Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 521
Alerts This Week
Warning Icon 1 521

Scientific Linux: Samba Update For CVE-2008-1105 Critical Buffer Overflow

Scientific Large Esm H446
Critical: samba security and bug fix update
Date: Wed, 28 May 2008 15:36:29 -0500
Reply-To: Troy Dawson 
Sender: Security Errata for Scientific Linux
 
From: Troy Dawson 
Subject: Security ERRATA for samba on SL5.x i386/x86_64
Comments: To: "This email address is being protected from spambots. You need JavaScript enabled to view it."
 

Synopsis: Critical: samba security and bug fix update
Issue date: 2008-05-28
CVE Names: CVE-2008-1105

A heap-based buffer overflow flaw was found in the way Samba clients handle
over-sized packets. If a client connected to a malicious Samba server, it
was possible to execute arbitrary code as the Samba client user. It was
also possible for a remote user to send a specially crafted print request
to a Samba server that could result in the server executing the vulnerable
client code, resulting in arbitrary code execution with the permissions of
the Samba server. (CVE-2008-1105)

This update also addresses two issues which prevented Samba from joining
certain Windows domains with tightened security policies, and prevented
certain signed SMB content from working as expected:

* when some Windows=AE 2000-based domain controllers were set to use
mandatory signing, Samba clients would drop the connection because of an
error when generating signatures. This presented as a "Server packet had
invalid SMB signature" error to the Samba client. This update corrects the
signature generation error.

* Samba servers using the "net ads join" command to connect to a Windows
Server=AE 2003-based domain would fail with "failed to get schannel session
key from server" and "NT_STATUS_ACCESS_DENIED" errors. This update
correctly binds to the NETLOGON share, allowing Samba servers to connect to
the domain properly.

SL 5.x

 SRPMS:
samba-3.0.28-1.el5_2.1.src.rpm
 i386:
samba-3.0.28-1.el5_2.1.i386.rpm
samba-client-3.0.28-1.el5_2.1.i386.rpm
samba-common-3.0.28-1.el5_2.1.i386.rpm
samba-swat-3.0.28-1.el5_2.1.i386.rpm
 x86_64:
samba-3.0.28-1.el5_2.1.x86_64.rpm
samba-client-3.0.28-1.el5_2.1.x86_64.rpm
samba-common-3.0.28-1.el5_2.1.i386.rpm
samba-common-3.0.28-1.el5_2.1.x86_64.rpm
samba-swat-3.0.28-1.el5_2.1.x86_64.rpm

-Connie Sieh
-Troy Dawson
lastline