From sup-info@OPUS.CALDERASYSTEMS.COM Wed Apr 18 23:45:37 2001 From: Caldera Support Information To: BUGTRAQ@SECURITYFOCUS.COM Date: Wed, 18 Apr 2001 13:55:22 -0600 Subject: [BUGTRAQ] Security Advisory: samaba security problems CSSA-2001-015.0 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ Caldera Systems, Inc. Security Advisory Subject: samba security problems Advisory number: CSSA-2001-015.0 Issue date: 2001 April, 17 Cross reference: ______________________________________________________________________________ 1. Problem Description During our security audits we found several places within the Samba server code which could lead to a local attacker gaining root access. The Samba 2.0.8 release fixes those problems. This security advisory incorporates the security relevant parts of Samba 2.0.8 into our released Samba packages. 2. Vulnerable Versions System Package ----------------------------------------------------------- OpenLinux 2.3 All packages previous to samba-2.0.5-2 OpenLinux eServer 2.3.1 All packages previous to and OpenLinux eBuilder samba-2.0.5-2S OpenLinux eDesktop 2.4 All packages previous to samba-2.0.6-3 3. Solution Workaround none The proper solution is to upgrade to the latest packages. 4. OpenLinux 2.3 4.1 Location of Fixed Packages The upgrade packages can be found on Caldera's FTP site at: ftp://ftp.calderasystems.com/pub/updates/OpenLinux/2.3/current/RPMS/ The corresponding source code package can be found at: ftp://ftp.calderasystems.com/pub/updates/OpenLinux/2.3/current/SRPMS 4.2 Verification b227164a57937abb95ee4987e064b23d RPMS/samba-2.0.5-2.i386.rpm 687620f4c6723f4ac0587d2ec400d92c RPMS/samba-doc-2.0.5-2.i386.rpm 52ec815c0046a253ec421e077d649864 RPMS/smbfs-2.0.5-2.i386.rpm f58ff0e28ef804213a6d59d5a5c27bce RPMS/swat-2.0.5-2.i386.rpm 298afd508cca8c55f905e218f4fd071b SRPMS/samba-2.0.5-2.src.rpm 4.3 Installing Fixed Packages Upgrade the affected packages with the following commands: rpm -Fhv *.i386.rpm 5. OpenLinux eServer 2.3.1 and OpenLinux eBuilder for ECential 3.0 5.1 Location of Fixed Packages The upgrade packages can be found on Caldera's FTP site at: ftp://ftp.calderasystems.com/pub/updates/eServer/2.3/current/RPMS/ The corresponding source code package can be found at: ftp://ftp.calderasystems.com/pub/updates/eServer/2.3/current/SRPMS 5.2 Verification 49dbe73aa3f5aac7bab7405eb10bd50b RPMS/samba-2.0.5-2S.i386.rpm ce3f447bf9b578b04ab6613b2a07b5ac RPMS/samba-doc-2.0.5-2S.i386.rpm dd6d36e21807938ac8b85b7111326601 RPMS/smbfs-2.0.5-2S.i386.rpm 2b77e8589095d4f662833c0e6f4faf8f RPMS/swat-2.0.5-2S.i386.rpm fa498bef6b081d6db0e46954ff9a28a1 SRPMS/samba-2.0.5-2S.src.rpm 5.3 Installing Fixed Packages Upgrade the affected packages with the following commands: rpm -Fvh *.i386.rpm 6. OpenLinux eDesktop 2.4 6.1 Location of Fixed Packages The upgrade packages can be found on Caldera's FTP site at: ftp://ftp.calderasystems.com/pub/updates/eDesktop/2.4/current/RPMS/ The corresponding source code package can be found at: ftp://ftp.calderasystems.com/pub/updates/eDesktop/2.4/current/SRPMS 6.2 Verification 82bd7ae8bd7bedd2831550819c202ca3 RPMS/samba-2.0.6-3.i386.rpm ab5aca9e66917523f6cf006567195acb RPMS/samba-doc-2.0.6-3.i386.rpm 638999b35b5ff375c00089bf7f332aeb RPMS/smbfs-2.0.6-3.i386.rpm 8f3ef3648ebf3819ca0f48d2d6ab0854 RPMS/swat-2.0.6-3.i386.rpm a4da53d89dd78e35b32521d2630d4fdc SRPMS/samba-2.0.6-3.src.rpm 6.3 Installing Fixed Packages Upgrade the affected packages with the following commands: rpm -Fvh *.i386.rpm 7. References This and other Caldera security resources are located at: http://www.calderasystems.com/support/security/index.html This security fix closes Caldera's internal Problem Report 9736. 8. Disclaimer Caldera Systems is not responsible for the misuse of any of the information we provide on this website and/or through our security advisories. Our advisories are a service to our customers intended to promote secure installation and use of Caldera OpenLinux. 9. Acknowledgements: Caldera Systems wishes to thank the Samba Team for providing a timely fix to the problem. ______________________________________________________________________________ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE63GHq18sy83A/qfwRAna7AJ9lKN5qN5VEk+p5rj3UdYmkgeiGdwCcDtOs 1fWUKAR+8DW03XP1js/evcc= =WjrL -----END PGP SIGNATURE-----