drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in samba
Name: |
Mehrere Probleme in samba |
|
ID: |
DSA-1291-2 |
|
Distribution: |
Debian |
|
Plattformen: |
Debian sarge |
|
Datum: |
Do, 17. Mai 2007, 14:36 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2446
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2447 |
|
Applikationen: |
Samba |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
- ------------------------------------------------------------------------ Debian Security Advisory DSA-1291-2 security@debian.org http://www.debian.org/security/ Noah Meyerhans May 15, 2007 - ------------------------------------------------------------------------
Package : samba Vulnerability : several Problem type : remote Debian-specific: no CVE Id(s) : CVE-2007-2446 CVE-2007-2447
This update to DSA-1291 covers the old stable version of Debian, 3.1 (sarge). The current stable distribution, 4.0 (etch) was updated previously.
Several issues have been identified in Samba, the SMB/CIFS file- and print-server implementation for GNU/Linux.
CVE-2007-2446 Various bugs in Samba's NDR parsing can allow a user to send specially crafted MS-RPC requests that will overwrite the heap space with user defined data.
CVE-2007-2447 Unescaped user input parameters are passed as arguments to /bin/sh allowing for remote command execution
For the old stable distribution (sarge), these problems have been fixed in version 3.0.14a-3sarge6
We recommend that you upgrade your samba package.
Upgrade instructions - --------------------
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian 3.1 (oldstable) - ----------------------
Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390 and sparc.
Source archives:
samba_3.0.14a-3sarge6.diff.gz Size/MD5 checksum: 122946 4f8326351368c07b9ff7e4925f65bc64 samba_3.0.14a.orig.tar.gz Size/MD5 checksum: 15605851 ebee37e66a8b5f6fd328967dc09088e8 samba_3.0.14a-3sarge6.dsc Size/MD5 checksum: 1081 c3bcc5438c9dc922f5ac9bc75bf825cb
Architecture independent packages:
samba-doc_3.0.14a-3sarge6_all.deb Size/MD5 checksum: 12117076 75895a83ad2be113b383bdf4d5f16c24
alpha architecture (DEC Alpha)
samba_3.0.14a-3sarge6_alpha.deb Size/MD5 checksum: 3128680 fdc226d93c10ffb386b3c9bcff83314e smbclient_3.0.14a-3sarge6_alpha.deb Size/MD5 checksum: 3251018 e3eb57b061d45bc4fd20083292cf2075 samba-dbg_3.0.14a-3sarge6_alpha.deb Size/MD5 checksum: 20269380 bf7af04d9d769277c42e004fafd908a1 python2.3-samba_3.0.14a-3sarge6_alpha.deb Size/MD5 checksum: 5237292 ca9d898183187b3db37131b8be456c65 libsmbclient_3.0.14a-3sarge6_alpha.deb Size/MD5 checksum: 659878 4b35df8ced7e2aea0080c1aed7c0f9eb swat_3.0.14a-3sarge6_alpha.deb Size/MD5 checksum: 4223662 5401c52bda1aee10d4c919b794c69f9a libsmbclient-dev_3.0.14a-3sarge6_alpha.deb Size/MD5 checksum: 1015318 dadfd640543ef97d00b438d2e6c6cab9 libpam-smbpass_3.0.14a-3sarge6_alpha.deb Size/MD5 checksum: 402080 6025f427e4f2079a9a3c0d38ccff2590 samba-common_3.0.14a-3sarge6_alpha.deb Size/MD5 checksum: 2408536 f3dc91c30a136ccc0258fb46717d1100 smbfs_3.0.14a-3sarge6_alpha.deb Size/MD5 checksum: 459420 47640a2054996e789d30e4b87bd89dfe winbind_3.0.14a-3sarge6_alpha.deb Size/MD5 checksum: 1824256 c8318790e5753f909c1357077a1aa9e7
amd64 architecture (AMD x86_64 (AMD64))
smbfs_3.0.14a-3sarge6_amd64.deb Size/MD5 checksum: 410744 71f863e69b711158d0554b9ab0bdea91 samba-common_3.0.14a-3sarge6_amd64.deb Size/MD5 checksum: 2194602 d7fdf1b2bbc022c2c28f2fc144150423 samba_3.0.14a-3sarge6_amd64.deb Size/MD5 checksum: 2809708 1c458a57b0d71ce87c351604b1b09a56 smbclient_3.0.14a-3sarge6_amd64.deb Size/MD5 checksum: 2867578 6fe353c5220415d216c226752380ad92 python2.3-samba_3.0.14a-3sarge6_amd64.deb Size/MD5 checksum: 5201452 73c761829c2028d8d6cd1d0a8bb9b928 swat_3.0.14a-3sarge6_amd64.deb Size/MD5 checksum: 4122944 03995b1619ebffc05601b55bb3e869f5 libsmbclient-dev_3.0.14a-3sarge6_amd64.deb Size/MD5 checksum: 795870 b0d51fd313d908298961395772ef99fa libsmbclient_3.0.14a-3sarge6_amd64.deb Size/MD5 checksum: 599934 847f20d894b61f575528e2e6f6898548 winbind_3.0.14a-3sarge6_amd64.deb Size/MD5 checksum: 1651498 e250dc0f25b07079f1b9c833bfd8a1d4 libpam-smbpass_3.0.14a-3sarge6_amd64.deb Size/MD5 checksum: 381356 431107c30553acd4f5637e72c8f2c26a samba-dbg_3.0.14a-3sarge6_amd64.deb Size/MD5 checksum: 6490828 34d990ccb6b1b48e3d61d10df992ad84
arm architecture (ARM)
samba_3.0.14a-3sarge6_arm.deb Size/MD5 checksum: 2558752 841332d7eff8b8f1416d5749075d80b8 samba-common_3.0.14a-3sarge6_arm.deb Size/MD5 checksum: 2010338 e3c136a12ddefbe00917a28f4ab2654c libpam-smbpass_3.0.14a-3sarge6_arm.deb Size/MD5 checksum: 341592 2305704f6250b2edd2a45df0cd5c1815 smbfs_3.0.14a-3sarge6_arm.deb Size/MD5 checksum: 376050 b0d1d9de768403b6fa3831f2ceefe5a1 swat_3.0.14a-3sarge6_arm.deb Size/MD5 checksum: 4064504 66256fbb01e48dddefbcafda6bf7f728 python2.3-samba_3.0.14a-3sarge6_arm.deb Size/MD5 checksum: 4649064 231acbdc63203063cfda4c1aace344b7 winbind_3.0.14a-3sarge6_arm.deb Size/MD5 checksum: 1484410 6c45402cb53b5e2133bd1aa3fef39fc1 libsmbclient-dev_3.0.14a-3sarge6_arm.deb Size/MD5 checksum: 823012 d4ba7d8848eb04177cd35800bc1fcd41 smbclient_3.0.14a-3sarge6_arm.deb Size/MD5 checksum: 2598164 46427726913eb28866fd746189c73c22 libsmbclient_3.0.14a-3sarge6_arm.deb Size/MD5 checksum: 544988 c8b5d252a6e9da10e4fb9978a74e2eee samba-dbg_3.0.14a-3sarge6_arm.deb Size/MD5 checksum: 6666782 dfa95b7f0526948b88e9dfd131d1f05c
hppa architecture (HP PA RISC)
smbfs_3.0.14a-3sarge6_hppa.deb Size/MD5 checksum: 417204 6aad398b42d7e937ee7f85922f25b36e libsmbclient_3.0.14a-3sarge6_hppa.deb Size/MD5 checksum: 644022 817df944f0b763bd1fbc7ec53de09ae8 winbind_3.0.14a-3sarge6_hppa.deb Size/MD5 checksum: 1691330 969db308415104350a39677cba2c3457 libsmbclient-dev_3.0.14a-3sarge6_hppa.deb Size/MD5 checksum: 895006 6315efe06f7f1a2c500b74cbdee2b7af libpam-smbpass_3.0.14a-3sarge6_hppa.deb Size/MD5 checksum: 404068 cc8cbd0825b730f531b1fa3d46408ebb smbclient_3.0.14a-3sarge6_hppa.deb Size/MD5 checksum: 2917062 d5ed7631a01252410e69a41588283247 samba-common_3.0.14a-3sarge6_hppa.deb Size/MD5 checksum: 2216138 c5e805c7267967b62058868e901a0acb python2.3-samba_3.0.14a-3sarge6_hppa.deb Size/MD5 checksum: 5552058 fd743858d77e5fd5a044db4686b5d0c4 swat_3.0.14a-3sarge6_hppa.deb Size/MD5 checksum: 4134882 6008872c967aaa32c1047689cf6a5b78 samba_3.0.14a-3sarge6_hppa.deb Size/MD5 checksum: 2866374 c94110770a67b05eeeed4adc86d0f416 samba-dbg_3.0.14a-3sarge6_hppa.deb Size/MD5 checksum: 6469082 b94de6b7e6b499288a78206f3722e6a8
i386 architecture (Intel ia32)
swat_3.0.14a-3sarge6_i386.deb Size/MD5 checksum: 4059030 e90fd2bf75afc2571ab0b6b86f34abc7 smbfs_3.0.14a-3sarge6_i386.deb Size/MD5 checksum: 370796 1648054136295986f00048e07c861e8a libpam-smbpass_3.0.14a-3sarge6_i386.deb Size/MD5 checksum: 347478 489604b1c715e836a1e64f3d48db16e5 samba-dbg_3.0.14a-3sarge6_i386.deb Size/MD5 checksum: 6678150 48ec7bb648ec804625f3eb7e14b65900 python2.3-samba_3.0.14a-3sarge6_i386.deb Size/MD5 checksum: 4744328 bedc594807490934c9d415e73c683f7f samba-common_3.0.14a-3sarge6_i386.deb Size/MD5 checksum: 2007068 7d76ea95b261c395799bd3ccc0a7cc3a libsmbclient-dev_3.0.14a-3sarge6_i386.deb Size/MD5 checksum: 737268 98bfe76a1291310ab473c1b302af14c0 winbind_3.0.14a-3sarge6_i386.deb Size/MD5 checksum: 1484096 a8aa1003a42b5a168be74c6efc98dd88 samba_3.0.14a-3sarge6_i386.deb Size/MD5 checksum: 2554240 82e96c6c31f35a698c0701889f2d76f3 smbclient_3.0.14a-3sarge6_i386.deb Size/MD5 checksum: 2566558 d30b83341b53754e875f580c56357056 libsmbclient_3.0.14a-3sarge6_i386.deb Size/MD5 checksum: 549188 a4d2711596e34cfcf4babd6e1a5308b8
ia64 architecture (Intel ia64)
libsmbclient_3.0.14a-3sarge6_ia64.deb Size/MD5 checksum: 754684 293e11b397ac9eb32f15d5aab691aff3 libpam-smbpass_3.0.14a-3sarge6_ia64.deb Size/MD5 checksum: 473240 fe4150c635fa517b0f2aebd783799c10 samba_3.0.14a-3sarge6_ia64.deb Size/MD5 checksum: 3817758 5f8f53ba7b8ec836eb6cc8b6e0fb731c winbind_3.0.14a-3sarge6_ia64.deb Size/MD5 checksum: 2212786 ded6e5762e0f377a0f8c9cbff28a719d swat_3.0.14a-3sarge6_ia64.deb Size/MD5 checksum: 4362502 3e2e4e03d606ac7a181c7759e4938384 libsmbclient-dev_3.0.14a-3sarge6_ia64.deb Size/MD5 checksum: 1035496 260aae25622eabda48c16921d72b25a0 smbclient_3.0.14a-3sarge6_ia64.deb Size/MD5 checksum: 3924906 8b89883eeaf0a56abb03eb463c292412 samba-common_3.0.14a-3sarge6_ia64.deb Size/MD5 checksum: 2854988 597968f7acc92b82c6f17c81af6bce7d samba-dbg_3.0.14a-3sarge6_ia64.deb Size/MD5 checksum: 675066 ba723c5c04022ca32460e730b81dd813 smbfs_3.0.14a-3sarge6_ia64.deb Size/MD5 checksum: 548102 1ab76c9bf18dd58d173318756dd5d676 python2.3-samba_3.0.14a-3sarge6_ia64.deb Size/MD5 checksum: 6626906 4f31c6792d8a7ffd5c9537ac4b9f7ca1
m68k architecture (Motorola Mc680x0)
libsmbclient_3.0.14a-3sarge6_m68k.deb Size/MD5 checksum: 520938 2cd5cda7d355e7455f1020ccffb2d839 libpam-smbpass_3.0.14a-3sarge6_m68k.deb Size/MD5 checksum: 329972 1b6ce06ff69be51d97fd00dbf5af1b1b samba_3.0.14a-3sarge6_m68k.deb Size/MD5 checksum: 2223178 2fe0834d6be01470516b5915fe77748c smbfs_3.0.14a-3sarge6_m68k.deb Size/MD5 checksum: 335120 6a5c9e36624f2b7081034bcce3d35447 swat_3.0.14a-3sarge6_m68k.deb Size/MD5 checksum: 3973490 86de9bbb717c00db2d6b6176b409af43 smbclient_3.0.14a-3sarge6_m68k.deb Size/MD5 checksum: 2234712 a24a622f3982744f197d0b0245676a9d python2.3-samba_3.0.14a-3sarge6_m68k.deb Size/MD5 checksum: 4548744 e69d79c409971910a45f1ed1458dcfbb samba-common_3.0.14a-3sarge6_m68k.deb Size/MD5 checksum: 1782636 20ea74088904fcb303bb53bb1da4b8fb winbind_3.0.14a-3sarge6_m68k.deb Size/MD5 checksum: 1314838 2c0ddc296f0899e7373135d80a60fca1 libsmbclient-dev_3.0.14a-3sarge6_m68k.deb Size/MD5 checksum: 656726 0b0f69d7594b4f633796af6b28eff430 samba-dbg_3.0.14a-3sarge6_m68k.deb Size/MD5 checksum: 6333346 e22172ffc5b708e755cda6ae15737ca0
mips architecture (MIPS (Big Endian))
samba-common_3.0.14a-3sarge6_mips.deb Size/MD5 checksum: 2157738 2bb2b32db963fe7314cf6c0c87bb5260 smbclient_3.0.14a-3sarge6_mips.deb Size/MD5 checksum: 2824042 884d18263dc77be4752dbbf81198a516 swat_3.0.14a-3sarge6_mips.deb Size/MD5 checksum: 4104974 891cea3efbfcb1b5d4bd49210713fead samba_3.0.14a-3sarge6_mips.deb Size/MD5 checksum: 2778894 f7e8433c410e5d4ee8282689e3232bb8 libpam-smbpass_3.0.14a-3sarge6_mips.deb Size/MD5 checksum: 356680 83abc34808541504ba2eb88d95004c97 python2.3-samba_3.0.14a-3sarge6_mips.deb Size/MD5 checksum: 4668928 886bad4338e06f4f4405699521dae558 winbind_3.0.14a-3sarge6_mips.deb Size/MD5 checksum: 1605954 c16ee4fbd1aa294feab0ddd819299a03 libsmbclient-dev_3.0.14a-3sarge6_mips.deb Size/MD5 checksum: 821674 533cdf1eb4eefd48a8c54e5c3b7bee84 libsmbclient_3.0.14a-3sarge6_mips.deb Size/MD5 checksum: 556238 a7d597fc46c1720ac3151ff51b169016 smbfs_3.0.14a-3sarge6_mips.deb Size/MD5 checksum: 412396 1e1b09ff4c593641d4682ad23a8fb7dc samba-dbg_3.0.14a-3sarge6_mips.deb Size/MD5 checksum: 6763000 0cec083abea75f5ada12b59d03f7bb21
mipsel architecture (MIPS (Little Endian))
smbclient_3.0.14a-3sarge6_mipsel.deb Size/MD5 checksum: 2819746 261649678421d597d04ff90cae66bb96 libsmbclient-dev_3.0.14a-3sarge6_mipsel.deb Size/MD5 checksum: 813366 559ad8da40e56eaca2ddfdabbf1aff47 smbfs_3.0.14a-3sarge6_mipsel.deb Size/MD5 checksum: 411316 7cfff3bb62a7b63802ca84f64b23662c samba_3.0.14a-3sarge6_mipsel.deb Size/MD5 checksum: 2780008 da8d77ac13a92c3c477fc9965464806b python2.3-samba_3.0.14a-3sarge6_mipsel.deb Size/MD5 checksum: 4654562 c61675536800dd18b9ca4dbbe1342b32 samba-common_3.0.14a-3sarge6_mipsel.deb Size/MD5 checksum: 2153928 f53bfb5aec6ca9d9bddb20e6e94dc1f9 swat_3.0.14a-3sarge6_mipsel.deb Size/MD5 checksum: 4103248 f014649805165e64ead7c72208ec7352 winbind_3.0.14a-3sarge6_mipsel.deb Size/MD5 checksum: 1602988 496d2b9b942ae186d06eed2a5cb4eb36 libpam-smbpass_3.0.14a-3sarge6_mipsel.deb Size/MD5 checksum: 355644 c9b7f2de8b80e21cc29e235d75ba559a samba-dbg_3.0.14a-3sarge6_mipsel.deb Size/MD5 checksum: 6577454 12a0b66d1227d0a1340685ad7da447f2 libsmbclient_3.0.14a-3sarge6_mipsel.deb Size/MD5 checksum: 553974 a1f050713cbf6fe665c3fbe1bad757dd
powerpc architecture (PowerPC)
python2.3-samba_3.0.14a-3sarge6_powerpc.deb Size/MD5 checksum: 5012896 89858637ec9126006671f9c183c980c5 samba_3.0.14a-3sarge6_powerpc.deb Size/MD5 checksum: 2774662 ffca27b98f00de48269ba573a7c7d415 libsmbclient_3.0.14a-3sarge6_powerpc.deb Size/MD5 checksum: 591660 9e8dd1da27f9fff7f6f6c8d128b491bb libsmbclient-dev_3.0.14a-3sarge6_powerpc.deb Size/MD5 checksum: 737272 10ff77cf09402e3a6bf21c7776957c6f winbind_3.0.14a-3sarge6_powerpc.deb Size/MD5 checksum: 1614186 ffebe1adf0ff594f38920c0f0069352c smbclient_3.0.14a-3sarge6_powerpc.deb Size/MD5 checksum: 2826574 df361572386b5f4b0f32b998ca2e8617 smbfs_3.0.14a-3sarge6_powerpc.deb Size/MD5 checksum: 406886 190eb0e71374868ab714137ce4d73c79 samba-dbg_3.0.14a-3sarge6_powerpc.deb Size/MD5 checksum: 6864912 430e437f38e198da16934ab1b608909e libpam-smbpass_3.0.14a-3sarge6_powerpc.deb Size/MD5 checksum: 368528 745ffef64ef68791d02b9dc9e501aded samba-common_3.0.14a-3sarge6_powerpc.deb Size/MD5 checksum: 2156232 036eeab7523998b3e0c122a422aadaf7 swat_3.0.14a-3sarge6_powerpc.deb Size/MD5 checksum: 4112916 fb301d52d77b3ac2b48560e1bd8638f9
s390 architecture (IBM S/390)
python2.3-samba_3.0.14a-3sarge6_s390.deb Size/MD5 checksum: 5288018 f70a5ef7cad883589dd767f9c5fd4c08 smbclient_3.0.14a-3sarge6_s390.deb Size/MD5 checksum: 2776458 8decbd733fb27f29f35bd907da2683f9 samba-dbg_3.0.14a-3sarge6_s390.deb Size/MD5 checksum: 6840734 a41e848412a94ea7e75123b454246c0b libsmbclient-dev_3.0.14a-3sarge6_s390.deb Size/MD5 checksum: 797088 587e267beb026ee294e87f9e0a415b27 libsmbclient_3.0.14a-3sarge6_s390.deb Size/MD5 checksum: 604388 6d174151e884f52b60dcbd0aebdf8f04 samba_3.0.14a-3sarge6_s390.deb Size/MD5 checksum: 2725924 e58591f81d84022ebcaec72339dddf8b swat_3.0.14a-3sarge6_s390.deb Size/MD5 checksum: 4093040 1d9de96b0e8f88114629d6ebae316489 libpam-smbpass_3.0.14a-3sarge6_s390.deb Size/MD5 checksum: 386128 b96a29176d452eacaaa5ea9ee90bad5e samba-common_3.0.14a-3sarge6_s390.deb Size/MD5 checksum: 2124184 c54efd2cdbe3af57b1dacc9d343259e1 smbfs_3.0.14a-3sarge6_s390.deb Size/MD5 checksum: 404818 8427840b736995ad0e86eb3101eb6ce0 winbind_3.0.14a-3sarge6_s390.deb Size/MD5 checksum: 1614504 419e09d7823d70ee7e7554b6f2109409
sparc architecture (Sun SPARC/UltraSPARC)
samba_3.0.14a-3sarge6_sparc.deb Size/MD5 checksum: 2524918 877106ee743173e8e852ff74bbf2f8a5 libpam-smbpass_3.0.14a-3sarge6_sparc.deb Size/MD5 checksum: 356144 7f54481c83240921ca014cc3b866956b samba-common_3.0.14a-3sarge6_sparc.deb Size/MD5 checksum: 1979316 2b2e23b8a6e306af8bd59d54c9d87a4f smbclient_3.0.14a-3sarge6_sparc.deb Size/MD5 checksum: 2544530 fdbcdee922e63cfc506352af03bd5fbc python2.3-samba_3.0.14a-3sarge6_sparc.deb Size/MD5 checksum: 4864656 2ab6df5285fa19130f75517f17e4918b smbfs_3.0.14a-3sarge6_sparc.deb Size/MD5 checksum: 371568 a4e67707ab9e4e36abbf84236f4bc2a8 samba-dbg_3.0.14a-3sarge6_sparc.deb Size/MD5 checksum: 6351842 29979a3a3810d44b2a68fb730052971f winbind_3.0.14a-3sarge6_sparc.deb Size/MD5 checksum: 1478036 92a656e2f0a25597bf1bb0d1f2c39fd4 libsmbclient-dev_3.0.14a-3sarge6_sparc.deb Size/MD5 checksum: 796818 62fb2b156cf8a11799ca3aeb0a72a668 swat_3.0.14a-3sarge6_sparc.deb Size/MD5 checksum: 4057466 91b5469c1de264239a0178cbcf1ad5f1 libsmbclient_3.0.14a-3sarge6_sparc.deb Size/MD5 checksum: 561490 6d5edccbf41e446ebd5028d6ce9dd4e5
These files will probably be moved into the stable distribution on its next update.
- --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-securitydists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGTEnnYrVLjBFATsMRAnGxAJ9v+OtX+3EzrAj2RswWe4VvElOv9ACfVUsi BDKHfEUHdiIlMYa+2Y917ls= =C2Kv -----END PGP SIGNATURE-----
-- To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
|
|
|
|