Debian testing security team

From c51ea5d67658b80cf315b38f4a1ae184c534dbb4 Mon Sep 17 00:00:00 2001 From: Stefan Fritsch Date: Thu, 31 May 2007 18:40:36 +0000 Subject: release samba DTSA git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@5952 e39458fd-73e7-0310-bf30-c45bca0a0e42 --- data/DTSA/advs/41-samba.adv | 4 +- data/DTSA/list | 3 ++ website/DTSA/DTSA-41-1.html | 105 ++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 110 insertions(+), 2 deletions(-) create mode 100644 website/DTSA/DTSA-41-1.html diff --git a/data/DTSA/advs/41-samba.adv b/data/DTSA/advs/41-samba.adv index 5f16c25f23..e48f2eda59 100644 --- a/data/DTSA/advs/41-samba.adv +++ b/data/DTSA/advs/41-samba.adv @@ -1,12 +1,12 @@ source: samba -date: May 22th, 2007 +date: May 31th, 2007 author: Stefan Fritsch vuln-type: several vulnerabilities problem-scope: remote debian-specifc: no cve: CVE-2007-2444 CVE-2007-2446 CVE-2007-2447 vendor-advisory: -testing-fix: 3.0.24-6+lenny2 +testing-fix: 3.0.24-6+lenny3 sid-fix: 3.0.25-1 upgrade: apt-get upgrade diff --git a/data/DTSA/list b/data/DTSA/list index 97ac9d8bd2..a085d1d478 100644 --- a/data/DTSA/list +++ b/data/DTSA/list @@ -110,3 +110,6 @@ [May 28th, 2007] DTSA-40-1 php4 - several vulnerabilities {CVE-2007-1286 CVE-2007-1380 CVE-2007-1521 CVE-2007-1583 CVE-2007-1718 CVE-2007-1777 CVE-2007-2509 } [lenny] - php4 6:4.4.4-9+lenny1 +[May 31th, 2007] DTSA-41-1 samba - several vulnerabilities + {CVE-2007-2444 CVE-2007-2446 CVE-2007-2447 } + [lenny] - samba 3.0.24-6+lenny3 diff --git a/website/DTSA/DTSA-41-1.html b/website/DTSA/DTSA-41-1.html new file mode 100644 index 0000000000..1759840e34 --- /dev/null +++ b/website/DTSA/DTSA-41-1.html @@ -0,0 +1,105 @@ + + + Debian testing security team - Advisory + + + + +

+ + +

+ +

+
+ + + + + + + + + + + +

+	Debian testing security team - Advisory	+
+	Debian testing security team - Advisory	+ +

+ + +

DTSA-41-1

Date Reported:: May 31th, 2007
Affected Package:: samba
Vulnerability:: several vulnerabilities
Problem-Scope:: remote
Debian-specific:: No
CVE:: +CVE-2007-2444 +CVE-2007-2446 +CVE-2007-2447 +
More information:: Several issues have been identified in Samba, the SMB/CIFS file- and
+print-server implementation for GNU/Linux.
+
+CVE-2007-2444
+
+When translating SIDs to/from names using Samba local list of user and group
+accounts, a logic error in the smbd daemon's internal security stack may result
+in a transition to the root user id rather than the non-root user. The user is
+then able to temporarily issue SMB/CIFS protocol operations as the root user.
+This window of opportunity may allow the attacker to establish addition means
+of gaining root access to the server.
+
+CVE-2007-2446
+
+Various bugs in Samba's NDR parsing can allow a user to send specially crafted
+MS-RPC requests that will overwrite the heap space with user defined data.
+
+CVE-2007-2447
+
+Unescaped user input parameters are passed as arguments to /bin/sh allowing for
+remote command execution.
+
For the testing distribution (lenny) this is fixed in version 3.0.24-6+lenny3
For the unstable distribution (sid) this is fixed in version 3.0.25-1
This upgrade is strongly recommended if you use samba.
+
If you have the secure testing lines in your sources.list, you can update by running this command as root:: apt-get update && apt-get upgrade
To use the Debian testing security archive, add the following lines to your /etc/apt/sources.list:
+ +: deb http://security.debian.org/ testing/updates main contrib non-free; deb-src http://security.debian.org/ testing/updates main contrib non-free