LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: October 20th, 2014
Linux Advisory Watch: October 17th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Ubuntu: Samba regression Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Ubuntu USN-460-1 fixed several vulnerabilities in Samba. The upstream changes for CVE-2007-2444 had an unexpected side-effect in Feisty. Paul Griffith and Andrew Hogue discovered that Samba did not fully drop root privileges while translating SIDs. A remote authenticated user could issue SMB operations during a small window of opportunity and gain root privileges. (CVE-2007-2444)
=========================================================== 
Ubuntu Security Notice USN-460-2               May 22, 2007
samba regression
http://bugs.debian.org/424629
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 7.04

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 7.04:
  samba                                    3.0.24-2ubuntu1.2

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

USN-460-1 fixed several vulnerabilities in Samba.  The upstream changes 
for CVE-2007-2444 had an unexpected side-effect in Feisty.  Shares 
configured with the "force group" option no longer behaved correctly.  
This update corrects the problem.  We apologize for the inconvenience.

Original advisory details:

 Paul Griffith and Andrew Hogue discovered that Samba did not fully drop 
 root privileges while translating SIDs. A remote authenticated user 
 could issue SMB operations during a small window of opportunity and gain 
 root privileges.  (CVE-2007-2444)


Updated packages for Ubuntu 7.04:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.24-2ubuntu1.2.diff.gz
      Size/MD5:   212153 6da96c74db7d1c09e641a152f8ee45e1
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.24-2ubuntu1.2.dsc
      Size/MD5:     1491 1a52756b8bbb47f02c26fde99a9bb4ce
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.24.orig.tar.gz
      Size/MD5: 17708128 89273f67a6d8067cbbecefaa13747153

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-doc-pdf_3.0.24-2ubuntu1.2_all.deb
      Size/MD5:  6602776 f1ed1988f3c100b7fcee8cf79382111f
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-doc_3.0.24-2ubuntu1.2_all.deb
      Size/MD5:  6917070 34730228bbe70c548b9cc79076f5a90d

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libpam-smbpass_3.0.24-2ubuntu1.2_amd64.deb
      Size/MD5:   481854 ee8f1b1fbb9ddfcf17159ef2a13cd4d6
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.0.24-2ubuntu1.2_amd64.deb
      Size/MD5:   116060 ef8a65e691ac3bc3cdc217d251d98c06
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.0.24-2ubuntu1.2_amd64.deb
      Size/MD5:   868206 9ce9c5d75e3f5892bc942f9e791afbff
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/python-samba_3.0.24-2ubuntu1.2_amd64.deb
      Size/MD5:  6498044 a0daa795e35041c14e02ca111f853cb4
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.0.24-2ubuntu1.2_amd64.deb
      Size/MD5:  2691028 4895ca74acde997d07cdf39548f4d805
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-dbg_3.0.24-2ubuntu1.2_amd64.deb
      Size/MD5: 12259246 d5c64e437db85e4f5bfb4b02f0169c22
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.24-2ubuntu1.2_amd64.deb
      Size/MD5:  3757146 15dff197838e3bbee6baf66044614fc4
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.0.24-2ubuntu1.2_amd64.deb
      Size/MD5:  4515276 997576caa9efe64f1e7133b63c2209fd
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.0.24-2ubuntu1.2_amd64.deb
      Size/MD5:   479278 efb4d101652daeb2c0694e4789242d52
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/swat_3.0.24-2ubuntu1.2_amd64.deb
      Size/MD5:   903766 be129c5939f7587c589e0e8bd19c0d2f
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/winbind_3.0.24-2ubuntu1.2_amd64.deb
      Size/MD5:  2164682 9a72462741f78fcecb5231ebbc4fa728

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libpam-smbpass_3.0.24-2ubuntu1.2_i386.deb
      Size/MD5:   435404 61bed726d70a5da7b415287b65ea879e
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.0.24-2ubuntu1.2_i386.deb
      Size/MD5:   116068 b1b17947b46671789d3e65f444aa85ff
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.0.24-2ubuntu1.2_i386.deb
      Size/MD5:   793818 042c7cd1cb0d6be9c6b2b041c0462107
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/python-samba_3.0.24-2ubuntu1.2_i386.deb
      Size/MD5:  5907188 069670d6e0d21aae088efbad12e60974
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.0.24-2ubuntu1.2_i386.deb
      Size/MD5:  2437476 fe052cc018a5c926b4ece39f7fe60904
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-dbg_3.0.24-2ubuntu1.2_i386.deb
      Size/MD5: 11858394 c452ee109a0b3d939eae2936e21880e0
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.24-2ubuntu1.2_i386.deb
      Size/MD5:  3341020 3ce55f95e53074e863f3cae5ced65516
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.0.24-2ubuntu1.2_i386.deb
      Size/MD5:  4015590 e75fbb06c321388db89d606e4683c88f
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.0.24-2ubuntu1.2_i386.deb
      Size/MD5:   426918 1d88ff8f4cd252ebf84a91832ae69923
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/swat_3.0.24-2ubuntu1.2_i386.deb
      Size/MD5:   819738 fbd463381a1086b97507501587b15d06
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/winbind_3.0.24-2ubuntu1.2_i386.deb
      Size/MD5:  1924906 76636feed1ebc02974a81c8d792eaccc

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libpam-smbpass_3.0.24-2ubuntu1.2_powerpc.deb
      Size/MD5:   477712 077c3c5fb3684e84de52c0679bf95ba8
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.0.24-2ubuntu1.2_powerpc.deb
      Size/MD5:   116064 285cbcff21f77ec169ba95b3fd8f04b1
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.0.24-2ubuntu1.2_powerpc.deb
      Size/MD5:   859006 328330da8f556219f969782b73a05d55
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/python-samba_3.0.24-2ubuntu1.2_powerpc.deb
      Size/MD5:  6536378 e92bcf3417bb11e10ff10c27225b3415
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.0.24-2ubuntu1.2_powerpc.deb
      Size/MD5:  2652786 1948f2f71806f948d10e6d852f67b81d
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-dbg_3.0.24-2ubuntu1.2_powerpc.deb
      Size/MD5: 12571552 c79e1aeef927ef75004f8dea6e2809e4
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.24-2ubuntu1.2_powerpc.deb
      Size/MD5:  3726154 7d7f5bf3d8143f5ffa4e9e2a63806542
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.0.24-2ubuntu1.2_powerpc.deb
      Size/MD5:  4453980 a791426c9b3b4ac3007ef44e1c73e699
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.0.24-2ubuntu1.2_powerpc.deb
      Size/MD5:   486838 59669eb741b45c186fe16526119d782a
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/swat_3.0.24-2ubuntu1.2_powerpc.deb
      Size/MD5:   893204 8c05c4a8b66a722701e2d78187d49477
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/winbind_3.0.24-2ubuntu1.2_powerpc.deb
      Size/MD5:  2144258 83908708c55d4181859e0feb148dde67

  sparc architecture (Sun SPARC/UltraSPARC)

    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libpam-smbpass_3.0.24-2ubuntu1.2_sparc.deb
      Size/MD5:   441942 c1c155969d490f566aa0f413a343a9e1
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.0.24-2ubuntu1.2_sparc.deb
      Size/MD5:   116060 141c0d479be2682e20297979ccbc90e8
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.0.24-2ubuntu1.2_sparc.deb
      Size/MD5:   796330 ecb5923067b06e44646d5bf5f2747803
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/python-samba_3.0.24-2ubuntu1.2_sparc.deb
      Size/MD5:  5932424 9d4c506b28f34b816adb6bc0237a37b4
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.0.24-2ubuntu1.2_sparc.deb
      Size/MD5:  2407996 06f0808891b90ae328e83cc8fceb7c30
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-dbg_3.0.24-2ubuntu1.2_sparc.deb
      Size/MD5: 10878116 47d21febc3f0d1a414e1ef4564fab09e
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.24-2ubuntu1.2_sparc.deb
      Size/MD5:  3344900 258dda921d636448de7fedab29003261
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.0.24-2ubuntu1.2_sparc.deb
      Size/MD5:  3962018 fdf2ccbff62ed1dde783c4bf8c127230
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.0.24-2ubuntu1.2_sparc.deb
      Size/MD5:   435762 da146cdf227e40924842168b0b0688d3
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/swat_3.0.24-2ubuntu1.2_sparc.deb
      Size/MD5:   804986 f042b6a7afeec6c4ca1f1bc85fdb45cb
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/winbind_3.0.24-2ubuntu1.2_sparc.deb
      Size/MD5:  1922850 f093eef0428fb16f2d7c1bc3f43c5cb2


 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Mobile Device Encryption Could Lead to a ‘Very, Very Dark Place’, FBI Director Says
What a hacker can learn about your life from the coffee shop’s Wi-Fi network
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.