A security issue has been reported in Samba, which can be exploited by
malicious users to bypass certain security restrictions.
------------------------------------------------------------------------
Pardus Linux Security Advisory 2009-01 security@pardus.org.tr
------------------------------------------------------------------------
Date: 2009-01-08
Severity: 2
Type: Local
------------------------------------------------------------------------
Summary
=======
A security issue has been reported in Samba, which can be exploited by
malicious users to bypass certain security restrictions.
Description
===========
The problem is that access to the root file system is granted when
authenticated users connect to a share with an empty string as name, and
e.g. use an older version of smbclient.
Successful exploitation requires that "registry shares" is enabled.
NOTE: "registry shares" is implicitly set with "include = registry" or
"config backend = registry".
Affected packages:
Pardus 2008:
samba, all before 3.2.7-38-7
Resolution
==========
There are update(s) for samba. You can update them via Package Manager
or with a single command from console:
pisi up samba
References
==========
* http://bugs.pardus.org.tr/show_bug.cgi?id=8992
* http://us1.samba.org/samba/ftp/patches/security/samba-3.2.6-CVE-2009-0022.patch
------------------------------------------------------------------------
--
Pardus Security Team
http://security.pardus.org.tr
_______________________________________________
Pardus-security mailing list
Pardus-security@pardus.org.tr
http://liste.pardus.org.tr/mailman/listinfo/pardus-security