LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: August 29th, 2014
Linux Security Week: August 25th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Ubuntu: Samba vulnerability Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Ubuntu It was discovered that Samba did not properly perform bounds checking in certain operations. A remote attacker could possibly exploit this to read arbitrary memory contents of the smb process, which could contain sensitive infomation or possibly have other impacts, such as a denial of service.
===========================================================
Ubuntu Security Notice USN-680-1          November 27, 2008
samba vulnerability
CVE-2008-4314
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 8.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 8.10:
  samba                           2:3.2.3-1ubuntu3.3

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

It was discovered that Samba did not properly perform bounds checking
in certain operations. A remote attacker could possibly exploit this to
read arbitrary memory contents of the smb process, which could contain
sensitive infomation or possibly have other impacts, such as a denial of
service.


Updated packages for Ubuntu 8.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.2.3-1ubuntu3.3.diff.gz
      Size/MD5:   228354 f83899fe1c0310461296b328ad6bfd8a
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.2.3-1ubuntu3.3.dsc
      Size/MD5:     1902 bddef52582baae072593399147119e19
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.2.3.orig.tar.gz
      Size/MD5: 23704996 c1630a57ac0ec24bc364c6d11c93ec35

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-doc-pdf_3.2.3-1ubuntu3.3_all.deb
      Size/MD5:  6261250 3cba32a86b765dfea7077fa0ef8a3672
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-doc_3.2.3-1ubuntu3.3_all.deb
      Size/MD5:  7954632 af31dc4ce959b1a05be7944262bb460a

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libpam-smbpass_3.2.3-1ubuntu3.3_amd64.deb
      Size/MD5:   638612 859812590427a224dec70dc759d818c3
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.2.3-1ubuntu3.3_amd64.deb
      Size/MD5:  1968518 6ab7366368c73cb7f946a28e1d20ad2c
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.2.3-1ubuntu3.3_amd64.deb
      Size/MD5:  1370096 9582a74126b77e3f869f42e5c0379e6f
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libwbclient0_3.2.3-1ubuntu3.3_amd64.deb
      Size/MD5:    88960 23c38ec3c526226430c1173f5c50ac47
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.2.3-1ubuntu3.3_amd64.deb
      Size/MD5:  3815516 e3c4879c048360a4daa5abccd509d029
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-dbg_3.2.3-1ubuntu3.3_amd64.deb
      Size/MD5:  1993296 0abd10cc0387017d20dfadfa24f190fd
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-tools_3.2.3-1ubuntu3.3_amd64.deb
      Size/MD5:  5802316 417b6dca7b8e975b3acac82e4c58bf14
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.2.3-1ubuntu3.3_amd64.deb
      Size/MD5:  4908438 1f5a980c1c5d2f9d88ea3094299f5387
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.2.3-1ubuntu3.3_amd64.deb
      Size/MD5:  7173420 abba71e4d522228c21dc69192ab3cd54
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.2.3-1ubuntu3.3_amd64.deb
      Size/MD5:  1529316 51431c5d7a5f197af8afcc09517a399d
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/swat_3.2.3-1ubuntu3.3_amd64.deb
      Size/MD5:  1112612 7cd0400093eb599cba999997ed5fae88
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/winbind_3.2.3-1ubuntu3.3_amd64.deb
      Size/MD5:  3349842 f7d99beef190cf414929348909a804df

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libpam-smbpass_3.2.3-1ubuntu3.3_i386.deb
      Size/MD5:   573952 859f986a3de794cf5ed27dd389ee5af4
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.2.3-1ubuntu3.3_i386.deb
      Size/MD5:  1844424 30c0faf257433a05bfb52b9bea4865e3
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.2.3-1ubuntu3.3_i386.deb
      Size/MD5:  1217612 a5a83d72421dbb1515664ede686c12b0
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libwbclient0_3.2.3-1ubuntu3.3_i386.deb
      Size/MD5:    87500 fd76021d354c819a59785feccc4d33ea
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.2.3-1ubuntu3.3_i386.deb
      Size/MD5:  3459318 afe074065bb487232a2225bef9b190e3
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-dbg_3.2.3-1ubuntu3.3_i386.deb
      Size/MD5:  2077272 acf1cad8b773d7ad2a72491c8d4422af
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-tools_3.2.3-1ubuntu3.3_i386.deb
      Size/MD5:  5161222 28214840e0f4335658d203c8746a6f94
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.2.3-1ubuntu3.3_i386.deb
      Size/MD5:  4368894 1bf3bef3fbe5b302ec646a00d1c06bfe
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.2.3-1ubuntu3.3_i386.deb
      Size/MD5:  6402702 d9e0653f05f4ec133e52560ee6f50946
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.2.3-1ubuntu3.3_i386.deb
      Size/MD5:  1375852 8a134dc464ab4ffed997918f6b3206be
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/swat_3.2.3-1ubuntu3.3_i386.deb
      Size/MD5:  1006506 02f42b331a7fb36a0642a37cb1fe68b3
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/winbind_3.2.3-1ubuntu3.3_i386.deb
      Size/MD5:  2975264 11b04715205be1568369645b83e33636

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/s/samba/libpam-smbpass_3.2.3-1ubuntu3.3_lpia.deb
      Size/MD5:   553626 f5c3dce8e75a3b2830c0060286302d16
    http://ports.ubuntu.com/pool/main/s/samba/libsmbclient-dev_3.2.3-1ubuntu3.3_lpia.deb
      Size/MD5:  1769074 0982655253fa1150bc65aee04d3e8dde
    http://ports.ubuntu.com/pool/main/s/samba/libsmbclient_3.2.3-1ubuntu3.3_lpia.deb
      Size/MD5:  1160830 e9a8e86dd90a0002ccb11e4edba9361a
    http://ports.ubuntu.com/pool/main/s/samba/libwbclient0_3.2.3-1ubuntu3.3_lpia.deb
      Size/MD5:    86950 5820ad4178a4bcc540b450dc04a22249
    http://ports.ubuntu.com/pool/main/s/samba/samba-common_3.2.3-1ubuntu3.3_lpia.deb
      Size/MD5:  3328568 b2b7ad364090ad386190585312866a26
    http://ports.ubuntu.com/pool/main/s/samba/samba-dbg_3.2.3-1ubuntu3.3_lpia.deb
      Size/MD5:  2069634 1b7c75e44b5fc2e493e588973070437d
    http://ports.ubuntu.com/pool/main/s/samba/samba-tools_3.2.3-1ubuntu3.3_lpia.deb
      Size/MD5:  4949830 c8521b495f15ed0bff9adbc14d60048c
    http://ports.ubuntu.com/pool/main/s/samba/samba_3.2.3-1ubuntu3.3_lpia.deb
      Size/MD5:  4197320 3f8e36ba5e4b1eea985592e29899b363
    http://ports.ubuntu.com/pool/main/s/samba/smbclient_3.2.3-1ubuntu3.3_lpia.deb
      Size/MD5:  6136768 72a65ce1b83ea7d47577bc6d5e0a2eda
    http://ports.ubuntu.com/pool/main/s/samba/smbfs_3.2.3-1ubuntu3.3_lpia.deb
      Size/MD5:  1317110 321bdeeb2b86304c127808ea96ec1c5a
    http://ports.ubuntu.com/pool/main/s/samba/swat_3.2.3-1ubuntu3.3_lpia.deb
      Size/MD5:   968290 4727bed25a79e31cad479372e2fc7642
    http://ports.ubuntu.com/pool/main/s/samba/winbind_3.2.3-1ubuntu3.3_lpia.deb
      Size/MD5:  2855842 fc0f25c386587abc402bbf21641c6d59

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/s/samba/libpam-smbpass_3.2.3-1ubuntu3.3_powerpc.deb
      Size/MD5:   606438 02c15552b12b7628b0b2aaf1489d639c
    http://ports.ubuntu.com/pool/main/s/samba/libsmbclient-dev_3.2.3-1ubuntu3.3_powerpc.deb
      Size/MD5:  1730286 81ec2b2edd4b2bc80b0ef2840cb0a7d8
    http://ports.ubuntu.com/pool/main/s/samba/libsmbclient_3.2.3-1ubuntu3.3_powerpc.deb
      Size/MD5:  1255004 e01291af6798ff5c11a64b9787e8fdfc
    http://ports.ubuntu.com/pool/main/s/samba/libwbclient0_3.2.3-1ubuntu3.3_powerpc.deb
      Size/MD5:    88902 14c7c4184eb595364872552e92969a68
    http://ports.ubuntu.com/pool/main/s/samba/samba-common_3.2.3-1ubuntu3.3_powerpc.deb
      Size/MD5:  3600158 08f75422765fc166c3b52d76e3ee3975
    http://ports.ubuntu.com/pool/main/s/samba/samba-dbg_3.2.3-1ubuntu3.3_powerpc.deb
      Size/MD5:  2058508 98110429e0addce3671bc3752687765b
    http://ports.ubuntu.com/pool/main/s/samba/samba-tools_3.2.3-1ubuntu3.3_powerpc.deb
      Size/MD5:  5474700 fedc748ab8921bcab6a8c43f32dc1155
    http://ports.ubuntu.com/pool/main/s/samba/samba_3.2.3-1ubuntu3.3_powerpc.deb
      Size/MD5:  4639906 0a9141a34e4e7b4562ac9ac377b6f346
    http://ports.ubuntu.com/pool/main/s/samba/smbclient_3.2.3-1ubuntu3.3_powerpc.deb
      Size/MD5:  6653490 030bbc895d8cd8d6c7a77362d46cbf11
    http://ports.ubuntu.com/pool/main/s/samba/smbfs_3.2.3-1ubuntu3.3_powerpc.deb
      Size/MD5:  1417392 3a8a72968d94cd30997d9e7df003e4a0
    http://ports.ubuntu.com/pool/main/s/samba/swat_3.2.3-1ubuntu3.3_powerpc.deb
      Size/MD5:  1046090 e9e435264613362d54c3992811163638
    http://ports.ubuntu.com/pool/main/s/samba/winbind_3.2.3-1ubuntu3.3_powerpc.deb
      Size/MD5:  3122962 5796717921a7f8fc6ed4953f0060164f

  sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/s/samba/libpam-smbpass_3.2.3-1ubuntu3.3_sparc.deb
      Size/MD5:   592598 f16838642c3e5671ae85740b83872e3c
    http://ports.ubuntu.com/pool/main/s/samba/libsmbclient-dev_3.2.3-1ubuntu3.3_sparc.deb
      Size/MD5:  2008144 aa0f3ceb8e34e4563c799e04d91503b5
    http://ports.ubuntu.com/pool/main/s/samba/libsmbclient_3.2.3-1ubuntu3.3_sparc.deb
      Size/MD5:  1215988 3377b235769c891b5ad54ec0a92cc0e9
    http://ports.ubuntu.com/pool/main/s/samba/libwbclient0_3.2.3-1ubuntu3.3_sparc.deb
      Size/MD5:    87522 3ece3744e0724f32a9944f42f2e6ef74
    http://ports.ubuntu.com/pool/main/s/samba/samba-common_3.2.3-1ubuntu3.3_sparc.deb
      Size/MD5:  3501358 fd3fcb79e4510295ca1e60e5d988143e
    http://ports.ubuntu.com/pool/main/s/samba/samba-dbg_3.2.3-1ubuntu3.3_sparc.deb
      Size/MD5:  2007530 f70762bdf8e0d52ef368591208b3ed15
    http://ports.ubuntu.com/pool/main/s/samba/samba-tools_3.2.3-1ubuntu3.3_sparc.deb
      Size/MD5:  5327728 863297237833a73d8de68ab2f17d044b
    http://ports.ubuntu.com/pool/main/s/samba/samba_3.2.3-1ubuntu3.3_sparc.deb
      Size/MD5:  4502036 47a9306d4265522b980ae835fd711697
    http://ports.ubuntu.com/pool/main/s/samba/smbclient_3.2.3-1ubuntu3.3_sparc.deb
      Size/MD5:  6448006 8aeae36c0d511196a6bbbe3bfcf78370
    http://ports.ubuntu.com/pool/main/s/samba/smbfs_3.2.3-1ubuntu3.3_sparc.deb
      Size/MD5:  1371010 777c03deb6f03eb87a500b95af21a5c6
    http://ports.ubuntu.com/pool/main/s/samba/swat_3.2.3-1ubuntu3.3_sparc.deb
      Size/MD5:  1019660 95a8a0591ba092a066ce2789644ed538
    http://ports.ubuntu.com/pool/main/s/samba/winbind_3.2.3-1ubuntu3.3_sparc.deb
      Size/MD5:  3028816 eaae5c19dff7595cdc553106879621c7



--=-ATOrbRjUE+KJweMWF8u2
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEABECAAYFAkkurT0ACgkQLMAs/0C4zNprAwCfS9EmSnn7rED11SKj4TF9gu+r
1bAAoL+/Aaazb+9XscnLWTpDsO1Yj+TM
=WrIZ
-----END PGP SIGNATURE-----

--=-ATOrbRjUE+KJweMWF8u2--



--=============="75962822178666333=Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

--=============="75962822178666333==--
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
How Cops and Hackers Could Abuse California’s New Phone Kill-Switch Law
Why Russian hackers are beating us
DQ Breach? HQ Says No, But Would it Know?
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.