El Sab, 26 de Mayo de 2007, 11:54 am, Christian Perrier escribió: > (coipy to submitter of #426002) > >> This is a copy of a bug opened upstream. A patch is avaliable for >> 3.0.25 but not for 3.0.24 on etch. >> It happens on i386, and alpha. 3.0.24-etch2 suffers from the bug too. >> >> >> I'm using Gentoo (the stable tree) and Debian Etch. The recent update >> that >> fixes three security bugs has broken my samba domain. I'm able to login >> in >> the >> domain but when accessing the share of a machine which is not the PDC, >> the >> sharing machine denies my access. >> >> "smbclient -L with my user" against that sharig machine returns me >> NT_STATUS_NO_LOGON_SERVERS. If I try smbclient against the PDC, the PDC >> returns >> me the list of shares. The problem seems to be the fix for >> CVE-2007-2446. >> If I >> recompile the samba package without that fix in my Gentoo boxes, the >> whole >> domain works perfectly. The same goes for the Debian machines, if I >> downgrade >> the version to the non fixed. > > > Could you test packages from http://people.debian.org/~bubulle/samba? > > 1151c8a4d4356e8ec4deb60af87ed313 libpam-smbpass_3.0.24-6etch3_i386.deb > fc8a6990a952c06e60e12285e33a3d5f libsmbclient-dev_3.0.24-6etch3_i386.deb > c8457c2980a2e291ea52a0432e2cb425 libsmbclient_3.0.24-6etch3_i386.deb > b6f34b7d41913203b195919d8e6f5adf python-samba_3.0.24-6etch3_i386.deb > b842159ed11fcf83323cacaa41606a3e samba-common_3.0.24-6etch3_i386.deb > 8b814491a3ab52eb216fe291e50be19e samba-dbg_3.0.24-6etch3_i386.deb > db52dd9d1e185a2e9f74f3001e6cae2b samba-doc-pdf_3.0.24-6etch3_all.deb > c090aedf8110a2680d8deb3b2cc6b057 samba-doc_3.0.24-6etch3_all.deb > 25424757cc9082884671ab95f938915e samba_3.0.24-6etch3.diff.gz > ef244d5306c5575b66cf8147ce75d5c2 samba_3.0.24-6etch3.dsc > cd339e634942b8166ac2e583d4f86de8 samba_3.0.24-6etch3_i386.changes > ace5da23cc6f697341921d64d289fb44 samba_3.0.24-6etch3_i386.deb > e42e2c93819bc7039fdb2c09afdd3918 smbclient_3.0.24-6etch3_i386.deb > 12980c866b761e64c4f3382abaf71cba smbfs_3.0.24-6etch3_i386.deb > 46a45a8c507affa4c6b62054808e24a3 swat_3.0.24-6etch3_i386.deb > 3aee9f4a8a00698b375cbc4b0a0efc07 winbind_3.0.24-6etch3_i386.deb > > > We want to have these in etch ASAP but we would prefer that people > experiencing the bug can check if the bug is fixed. > > > >
Hi, I tested it with the exception of samba_3.0.24-6etch3_i386.deb because it depends on libgnutls11 that doesn't exist in etch3. First at all I tried wbinfo without improvement: c411b:~# wbinfo -a LANGROUP\\lmguest%------ plaintext password authentication failed error code was NT_STATUS_NO_LOGON_SERVERS (0xc000005e) error messsage was: No logon servers Could not authenticate user LANGROUP\lmguest%------ with plaintext password challenge/response password authentication failed error code was NT_STATUS_NO_LOGON_SERVERS (0xc000005e) error messsage was: No logon servers Could not authenticate user LANGROUP\lmguest with challenge/response c411b~# Please note that if I misstype the password I get a different answer c411b:~# wbinfo -a LANGROUP\\lmguest%xxxxxx plaintext password authentication failed error code was NT_STATUS_WRONG_PASSWORD (0xc000006a) error messsage was: Wrong Password Could not authenticate user LANGROUP\lmguest%xxxxxx with plaintext password challenge/response password authentication failed error code was NT_STATUS_WRONG_PASSWORD (0xc000006a) error messsage was: Wrong Password Could not authenticate user LANGROUP\lmguest with challenge/response c411b:~# I don't have problems at all with smbclient Your, -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]