Debian: 2.1 Advisory Critical: DoS Threat in Samba Update
debian
December 13, 1999
The version of samba as distributed in Debian GNU/Linux 2.1 has a couple ofsecurity problems:* a Denial-of-Service attack against nmbd was possible* it was possible to exploit smbd...
Topics Covered
Summary
The version of samba as distributed in Debian GNU/Linux 2.1 has a couple of
security problems:
* a Denial-of-Service attack against nmbd was possible
* it was possible to exploit smbd if you had a message command defined
which used the %f or %M formatter.
* smbmnt's check to see if a user is allowed to create a mount was flawed
which allowed users to mount at arbitraty mountpoints in the filesystem
These problems have been fixed in version 2.0.5a-1. We recommend you upgrade
your samba packages immediately.
Please note that this is a major upgrade so please be careful when you upgrade
since some changes to the configuration file might be necessary. The
configuration
file also moved to a new location (/etc/samba).
The smbfsx package is also obsolete with this update and has been replaced by
smbfs, which can handle both 2.0 and 2.2 kernels now.
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
Debian GNU/Linux 2.1 alias slink
This version of Deb...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!