Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Security Week: March 30th, 2015
Linux Advisory Watch: March 27th, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Debian: samba Multiple vulnerabilities Print E-mail
User Rating:      How can I rate this item?
Posted by Team   
Debian A buffer overflow and race condition vulnerabilities have been fixed. These vulnerabilities may lead to remote root compromise.

Debian Security Advisory DSA-262-1                                  Wichert Akkerman
March 15, 2003

Package        : samba
Problem type   : remote exploit
Debian-specific: no
CVE ids        : CAN-2003-0085 CAN-2003-0086

Sebastian Krahmer of the SuSE security audit team found two problems
in samba, a popular SMB/CIFS implementation. The problems are:

* a buffer overflow in the SMB/CIFS packet fragment re-assembly code
  used by smbd.  Since smbd runs as root an attacker can use this to
  gain root access to a machine running smbd.

* the code to write reg files was vulnerable for a chown race which made
  it possible for a local user to overwrite system files

Both problems have been fixed in upstream version 2.2.8, and version
2.2.3a-12.1 of package for Debian GNU/Linux 3.0/woody.


Obtaining updates:

  By hand:
    wget URL
        will fetch the file for you.
    dpkg -i FILENAME.deb
        will install the fetched file.

  With apt:
    deb stable/updates main
        added to /etc/apt/sources.list will provide security updates

Additional information can be found on the Debian security webpages


Debian GNU/Linux 2.2 alias potato

  No fixes for potato are available at this moment.

Debian GNU/Linux 3.0 alias woody

  Woody was released for alpha, arm, hppa, i386, ia64, m68k, mips, mipsel,
  powerpc, s390 and sparc. Updated packages for m68k are not available
  at this moment.

  Source archives:
      Size/MD5 checksum:     1417 f8ba1f1c191d72245498fe8517b34dfb
      Size/MD5 checksum:  5460531 b6ec2f076af69331535a82b586f55254
      Size/MD5 checksum:   105954 c4f722541096dbdc492b3e37d532a457

  Architecture independent packages:
      Size/MD5 checksum:  2446596 09b98f69fe6fa23543824c13c5ef98c5

  alpha architecture (DEC Alpha)
      Size/MD5 checksum:   622740 53102afe9bc7357abaac9e6d163cff15
      Size/MD5 checksum:   600148 cdb00b063309e1bc314c013a2ab7df9d
      Size/MD5 checksum:  1131054 9cf909b0e8b1a71945addbdb0a5b4051
      Size/MD5 checksum:   949532 3310dbdefcc1062ad3d940df6448d106
      Size/MD5 checksum:  1106444 26f1822f7a466d546b8d131e244b9403
      Size/MD5 checksum:  2955638 108a1e79c6e0f4d35d239fa0da5d2af2
      Size/MD5 checksum:   415342 1e0d39fbdd1b4adabc4e83efc9652ade
      Size/MD5 checksum:   489330 4cc41e31ca14bca6c627885bf4158306
      Size/MD5 checksum:  1155752 96fc4d4fba8d5144eca524dab0d3f676

  arm architecture (ARM)
      Size/MD5 checksum:   999684 e9a198658e31008f2029911fa8f3e6c6
      Size/MD5 checksum:   829522 62dec09d61eacb27021e2bd7285a1485
      Size/MD5 checksum:   555796 cf1ed859a65e3918290b046ebb94714e
      Size/MD5 checksum:   460742 b76711eedb3c58557919017bef9b66f3
      Size/MD5 checksum:  1021712 6274000513467291e4e2e636e49e3caa
      Size/MD5 checksum:   546112 1e971721816bd8c5dfdc76e853adc81f
      Size/MD5 checksum:   972556 2b2785914b1de3cd4f5b54a71aafa977
      Size/MD5 checksum:  2541432 52be6e56a2870f7bbb88ed00fb4e6197
      Size/MD5 checksum:   396296 ba0077d84e96b8de2958a1a3d0b0c7ab

  hppa architecture (HP PA RISC)
      Size/MD5 checksum:  2790802 666ba6b6075a9c43d44cee7d66ed654d
      Size/MD5 checksum:   589754 6d80091312fc5a721ab3216785fd8d73
      Size/MD5 checksum:  1081314 09ea41541c03f8e1c7da6a6c3e6bb437
      Size/MD5 checksum:   490812 2757ce04bf7ba705992ef6c5b42da943
      Size/MD5 checksum:  1084730 84eb32632058606e10dfc8b4d7a72552
      Size/MD5 checksum:   589142 df11a8ed279bcc3461ca8a2a08c5e1db
      Size/MD5 checksum:   901054 75e9ed419e91cce810e286f245b7a5ed
      Size/MD5 checksum:   419358 a90c8c66a1370a973a8d757c112704e0
      Size/MD5 checksum:  1059718 c8bcd60bc3d799753215fffd840aec78

  i386 architecture (Intel ia32)
      Size/MD5 checksum:   953846 2ddc41e683b123557c4f95a6d729f650
      Size/MD5 checksum:  2417120 40e0ab43c7c2a05b4321acfe5b3ae92a
      Size/MD5 checksum:   535058 641d95a5c5a27922448fad10b9b8faf5
      Size/MD5 checksum:   930150 ffb594a4b2b89818b05fab828d3cbc2f
      Size/MD5 checksum:   446010 91462c2c5f11ded29d923b1056d4a7f5
      Size/MD5 checksum:   793204 d82a61e9731f157a20f26748e3301b5a
      Size/MD5 checksum:   993054 27c24ec813a504eb098f3c6bff1d0648
      Size/MD5 checksum:   388574 290c9c668bc96ea9d05713e3d6fa0301
      Size/MD5 checksum:   499736 bf6b7464efc203709fee5bcaf5de2f4d

  ia64 architecture (Intel ia64)
      Size/MD5 checksum:  3487288 620b57d229cababb19cf11292343a4f5
      Size/MD5 checksum:   695242 c2801159a9ae051c27507bbc102115b9
      Size/MD5 checksum:  1097430 43756ff78b0400a834b8a818399c2e30
      Size/MD5 checksum:  1328162 1de9184ba777c75e8d64d54cdaeeda21
      Size/MD5 checksum:  1248348 90d5fa39afefc9a48212a9bf06bac0db
      Size/MD5 checksum:  1281494 70a87465a6370a37bb3add200a20d806
      Size/MD5 checksum:   461376 cdc7a75cbe2a4ca4aea3151190f975d4
      Size/MD5 checksum:   553364 373b3d6335bc8898195703be951d2c35
      Size/MD5 checksum:   624498 f3f89a26c5efba738d74edb5a898cac1

  mips architecture (MIPS (Big Endian))
      Size/MD5 checksum:  1027468 fbb755a07a56430713f039b4926ac50d
      Size/MD5 checksum:   569254 a293262cf7c26940df99859b296d4305
      Size/MD5 checksum:  1078026 a149c42542eda0b32ccfb69131e2238c
      Size/MD5 checksum:   910160 4f994a4ed297fb00bc2cd015c26a0cc4
      Size/MD5 checksum:   395814 1b4cd57c7ce2bfbe1fde054ebbd43c8d
      Size/MD5 checksum:   580840 ec476202e7871294587777f2a2c84b8c
      Size/MD5 checksum:  2803220 8ff0254ff5f06a73d2e0ea7da445e897
      Size/MD5 checksum:   459092 5be701b06e8a8cd2743d46e9fc51ff77
      Size/MD5 checksum:  1088036 d0c0c9ee281aacaff919b27f6c9d1b34

  mipsel architecture (MIPS (Little Endian))
      Size/MD5 checksum:  1014748 56509d2718ca53e71f91a4be3abe41ea
      Size/MD5 checksum:  1075490 c225c5f47f3265e7993aa5c8a61263c4
      Size/MD5 checksum:   576358 41e83b24d1397cb8f110b384c7d92abc
      Size/MD5 checksum:   453662 3b167bf61b72b025dde36b128e743c71
      Size/MD5 checksum:  2763676 200e4a3cc98a76029a91660053a8af51
      Size/MD5 checksum:   562180 b9be983799efeebedae75b92cbe0ac1f
      Size/MD5 checksum:   896746 4542a9d8768065507f8f095fced8be53
      Size/MD5 checksum:  1071216 647dff52bda6360f48955a872e58c1af
      Size/MD5 checksum:   391904 d5dfa893c8e6a014b4fbf39c4adada22

  powerpc architecture (PowerPC)
      Size/MD5 checksum:   545998 2189d56eb150c7854160198e2290c92f
      Size/MD5 checksum:   408620 13d6efd82e9c3667219171a4e05eff58
      Size/MD5 checksum:   475424 4ed09f39f249dc22efd38d2e830985b8
      Size/MD5 checksum:  2607232 93845aefa1341db335442745fce21223
      Size/MD5 checksum:   852294 59421f785ec7f732f6db592441d36292
      Size/MD5 checksum:   560704 86cb4acb79c9cbe46564612f04316027
      Size/MD5 checksum:  1021260 4f9d182203cc960d403e3baf6d2ca700
      Size/MD5 checksum:  1036430 8f48a7fae3a659a87980d15eb2e6e31b
      Size/MD5 checksum:  1001326 b3108080930f871f11b6e8e5dd27a9bf

  s390 architecture (IBM S/390)
      Size/MD5 checksum:  2495850 bec14c674dfb41568fafba16a97a811d
      Size/MD5 checksum:  1007974 5b1dc0d8a8bb2ac1c12f0b251227bc51
      Size/MD5 checksum:   982464 dbb0ce460a451678c67f76c6651ce605
      Size/MD5 checksum:   833018 769bfaff5073e6781c22328364f253be
      Size/MD5 checksum:   965494 dc884757e2802825d73a3b96aec742c8
      Size/MD5 checksum:   402948 63a7dd67f7b2a146f605be2caab2c268
      Size/MD5 checksum:   469722 7a118704ee394d6db0341d00b5bea9c3
      Size/MD5 checksum:   537542 ccb4499ae9c39ce6f3062f20f5a2fc5a
      Size/MD5 checksum:   526406 93cfd2a823cdf2b8777f850adcf1b2e4

  sparc architecture (Sun SPARC/UltraSPARC)
      Size/MD5 checksum:   985124 d67741960205804cc13b484faff1cbe1
      Size/MD5 checksum:   400260 f7af05064c5e6a71c4e02508d33166f6
      Size/MD5 checksum:   523622 0263afefd2b8996020606bd24ca31113
      Size/MD5 checksum:  1011064 bc53ee49e2bc41c41ae72728c7de6e40
      Size/MD5 checksum:   829240 23b17ba07f9632b1aa1773475b5efbf3
      Size/MD5 checksum:  2513176 7d3cd01177cb74e80fcba81999420246
      Size/MD5 checksum:   461672 11f5846a4876eb91bd88f8e829803091
      Size/MD5 checksum:   964150 572b0a10fcddd6786c9b5c09d80953f2
      Size/MD5 checksum:   543372 4790b19c4feea9603d444970d61f45b5

Debian Security team <>

< Prev   Next >


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Feds Charged With Stealing Money During Silk Road Investigation
EFF questions US government's software flaw disclosure policy
Hotel Router Vulnerability A Reminder Of Untrusted WiFi Risks
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.