Debian: DSA 280-1 Critical: Samba Buffer Overflow Remote Access
debian
April 7, 2003
There is a vulnerability that can lead to an anonymous user gaining root access on a Samba serving system.
Summary
Digital Defense, Inc. has alerted the Samba Team to a serious
vulnerability in, a LanManager-like file and printer server for Unix.
This vulnerability can lead to an anonymous user gaining root access
on a Samba serving system. An exploit for this problem is already
circulating and in use.
Since the packags for potato are quite old it is likely that they
contain more security-relevant bugs that we know of. You are
therefore advised to upgrade your systems running Samba to woody
soon.
Unofficial backported packages from the Samba maintainers for version
2.2.8 of Samba for woody are available at
< > and
< >.
For the stable distribution (woody) this problem has been fixed in
version 2.2.3a-12.3.
For the old stable distribution (potato) this problem has been fixed in
version 2.0.7-5.1.
The unstable distribution (sid) is not affected since it contains
version 3.0 packages already.
We recommend that you upgrade your Samba packages immediately.
Upgrade Instructions
- --------------------
wget url
wil...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: samba
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!