Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 531
Alerts This Week
Warning Icon 1 531

Debian Lenny DSA-2004-1 Moderate: Samba Local Issues Fixed

debian
Calendar Grey February 28, 2010
Scroller Debian
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ----------------------------------------------------
Two local vulnerabilities have been discovered in samba, a SMB/CIFS file, print, and login server for Unix

Summary

Two local vulnerabilities have been discovered in samba, a SMB/CIFS file,
print, and login server for Unix. The Common Vulnerabilities and
Exposures project identifies the following problems:

CVE-2009-3297

Ronald Volgers discovered that a race condition in mount.cifs
allows local users to mount remote filesystems over arbitrary
mount points.

CVE-2010-0547

Jeff Layton discovered that missing input sanitising in mount.cifs
allows denial of service by corrupting /etc/mtab.

For the stable distribution (lenny), these problems have been fixed in
version 2:3.2.5-4lenny9.

For the unstable distribution (sid), these problems have been fixed in
version 2:3.4.5~dfsg-2.

We recommend that you upgrade your samba packages.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the int...

Read the Full Advisory

Package: samba

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.