Login
Newsletter
Werbung

Sicherheit: Denial of Service in Samba
Aktuelle Meldungen Distributionen
Name: Denial of Service in Samba
ID: MDVSA-2013:207
Distribution: Mandriva
Plattformen: Mandriva Enterprise Server 5.0, Mandriva Business Server 1.0
Datum: Di, 6. August 2013, 15:06
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4124
http://www.samba.org/samba/history/samba-3.6.13.html
http://www.samba.org/samba/history/samba-3.6.14.html
http://www.samba.org/samba/history/samba-3.6.15.html
http://www.samba.org/samba/history/samba-3.6.16.html
http://www.samba.org/samba/history/samba-3.6.17.html
Applikationen: Samba

Originalnachricht

This is a multi-part message in MIME format...

------------=_1375789528-3002-16

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2013:207
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : samba
Date : August 6, 2013
Affected: Business Server 1.0, Enterprise Server 5.0
_______________________________________________________________________

Problem Description:

A vulnerability has been found and corrected in samba:

Integer overflow in the read_nttrans_ea_list function in nttrans.c
in smbd in Samba 3.x before 3.5.22, 3.6.x before 3.6.17, and 4.x
before 4.0.8 allows remote attackers to cause a denial of service
(memory consumption) via a malformed packet (CVE-2013-4124).

The updated packages for Enterprise Server 5.2 has been patched to
correct this issue.

The updated packages for Business Server 1 has been upgraded to the
3.6.17 version which resolves many upstream bugs and is not vulnerable
to this issue. Additionally the libtevent packages are being provided
which is a requirement since samba 3.6.16.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4124
http://www.samba.org/samba/history/samba-3.6.13.html
http://www.samba.org/samba/history/samba-3.6.14.html
http://www.samba.org/samba/history/samba-3.6.15.html
http://www.samba.org/samba/history/samba-3.6.16.html
http://www.samba.org/samba/history/samba-3.6.17.html
http://www.samba.org/samba/security/CVE-2013-4124
_______________________________________________________________________

Updated Packages:

Mandriva Enterprise Server 5:
a4338d4ffff112db5e1a9d4ce3ca88d0
mes5/i586/libnetapi0-3.3.12-0.12mdvmes5.2.i586.rpm
98f81ef3de8b5771db939413a7df33b5
mes5/i586/libnetapi-devel-3.3.12-0.12mdvmes5.2.i586.rpm
687a36f13e217a2da051690fd0a73723
mes5/i586/libsmbclient0-3.3.12-0.12mdvmes5.2.i586.rpm
a1fad872ac2fb33e3d1d4ea873859784
mes5/i586/libsmbclient0-devel-3.3.12-0.12mdvmes5.2.i586.rpm
8e8d9bff087017f7e07346affcdd8fe0
mes5/i586/libsmbclient0-static-devel-3.3.12-0.12mdvmes5.2.i586.rpm
9b814951f2f9841c78fa79d436611a76
mes5/i586/libsmbsharemodes0-3.3.12-0.12mdvmes5.2.i586.rpm
3836708d4fa033ce7e92d6cba3bd57a9
mes5/i586/libsmbsharemodes-devel-3.3.12-0.12mdvmes5.2.i586.rpm
89b7a35f7dcd28df98218819a31f74f0
mes5/i586/libtalloc1-3.3.12-0.12mdvmes5.2.i586.rpm
593e5fd0f3a1f0b2d7066cd48c59638e
mes5/i586/libtalloc-devel-3.3.12-0.12mdvmes5.2.i586.rpm
67bb36c6c164f2607f1c18e7e8be1bb7
mes5/i586/libtdb1-3.3.12-0.12mdvmes5.2.i586.rpm
36c82ea156b3b03110413d9313029f5a
mes5/i586/libtdb-devel-3.3.12-0.12mdvmes5.2.i586.rpm
3bdb87f25c87adcad2dc63d729de6629
mes5/i586/libwbclient0-3.3.12-0.12mdvmes5.2.i586.rpm
c951e4e5b6415d8b811d3a09056dc65e
mes5/i586/libwbclient-devel-3.3.12-0.12mdvmes5.2.i586.rpm
f4ecfcfd2edcff488e8e01e92dde048a
mes5/i586/mount-cifs-3.3.12-0.12mdvmes5.2.i586.rpm
31d83df6e8e79ea1911986caa54c6700
mes5/i586/nss_wins-3.3.12-0.12mdvmes5.2.i586.rpm
12939f0ce1aaa60ef29a1376abafdbc6
mes5/i586/samba-client-3.3.12-0.12mdvmes5.2.i586.rpm
54f249d033e9161f6953583ceb7a8968
mes5/i586/samba-common-3.3.12-0.12mdvmes5.2.i586.rpm
f1514d952b9f04927c7f6710bd9d4783
mes5/i586/samba-doc-3.3.12-0.12mdvmes5.2.i586.rpm
cc23d499471cf3e4a1a9dd2676100039
mes5/i586/samba-server-3.3.12-0.12mdvmes5.2.i586.rpm
fa4dca70f0ce76cd3aeb0151d642034c
mes5/i586/samba-swat-3.3.12-0.12mdvmes5.2.i586.rpm
45dc4c5c108e8aae19f1331cf696ba21
mes5/i586/samba-winbind-3.3.12-0.12mdvmes5.2.i586.rpm
447c206c4202adf72578febd6ce4994f
mes5/SRPMS/samba-3.3.12-0.12mdvmes5.2.src.rpm

Mandriva Enterprise Server 5/X86_64:
27ca2e1359dadd72cdbb6cba9efc42ba
mes5/x86_64/lib64netapi0-3.3.12-0.12mdvmes5.2.x86_64.rpm
cce6ab20d60159b8a449b98e6f553f7f
mes5/x86_64/lib64netapi-devel-3.3.12-0.12mdvmes5.2.x86_64.rpm
010346f8644ababc4c843c90554ca3e1
mes5/x86_64/lib64smbclient0-3.3.12-0.12mdvmes5.2.x86_64.rpm
5cb5954ce9178659a996fec992a73a22
mes5/x86_64/lib64smbclient0-devel-3.3.12-0.12mdvmes5.2.x86_64.rpm
b84b675c138eb9258cf2ca276c906c2c
mes5/x86_64/lib64smbclient0-static-devel-3.3.12-0.12mdvmes5.2.x86_64.rpm
ae1d81f3f0c7d248b14366c29b6c2695
mes5/x86_64/lib64smbsharemodes0-3.3.12-0.12mdvmes5.2.x86_64.rpm
a36aac31f0d7797878b0162c31707112
mes5/x86_64/lib64smbsharemodes-devel-3.3.12-0.12mdvmes5.2.x86_64.rpm
e7c60db83295d3466f715a41b2aa1514
mes5/x86_64/lib64talloc1-3.3.12-0.12mdvmes5.2.x86_64.rpm
d9dfe0e46de1cb438b154fa154e68278
mes5/x86_64/lib64talloc-devel-3.3.12-0.12mdvmes5.2.x86_64.rpm
1c255221c0a05fb382060cb973b89455
mes5/x86_64/lib64tdb1-3.3.12-0.12mdvmes5.2.x86_64.rpm
e4e507399982dc2c319b03def067de19
mes5/x86_64/lib64tdb-devel-3.3.12-0.12mdvmes5.2.x86_64.rpm
209aae3686319e58721b31d56b6cdeef
mes5/x86_64/lib64wbclient0-3.3.12-0.12mdvmes5.2.x86_64.rpm
5a52c2f6c4a4ac54bcdb373bba83ff65
mes5/x86_64/lib64wbclient-devel-3.3.12-0.12mdvmes5.2.x86_64.rpm
3e7f0fbb9c18df92068244c24b1bbdf1
mes5/x86_64/mount-cifs-3.3.12-0.12mdvmes5.2.x86_64.rpm
7e31e8f9b03903de07f312684d121309
mes5/x86_64/nss_wins-3.3.12-0.12mdvmes5.2.x86_64.rpm
a10840ca38583ebf1f3a0323f4ade328
mes5/x86_64/samba-client-3.3.12-0.12mdvmes5.2.x86_64.rpm
18a674c1ba05d8123eac2eb504c4dee9
mes5/x86_64/samba-common-3.3.12-0.12mdvmes5.2.x86_64.rpm
e2d0b4fb9d3dd1d9d07a75efeea1cceb
mes5/x86_64/samba-doc-3.3.12-0.12mdvmes5.2.x86_64.rpm
c80c6f561ad6aa790c66bfe28145a3ee
mes5/x86_64/samba-server-3.3.12-0.12mdvmes5.2.x86_64.rpm
613f7e1bfe07c53970516ab2f124df9b
mes5/x86_64/samba-swat-3.3.12-0.12mdvmes5.2.x86_64.rpm
070b1682e13533cec08b96857f8b9015
mes5/x86_64/samba-winbind-3.3.12-0.12mdvmes5.2.x86_64.rpm
447c206c4202adf72578febd6ce4994f
mes5/SRPMS/samba-3.3.12-0.12mdvmes5.2.src.rpm

Mandriva Business Server 1/X86_64:
915037284efd27685e278e9ace8081df
mbs1/x86_64/lib64netapi0-3.6.17-1.mbs1.x86_64.rpm
afc142187d3218020b18b94bf762c39a
mbs1/x86_64/lib64netapi-devel-3.6.17-1.mbs1.x86_64.rpm
80179bf48ccc600f14c285405b7682a2
mbs1/x86_64/lib64smbclient0-3.6.17-1.mbs1.x86_64.rpm
3893c3cbbe0dc50d7316fc22e55d2deb
mbs1/x86_64/lib64smbclient0-devel-3.6.17-1.mbs1.x86_64.rpm
4fe9d8c749ecd91d262c83c978ec6ca7
mbs1/x86_64/lib64smbclient0-static-devel-3.6.17-1.mbs1.x86_64.rpm
50afc2217bbdccb075762405620be73b
mbs1/x86_64/lib64smbsharemodes0-3.6.17-1.mbs1.x86_64.rpm
91563639a180b53050912d6ef0828e7b
mbs1/x86_64/lib64smbsharemodes-devel-3.6.17-1.mbs1.x86_64.rpm
c09a10899d72f392de16f49574a78702
mbs1/x86_64/lib64tevent0-0.9.17-1.mbs1.x86_64.rpm
5e5bf0c2c48ec03de9ad820f3411a458
mbs1/x86_64/lib64tevent-devel-0.9.17-1.mbs1.x86_64.rpm
0be02fe6acc793457333d026b34cf159
mbs1/x86_64/lib64wbclient0-3.6.17-1.mbs1.x86_64.rpm
fc5038eb86215685afef7aa29e721d54
mbs1/x86_64/lib64wbclient-devel-3.6.17-1.mbs1.x86_64.rpm
06b9d6d55441db1e5fe1b5a43a2be6c4
mbs1/x86_64/nss_wins-3.6.17-1.mbs1.x86_64.rpm
54f4bf43827db43f814ab8485a323095
mbs1/x86_64/python-tevent-0.9.17-1.mbs1.x86_64.rpm
aa27c4e17fef5e61326ad4183a52797c
mbs1/x86_64/samba-client-3.6.17-1.mbs1.x86_64.rpm
12bcaa2da1dd8355b0b8cced8a799bf3
mbs1/x86_64/samba-common-3.6.17-1.mbs1.x86_64.rpm
4e06c7af112367a5c61b0b73d875cce7
mbs1/x86_64/samba-doc-3.6.17-1.mbs1.noarch.rpm
e5d8d7147dfaab75bdf55dce403739b6
mbs1/x86_64/samba-domainjoin-gui-3.6.17-1.mbs1.x86_64.rpm
c6477e547ec012dc4dc29cff7534191c
mbs1/x86_64/samba-server-3.6.17-1.mbs1.x86_64.rpm
7978fc64e044df06a98128060159fdae
mbs1/x86_64/samba-swat-3.6.17-1.mbs1.x86_64.rpm
d072d9878a23aeaac142eb6aef02f473
mbs1/x86_64/samba-virusfilter-clamav-3.6.17-1.mbs1.x86_64.rpm
bf392636bb98fb3f7fb32c7de5be01bf
mbs1/x86_64/samba-virusfilter-fsecure-3.6.17-1.mbs1.x86_64.rpm
73f36e4384ea427f282718aa02368800
mbs1/x86_64/samba-virusfilter-sophos-3.6.17-1.mbs1.x86_64.rpm
788d711e140dde720541d968092f0d71
mbs1/x86_64/samba-winbind-3.6.17-1.mbs1.x86_64.rpm
d3c3ccbff0c59c9a87b4c7e65d02e127 mbs1/SRPMS/samba-3.6.17-1.mbs1.src.rpm
a04162122c764dee8609a9caf2b089a4 mbs1/SRPMS/tevent-0.9.17-1.mbs1.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/en/support/security/advisories/

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iD8DBQFSALVVmqjQ0CJFipgRAphEAKCINy1hi3rEPtPlTpnhBvztdxkn3wCgzUQz
Pz8K3dJcD1Q26YagVdAMBPo=
=KJFD
-----END PGP SIGNATURE-----


------------=_1375789528-3002-16
Content-Type: text/plain; charset="UTF-8";
name="message-footer.txt"
Content-Disposition: inline; filename="message-footer.txt"
Content-Transfer-Encoding: 8bit

To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva?
Go to http://store.mandriva.com
_______________________________________________________


------------=_1375789528-3002-16--
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung