[Samba] Re: The Samba Team announces Samba 2.2.7 - security release

2002-11-25 Thread Tim Winders 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> > [2002/11/25 15:04:32, 0] smbd/service.c:(597)
> >   sisrael (64.69.243.114) Can't change directory to /data/Lkr_Usr_/twinders/tmp 
>(Permission denied)
>
> This is a local compile issue IMO.
>
> Set
>   path = /tmp
>
> in the [global] section to override the compile time default.
>
> You should be able to override the TMPDIR environment variable using
> something like
>
>   $ env TMPDIR="/tmp" ./configure

Well, it did appear to be a local issue.  I have set TMPDIR=/tmp for my
login, recompiled and reinstalled samba and that has fixed the problem.

Setting path = /tmp in the global section didn't work.  That just caused
the homes directory to be set to /tmp.

But, I am working now, so all is well.  Thanks!

=== Tim

 **
Tim Winders, MCSE, CNE, CCNA
Associate Dean of Information Technology
South Plains College
Levelland, TX  79336

Phone:  806-894-9611 x 2369
FAX:806-894-1549
Email:  [EMAIL PROTECTED]
 **

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.0 (OSF1)
Comment: Made with pgp4pine 1.76

iD8DBQE94wmQTPuHnIooYbwRAunfAJ9RyCMzI5CDVtt9GOgQsaCUd6pr5ACfUCT7
MVmrCcmy5fO2kgpZRs+d3wI=
=YbIh
-END PGP SIGNATURE-

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Re: The Samba Team announces Samba 2.2.7 - security release

2002-11-25 Thread Gerald (Jerry) Carter 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Mon, 25 Nov 2002, Tim Winders wrote:

> I just upgraded to 2.2.7 and noticed a problem.  I use samba as a domain
> controller for my Win98 machines.  After the upgrade to 2.2.7 all the
> users but myself were getting a failure to login to the domain.  In the
> log file for the machine, I see this error.
> 
> [2002/11/25 15:04:32, 0] smbd/service.c:(597)
>   sisrael (64.69.243.114) Can't change directory to /data/Lkr_Usr_/twinders/tmp 
>(Permission denied)

This is a local compile issue IMO.  

> In this case, the user trying to login is sisrael, but the service.c
> package is trying to change the the TMP directory that was set when I
> configured samba.
> 
> I've tried to reinstall 2.2.6, but I'm having the same problem.
> 
> I am not sure if this is a 2.2.7 issue, a local config issue, or what.
> But, I'm very confused and current samba is "down" for my users.  

Set 
path = /tmp

in the [global] section to override the compile time default.

You should be able to override the TMPDIR environment variable using
something like

$ env TMPDIR="/tmp" ./configure




cheers, jerry
 --
 Hewlett-Packard- http://www.hp.com
 SAMBA Team -- http://www.samba.org
 GnuPG Key   http://www.plainjoe.org/gpg_public.asc
 ISBN 0-672-32269-2 "SAMS Teach Yourself Samba in 24 Hours" 2ed
 "You can never go home again, Oatman, but I guess you can shop there."  
--John Cusack - "Grosse Point Blank" (1997)

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.0 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/

iD8DBQE94qLzIR7qMdg1EfYRAqvlAKDPpAJf1HOCxPig9zVIN0LZaitTxQCgtImN
prbz3FF0AdQxA968MolgMtA=
=GZUU
-END PGP SIGNATURE-

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Re: The Samba Team announces Samba 2.2.7 - security release

2002-11-25 Thread Tim Winders 
I just upgraded to 2.2.7 and noticed a problem.  I use samba as a domain
controller for my Win98 machines.  After the upgrade to 2.2.7 all the
users but myself were getting a failure to login to the domain.  In the
log file for the machine, I see this error.

[2002/11/25 15:04:32, 0] smbd/service.c:(597)
  sisrael (64.69.243.114) Can't change directory to /data/Lkr_Usr_/twinders/tmp 
(Permission denied)

In this case, the user trying to login is sisrael, but the service.c
package is trying to change the the TMP directory that was set when I
configured samba.

I've tried to reinstall 2.2.6, but I'm having the same problem.

I am not sure if this is a 2.2.7 issue, a local config issue, or what.
But, I'm very confused and current samba is "down" for my users.  

 **
Tim Winders, MCSE, CNE, CCNA
Associate Dean of Information Technology
South Plains College
Levelland, TX  79336

Phone:  806-894-9611 x 2369
FAX:806-894-1549
Email:  [EMAIL PROTECTED]
 **


On Wed, 20 Nov 2002, Gerald (Jerry) Carter wrote:

> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> The Samba Team is proud to announce the release of Samba 2.2.7.
>
> A security hole has been discovered in versions 2.2.2 through 2.2.6
> of Samba that could potentially allow an attacker to gain root access
> on the target machine.  The word "potentially" is used because there
> is no known exploit of this bug, and the Samba Team has not been able to
> craft one ourselves. However, the seriousness of the problem warrants
> this immediate 2.2.7 release.
>
> In addition to addressing this security issue, Samba 2.2.7 also includes
> thirteen unrelated improvements. These improvements result from our
> process of continuous quality assurance and code review, and are part of
> the Samba team's commitment to excellence.
>
> The source code can be downloaded from :
>
> http://download.samba.org/samba/ftp/
>
> All current source releases have been signed as well using the
> Samba Distribution Key (http://web/samba/ftp/samba-pubkey.asc)
>
> Binary packages for major platforms can be found at
>
> http://download.samba.org/samba/ftp/Binary_Packages/
>
> The release notes follow.
>
> As always, all bugs are our responsibility.
>
>   --Enjoy
>   The Samba Team
>
>
>
> WHAT'S NEW IN Samba 2.2.7 - 20th November 2002
> ==
>
> This is the latest stable release of Samba. This is the version
> that all production Samba servers should be running for all current
> bug-fixes.
>
> IMPORTANT: Security bugfix for Samba
> - 
>
> Summary
> - ---
>
> A security hole has been discovered in versions 2.2.2 through 2.2.6
> of Samba that could potentially allow an attacker to gain root access
> on the target machine.  The word "potentially" is used because there
> is no known exploit of this bug, and the Samba Team has not been able to
> craft one ourselves. However, the seriousness of the problem warrants
> this immediate 2.2.7 release.
>
> In addition to addressing this security issue, Samba 2.2.7 also includes
> thirteen unrelated improvements. These improvements result from our
> process of continuous quality assurance and code review, and are part of
> the Samba team's commitment to excellence.
>
> Details
> - ---
>
> There was a bug in the length checking for encrypted password change
> requests from clients. A client could potentially send an encrypted
> password, which, when decrypted with the old hashed password could be
> used as a buffer overrun attack on the stack of smbd. The attach would
> have to be crafted such that converting a DOS codepage string to little
> endian UCS2 unicode would translate into an executable block of code.
>
> All versions of Samba between 2.2.2 to 2.2.6 inclusive are vulnerable
> to this problem. This version of Samba 2.2.7 contains a fix for this
> problem.
>
> Earlier versions of Samba are not vulnerable.
>
> There is no known exploit or exploit code for this vulnerability,
> it was discovered by a code audit by Debian Samba maintainers.
>
> Credit
> - --
>
> Thanks to Steve Langasek  and Eloy Paris
>  for bringing this vulnerability to our notice.
>
> Patch for Samba versions 2.2.2 to 2.2.6
> - ---
>
> The following patch applies cleanly to the above Samba versions
> and will fix the vulnerability for sites that do not wish to upgrade
> to 2.2.7 at this time.
>
> - ---cut here-
> - --- libsmb/smbencrypt.c.origTue Nov 19 17:21:57 2002
> +++ libsmb/smbencrypt.c Tue Nov 19 17:22:12 2002
> @@ -63,7 +63,7 @@
> if(len > 128)
> len = 128;
> /* Password must be converted to NT unicode - n