samba security -- more info?
On Tue, 30 Sep 1997, John M. Rulnick wrote: Thank you. Actually, I'm wondering if you could point me to the *source* fixes for samba (assuming it is not just a Debian security problem), since the information is to be passed on to a non-Debian sysadmin. Here is the original announcement: Xref: uchinews comp.os.linux.announce:8694 Path: uchinews!news.spss.com!uunet!in5.uu.net!news2.epix.net!cdc2.cdc.net!ais.net!newsfeed.internetmci.com!141.211.144.13!newsxfer3.itd.umich.edu!news1.best.com!uninett.no!news-stkh.gip.net!news.gsl.net!gip.net!news3.funet.fi!news.funet.fi!news.cs.hut.fi! news.clinet.fi!liw.clinet.fi!not-for-mail From: Andrew Tridgell [EMAIL PROTECTED] Newsgroups: comp.os.linux.announce Subject: SECURITY: Security bugfix for Samba Followup-To: comp.os.linux.misc Date: Fri, 26 Sep 1997 21:58:32 GMT Organization: none Lines: 59 Approved: [EMAIL PROTECTED] (Lars Wirzenius) Message-ID: [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] NNTP-Posting-Host: liw.clinet.fi NNTP-Posting-User: liw X-Server-Date: 26 Sep 1997 21:58:45 GMT Old-Date: Fri, 26 Sep 1997 23:40:47 +1000 X-No-Archive: yes X-Auth: PGPMoose V1.1 PGP comp.os.linux.announce iQBVAwUBNCwwFDiesvPHtqnBAQGqGgIAkwndoh2YjjAiVOCDs7bTdnPC0qmTk//L XtLkOqIRjHWZoohH3uA4jaKr3gz//42hFcFF/JyYef4OHx8HFn5bvg== =BLDy -BEGIN PGP SIGNED MESSAGE- Security bugfix for Samba - A security hole in all versions of Samba has been recently discovered. The security hole allows unauthorized remote users to obtain root access on the Samba server. An exploit for this security hole has been posted to the internet so system administrators should assume that this hole is being actively exploited. The exploit for the security hole is very architecture specific and has been only demonstrated to work for Samba servers running on Intel based platforms. The exploit posted to the internet is specific to Intel Linux servers. It would be very difficult to produce an exploit for other architectures but it may be possible. A new release of Samba has now been made that fixes the security hole. The new release is version 1.9.17p2 and is available from ftp://samba.anu.edu.au/pub/samba/samba-1.9.17p2.tar.gz This release also adds a routine which logs a message if anyone attempts to take advantage of the security hole. The message (in the Samba log files) will look like this: ERROR: Invalid password length 999 you're machine may be under attack by a user exploiting an old bug Attack was from IP=aaa.bbb.ccc.ddd where aaa.bbb.ccc.ddd is the IP address of the machine performing the attack. Please report any attacks to the appropriate authority. The Samba Team [EMAIL PROTECTED] - -- This article has been digitally signed by the moderator, using PGP. http://www.iki.fi/liw/lars-public-key.asc has PGP key for validating signature. Send submissions for comp.os.linux.announce to: [EMAIL PROTECTED] PLEASE remember a short description of the software and the LOCATION. This group is archived at http://www.iki.fi/liw/linux/cola.html -BEGIN PGP SIGNATURE- Version: 2.6.3ia Charset: noconv iQCVAwUBNCwwD4QRll5MupLRAQF8TQQA2m+9WqUAVg/BAvc+Flfdjp0EpHUS++Ia wDj3LAkQeyexR7fTncvYevIgXCa7B4ZjA6SlH3pEe3UBV9sH+uAjXg2fIzt5YVvb fFbVnUwLCTFBxCt8sCjTV7QvLLpcO8fP2dWWFGpErY6y/v2boQM5t+JWCI4Ecy0e YIitrcRv5zk= =rcqW -END PGP SIGNATURE- Roy [EMAIL PROTECTED] -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
