=========================================================== Ubuntu Security Notice USN-41-1 December 17, 2004 samba vulnerability CAN-2004-1154 ===========================================================
A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) The following packages are affected: samba The problem can be corrected by upgrading the affected package to version 3.0.7-1ubuntu6.3. In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Greg MacManus discovered an integer overflow in Samba's smbd daemon. Requesting a very large number of access control descriptors from the server caused an integer overflow, which resulted in a memory allocation being too short, thus causing a buffer overflow. By sending carefully crafted data, an attacker could exploit this to execute arbitrary code on the server with full root permissions. Source archives: http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.7-1ubuntu6.3.diff.gz Size/MD5: 374667 ce3dde42bd70c426634839cf54782e0a http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.7-1ubuntu6.3.dsc Size/MD5: 937 a8a5ff93eedc6ea1679149b4f069e3f3 http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.7.orig.tar.gz Size/MD5: 15012667 5906341429e64214909865a4be92e4ab Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-doc_3.0.7-1ubuntu6.3_all.deb Size/MD5: 11604286 39702eae0c00e0c3bd78fa1c6b99620e amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/universe/s/samba/libpam-smbpass_3.0.7-1ubuntu6.3_amd64.deb Size/MD5: 370810 e5e8868af27b6e4d8ffc44bf9fe1ed1e http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.0.7-1ubuntu6.3_amd64.deb Size/MD5: 762814 636deea4ededb8cc8de09397187ddf7f http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.0.7-1ubuntu6.3_amd64.deb Size/MD5: 575488 8f47e7277392604c5555b3e0c4058021 http://security.ubuntu.com/ubuntu/pool/main/s/samba/python2.3-samba_3.0.7-1ubuntu6.3_amd64.deb Size/MD5: 5018166 4c21f61021372d2c733452365d5c96c9 http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.0.7-1ubuntu6.3_amd64.deb Size/MD5: 2090898 d10d1211d3225f0d6b22d6be2011bb48 http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.7-1ubuntu6.3_amd64.deb Size/MD5: 2667600 6702caa1600427d6b2d73c54f3b2bdc8 http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.0.7-1ubuntu6.3_amd64.deb Size/MD5: 2710742 aa35b3cd3c7abc558bee8af18e611beb http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.0.7-1ubuntu6.3_amd64.deb Size/MD5: 361416 fe47fc6ef1c2481491014340da3b3490 http://security.ubuntu.com/ubuntu/pool/universe/s/samba/swat_3.0.7-1ubuntu6.3_amd64.deb Size/MD5: 4027140 3273db2b3afaef0d9b2c9e72479b6a59 http://security.ubuntu.com/ubuntu/pool/universe/s/samba/winbind_3.0.7-1ubuntu6.3_amd64.deb Size/MD5: 1527704 252e4e5bd8d10e9f4c4e9c88d4de22e0 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/universe/s/samba/libpam-smbpass_3.0.7-1ubuntu6.3_i386.deb Size/MD5: 327364 630f7d24ee6cfc37f7243a407e4a1267 http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.0.7-1ubuntu6.3_i386.deb Size/MD5: 687708 c458ee0029d72a3654fb712e9739b2b3 http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.0.7-1ubuntu6.3_i386.deb Size/MD5: 510324 e6da157c33a4b765728e4615163985f1 http://security.ubuntu.com/ubuntu/pool/main/s/samba/python2.3-samba_3.0.7-1ubuntu6.3_i386.deb Size/MD5: 4418918 d52eaee2504ffae81278721b0ccea558 http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.0.7-1ubuntu6.3_i386.deb Size/MD5: 1836502 41d3d3c8e0683ab554a8032568f675f7 http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.7-1ubuntu6.3_i386.deb Size/MD5: 2299824 4cbe8d86b4f61f6eb056baa2fb6f3152 http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.0.7-1ubuntu6.3_i386.deb Size/MD5: 2302160 be1e26f821bc43835ddce7054758adb3 http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.0.7-1ubuntu6.3_i386.deb Size/MD5: 309120 c7bc13d8b6eb2bd12fe39a63c9c0cc2a http://security.ubuntu.com/ubuntu/pool/universe/s/samba/swat_3.0.7-1ubuntu6.3_i386.deb Size/MD5: 3938838 f43e590aca75c1e51397dc5db26f7f81 http://security.ubuntu.com/ubuntu/pool/universe/s/samba/winbind_3.0.7-1ubuntu6.3_i386.deb Size/MD5: 1300364 0cb13bb316158c620587910c07c5286c powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/universe/s/samba/libpam-smbpass_3.0.7-1ubuntu6.3_powerpc.deb Size/MD5: 356442 1fcbf302736e3a25c25f075263ab5876 http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.0.7-1ubuntu6.3_powerpc.deb Size/MD5: 706168 b3cc80d1417a167e0a6e3ff7470818eb http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.0.7-1ubuntu6.3_powerpc.deb Size/MD5: 566350 aa443355cc2e4d87d3eb0f03b2c7a144 http://security.ubuntu.com/ubuntu/pool/main/s/samba/python2.3-samba_3.0.7-1ubuntu6.3_powerpc.deb Size/MD5: 4811490 18553dbc7c5816a647dca8a13842fbfa http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.0.7-1ubuntu6.3_powerpc.deb Size/MD5: 2045052 ccce36d9d07ebcaa017e15cae5cb6fc1 http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.7-1ubuntu6.3_powerpc.deb Size/MD5: 2620790 12cb87e420932b735ce3d691a136566a http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.0.7-1ubuntu6.3_powerpc.deb Size/MD5: 2656812 e38917838372c2c2580ffa50035e40d4 http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.0.7-1ubuntu6.3_powerpc.deb Size/MD5: 353458 ad5f350383324d2b9b109ced4a249f06 http://security.ubuntu.com/ubuntu/pool/universe/s/samba/swat_3.0.7-1ubuntu6.3_powerpc.deb Size/MD5: 4016148 30fa677d4c19833873d1bab4c83acb16 http://security.ubuntu.com/ubuntu/pool/universe/s/samba/winbind_3.0.7-1ubuntu6.3_powerpc.deb Size/MD5: 1482364 33132688997e5e72759c8f85e61d2a9c
signature.asc
Description: Digital signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html