Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Advisory Watch: March 27th, 2015
Linux Security Week: March 23rd, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Ubuntu: Samba vulnerability Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Ubuntu It was discovered that Samba did not properly perform bounds checking in certain operations. A remote attacker could possibly exploit this to read arbitrary memory contents of the smb process, which could contain sensitive infomation or possibly have other impacts, such as a denial of service.
Ubuntu Security Notice USN-680-1          November 27, 2008
samba vulnerability

A security issue affects the following Ubuntu releases:

Ubuntu 8.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 8.10:
  samba                           2:3.2.3-1ubuntu3.3

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

It was discovered that Samba did not properly perform bounds checking
in certain operations. A remote attacker could possibly exploit this to
read arbitrary memory contents of the smb process, which could contain
sensitive infomation or possibly have other impacts, such as a denial of

Updated packages for Ubuntu 8.10:

  Source archives:
      Size/MD5:   228354 f83899fe1c0310461296b328ad6bfd8a
      Size/MD5:     1902 bddef52582baae072593399147119e19
      Size/MD5: 23704996 c1630a57ac0ec24bc364c6d11c93ec35

  Architecture independent packages:
      Size/MD5:  6261250 3cba32a86b765dfea7077fa0ef8a3672
      Size/MD5:  7954632 af31dc4ce959b1a05be7944262bb460a

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):
      Size/MD5:   638612 859812590427a224dec70dc759d818c3
      Size/MD5:  1968518 6ab7366368c73cb7f946a28e1d20ad2c
      Size/MD5:  1370096 9582a74126b77e3f869f42e5c0379e6f
      Size/MD5:    88960 23c38ec3c526226430c1173f5c50ac47
      Size/MD5:  3815516 e3c4879c048360a4daa5abccd509d029
      Size/MD5:  1993296 0abd10cc0387017d20dfadfa24f190fd
      Size/MD5:  5802316 417b6dca7b8e975b3acac82e4c58bf14
      Size/MD5:  4908438 1f5a980c1c5d2f9d88ea3094299f5387
      Size/MD5:  7173420 abba71e4d522228c21dc69192ab3cd54
      Size/MD5:  1529316 51431c5d7a5f197af8afcc09517a399d
      Size/MD5:  1112612 7cd0400093eb599cba999997ed5fae88
      Size/MD5:  3349842 f7d99beef190cf414929348909a804df

  i386 architecture (x86 compatible Intel/AMD):
      Size/MD5:   573952 859f986a3de794cf5ed27dd389ee5af4
      Size/MD5:  1844424 30c0faf257433a05bfb52b9bea4865e3
      Size/MD5:  1217612 a5a83d72421dbb1515664ede686c12b0
      Size/MD5:    87500 fd76021d354c819a59785feccc4d33ea
      Size/MD5:  3459318 afe074065bb487232a2225bef9b190e3
      Size/MD5:  2077272 acf1cad8b773d7ad2a72491c8d4422af
      Size/MD5:  5161222 28214840e0f4335658d203c8746a6f94
      Size/MD5:  4368894 1bf3bef3fbe5b302ec646a00d1c06bfe
      Size/MD5:  6402702 d9e0653f05f4ec133e52560ee6f50946
      Size/MD5:  1375852 8a134dc464ab4ffed997918f6b3206be
      Size/MD5:  1006506 02f42b331a7fb36a0642a37cb1fe68b3
      Size/MD5:  2975264 11b04715205be1568369645b83e33636

  lpia architecture (Low Power Intel Architecture):
      Size/MD5:   553626 f5c3dce8e75a3b2830c0060286302d16
      Size/MD5:  1769074 0982655253fa1150bc65aee04d3e8dde
      Size/MD5:  1160830 e9a8e86dd90a0002ccb11e4edba9361a
      Size/MD5:    86950 5820ad4178a4bcc540b450dc04a22249
      Size/MD5:  3328568 b2b7ad364090ad386190585312866a26
      Size/MD5:  2069634 1b7c75e44b5fc2e493e588973070437d
      Size/MD5:  4949830 c8521b495f15ed0bff9adbc14d60048c
      Size/MD5:  4197320 3f8e36ba5e4b1eea985592e29899b363
      Size/MD5:  6136768 72a65ce1b83ea7d47577bc6d5e0a2eda
      Size/MD5:  1317110 321bdeeb2b86304c127808ea96ec1c5a
      Size/MD5:   968290 4727bed25a79e31cad479372e2fc7642
      Size/MD5:  2855842 fc0f25c386587abc402bbf21641c6d59

  powerpc architecture (Apple Macintosh G3/G4/G5):
      Size/MD5:   606438 02c15552b12b7628b0b2aaf1489d639c
      Size/MD5:  1730286 81ec2b2edd4b2bc80b0ef2840cb0a7d8
      Size/MD5:  1255004 e01291af6798ff5c11a64b9787e8fdfc
      Size/MD5:    88902 14c7c4184eb595364872552e92969a68
      Size/MD5:  3600158 08f75422765fc166c3b52d76e3ee3975
      Size/MD5:  2058508 98110429e0addce3671bc3752687765b
      Size/MD5:  5474700 fedc748ab8921bcab6a8c43f32dc1155
      Size/MD5:  4639906 0a9141a34e4e7b4562ac9ac377b6f346
      Size/MD5:  6653490 030bbc895d8cd8d6c7a77362d46cbf11
      Size/MD5:  1417392 3a8a72968d94cd30997d9e7df003e4a0
      Size/MD5:  1046090 e9e435264613362d54c3992811163638
      Size/MD5:  3122962 5796717921a7f8fc6ed4953f0060164f

  sparc architecture (Sun SPARC/UltraSPARC):
      Size/MD5:   592598 f16838642c3e5671ae85740b83872e3c
      Size/MD5:  2008144 aa0f3ceb8e34e4563c799e04d91503b5
      Size/MD5:  1215988 3377b235769c891b5ad54ec0a92cc0e9
      Size/MD5:    87522 3ece3744e0724f32a9944f42f2e6ef74
      Size/MD5:  3501358 fd3fcb79e4510295ca1e60e5d988143e
      Size/MD5:  2007530 f70762bdf8e0d52ef368591208b3ed15
      Size/MD5:  5327728 863297237833a73d8de68ab2f17d044b
      Size/MD5:  4502036 47a9306d4265522b980ae835fd711697
      Size/MD5:  6448006 8aeae36c0d511196a6bbbe3bfcf78370
      Size/MD5:  1371010 777c03deb6f03eb87a500b95af21a5c6
      Size/MD5:  1019660 95a8a0591ba092a066ce2789644ed538
      Size/MD5:  3028816 eaae5c19dff7595cdc553106879621c7

Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part

Version: GnuPG v1.4.9 (GNU/Linux)



--=============="75962822178666333=Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

ubuntu-security-announce mailing list
Modify settings or unsubscribe at:

< Prev   Next >


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Weekend Edition
FBI Quietly Removes Recommendation To Encrypt Your Phone
And the prize for LEAST SECURE BROWSER goes to ... Chrome!
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.