Apache-Talk @lexa.ru 

Inet-Admins @info.east.ru 

Filmscanners @halftone.co.uk 

Security-alerts @yandex-team.ru 

nginx-ru @sysoev.ru 

   


   


   

















      :: Security-alerts
Security-Alerts mailing list archive (security-alerts@yandex-team.ru)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[security-alerts] FW: samba security update



> -----Original Message-----
> From: enterprise-watch-list-bounces@xxxxxxxxxx 
> [mailto:enterprise-watch-list-bounces@xxxxxxxxxx] On Behalf 
> Of bugzilla@xxxxxxxxxx
> Sent: Monday, May 14, 2007 7:22 PM
> To: enterprise-watch-list@xxxxxxxxxx
> Subject: [RHSA-2007:0354-01] Critical: samba security update
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> - 
> ---------------------------------------------------------------------
>                    Red Hat Security Advisory
> 
> Synopsis:          Critical: samba security update
> Advisory ID:       RHSA-2007:0354-01
> Advisory URL:      https://rhn.redhat.com/errata/RHSA-2007-0354.html
> Issue date:        2007-05-14
> Updated on:        2007-05-14
> Product:           Red Hat Enterprise Linux
> CVE Names:         CVE-2007-2446 CVE-2007-2447 
> - 
> ---------------------------------------------------------------------
> 
> 1. Summary:
> 
> Updated samba packages that fix several security flaws are 
> now available.
> 
> This update has been rated as having critical security impact 
> by the Red
> Hat Security Response Team.
> 
> 2. Relevant releases/architectures:
> 
> Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
> Red Hat Linux Advanced Workstation 2.1 - ia64
> Red Hat Enterprise Linux ES version 2.1 - i386
> Red Hat Enterprise Linux WS version 2.1 - i386
> Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, 
> s390, s390x, x86_64
> Red Hat Desktop version 3 - i386, x86_64
> Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
> Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
> Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, 
> s390, s390x, x86_64
> Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
> Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
> Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64
> Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
> Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, 
> s390x, x86_64
> 
> 3. Problem description:
> 
> Samba provides file and printer sharing services to SMB/CIFS clients.
> 
> Various bugs were found in NDR parsing, used to decode MS-RPC 
> requests in
> Samba.  A remote attacker could have sent carefully crafted requests
> causing a heap overflow, which may have led to the ability to execute
> arbitrary code on the server.  (CVE-2007-2446)
> 
> Unescaped user input parameters were being passed as 
> arguments to /bin/sh.
> A remote, authenticated, user could have triggered this flaw 
> and executed
> arbitrary code on the server.  Additionally, on Red Hat 
> Enterprise Linux 5
> only, this flaw could be triggered by a remote unauthenticated user if
> Samba was configured to use the non-default "username map 
> script" option. 
> (CVE-2007-2447)
> 
> Users of Samba should upgrade to these packages, which 
> contain backported
> patches to correct these issues.  After upgrading, Samba should be
> restarted using "service smb restart"
> 
> On Red Hat Enterprise Linux 5 the impact of these issues is reduced as
> Samba is constrained by the default SELinux "targeted" policy.
> 
> Red Hat would like to thank the Samba developers, TippingPoint, and
> iDefense for reporting these issues.
> 
> 4. Solution:
> 
> Before applying this update, make sure that all previously-released
> errata relevant to your system have been applied.
> 
> This update is available via Red Hat Network. Details on how to use
> the Red Hat Network to apply this update are available at
> http://kbase.redhat.com/faq/FAQ_58_10188
> 
> 5. Bug IDs fixed (http://bugzilla.redhat.com/):
> 
> 239429 - CVE-2007-2446 samba heap overflows
> 239774 - CVE-2007-2447 samba code injection
> 
...
> 
> 7. References:
> 
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2446
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2447
> http://www.samba.org/samba/security/CVE-2007-2447.html
> http://www.samba.org/samba/security/CVE-2007-2446.html
> http://www.redhat.com/security/updates/classification/#critical
> 
> 
> Copyright 2007 Red Hat, Inc.



 




Copyright © Lexa Software, 1996-2009.