Alerts This Week
Warning Icon 1 540
Alerts This Week
Warning Icon 1 540

Ubuntu 6.06 LTS: USN-617-2 Moderate: Samba Regression Denial of Service

Calendar Jun 30, 2008 User Avatar LinuxSecurity Advisories
4 - 7 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory moderate denial of service ubuntu samba regression
Samba developers discovered that nmbd could be made to overrun a buffer during the processing of GETDC logon server requests. When samba is configured as a Primary or Backup Domain Controller, a remote attacker could send malicious logon requests and possibly cause a denial of service. (CVE-2007-4572) 
=========================================================== 
Ubuntu Security Notice USN-617-2              June 30, 2008
samba regression
CVE-2008-1105, https://bugs.launchpad.net/ubuntu/+source/totem/+bug/241448
==========================================================
A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 7.04
Ubuntu 7.10
Ubuntu 8.04 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  libsmbclient                    3.0.22-1ubuntu3.8

Ubuntu 7.04:
  libsmbclient                    3.0.24-2ubuntu1.7

Ubuntu 7.10:
  libsmbclient                    3.0.26a-1ubuntu2.5

Ubuntu 8.04 LTS:
  libsmbclient                    3.0.28a-1ubuntu4.4

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

USN-617-1 fixed vulnerabilities in Samba. The upstream patch
introduced a regression where under certain circumstances accessing
large files might cause the client to report an invalid packet
length error. This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

 Samba developers discovered that nmbd could be made to overrun
 a buffer during the processing of GETDC logon server requests.
 When samba is configured as a Primary or Backup Domain Controller,
 a remote attacker could send malicious logon requests and possibly
 cause a denial of service. (CVE-2007-4572)
 
 Alin Rad Pop of Secunia Research discovered that Samba did not
 properly perform bounds checking when parsing SMB replies. A remote
 attacker could send crafted SMB packets and execute arbitrary code.
 (CVE-2008-1105)


Updated packages for Ubuntu 6.06 LTS:

  Source archives:

          Size/MD5:   157652 196d8c9a0a200735dfa689ed2e1d9a54
          Size/MD5:     1195 939b82a27aea77ee5991dea27e7cb622
          Size/MD5: 17542657 5c39505af17cf5caf3d6ed8bab135036

  Architecture independent packages:

          Size/MD5:  6594438 2fb29bdafb2791293e404c2e4d1dd900
          Size/MD5:  6902006 7c4b90a96e27d324fbe9b6dc794fb528

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:   426734 734bd91be697e3cae2135196d6c9a965
          Size/MD5:   112626 fb18b31f9d1e4667c6ec060d667953dd
          Size/MD5:   798508 6eaad82261cf086b91ea8a082467ed0c
          Size/MD5:  5974368 3e1cf92f3842b472ae25e6df94e272f7
          Size/MD5:  2414790 14233ad46b4904a07cea5aea65954010
          Size/MD5: 11893378 af74336d7c7ed64270ef1b718b3bf4e1
          Size/MD5:  3404406 e8c8529e0df7d7579bc24d080dcb0602
          Size/MD5:  4042528 4e7a4791d446f51758ddcda2b18c964a
          Size/MD5:   449570 54c844e69f423e84839a1bfdda5d8af3
          Size/MD5:   833370 835d19f03142dcec6467fea142b494f0
          Size/MD5:  1930534 cad1f12491874ac430a25af1cd402d8b

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:   366380 2d19d277c4689cdd4483683e9e87895f
          Size/MD5:   112626 3e80697a98ea1506ef8e6fea313ddd57
          Size/MD5:   683396 b75642743efde743f8e549526a649049
          Size/MD5:  5068276 0be4ae16c1a1fe86759421651a6c5b7b
          Size/MD5:  2078242 af68e2826091ef99b6ecc6feb2465812
          Size/MD5:  9811756 4735e780e1f66c26c941a9ba78f6c7d0
          Size/MD5:  2851808 b2e08f523a16d6fd940f79c3c4b68b3c
          Size/MD5:  3353450 9a9358a9da7c754c3088df6f5a6322d3
          Size/MD5:   379616 db510515f4f52745c8b68fc2ce321d70
          Size/MD5:   711632 ad369bb5659ff95b314d69325bf3633d
          Size/MD5:  1609384 4e3cc5fa92fd9fffc7e89229b922ee73

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:   410486 83b293835a741fe22d34b6a6670dbc32
          Size/MD5:   112634 fcfad51ea8f9a195cf4279f2ec9e0984
          Size/MD5:   776694 8af9578a5a6d1a9748a2e33c65033436
          Size/MD5:  5692882 6093d446db16c549b5731c3f853e7008
          Size/MD5:  2358972 574c499fa8326a1446c385db6b3e776c
          Size/MD5: 11902934 20d41141a517c2d64a84c5942678a577
          Size/MD5:  3333898 b4c27f84c228d0594389d6940533d0f3
          Size/MD5:  3942468 812fbc8a6ca895d9d0b14ad52608ed93
          Size/MD5:   442630 6cc65ecdd95cb00546b449972f130bc5
          Size/MD5:   814174 56ecf2b22299800d569cefee525f3fe5
          Size/MD5:  1873456 5be0ec9c3bb984ffc9b47e23a71165d5

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:   389476 0228a102eb390717addfb9b45eb1c468
          Size/MD5:   112630 b1db36b5af454d0f644e340856ab0483
          Size/MD5:   730180 618eff0cfb1d3b74d104930a5be07a64
          Size/MD5:  5426864 259647b621e2befb4af2e00b86a3a702
          Size/MD5:  2145344 28d2de6bbdcbbab44cfc00b5b67cfdb7
          Size/MD5:  9723508 f9a3ba8e5fc4bdd11a4559c821edda25
          Size/MD5:  2992688 67247b45f55e83e2a47b93a6891fec60
          Size/MD5:  3507620 96af5217d12feff54929f511b3e44b6b
          Size/MD5:   399500 31bad973cb22b63756c1f9ae88dc6c08
          Size/MD5:   736850 80f6d3b2f3661bce2b467b3f9cbba99d
          Size/MD5:  1691208 58db7402f766c63f4fc66daba7088888

Updated packages for Ubuntu 7.04:

  Source archives:

          Size/MD5:   218525 c011746e1879bfc716c010c27c61f234
          Size/MD5:     1491 c3b47b2a9abeef01502c95b005d019e2
          Size/MD5: 17708128 89273f67a6d8067cbbecefaa13747153

  Architecture independent packages:

          Size/MD5:  6603398 c420eb9e484a06adbe7c0d90f1c6881b
          Size/MD5:  6917768 9196e1d4a66b28aac9d729febe9dd7aa

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:   482532 4a599a7f3ceaacca5d352d40fb7569d5
          Size/MD5:   116738 fb29c3a65757ce4a93f99563b9b4cf5b
          Size/MD5:   869060 1126cbd69a524ea2e401773ce6ce7483
          Size/MD5:  6499296 d98b5c77de130ed9f6d5be7464189d0a
          Size/MD5:  2691948 9b9f8276ef983a5439170f8fea747ba1
          Size/MD5: 12265698 9029745d6719e84b75772817999e73c6
          Size/MD5:  3758584 3f7b4e9fa209a67e4c174cb3129af2b4
          Size/MD5:  4516566 7183e0b88fa476b92ef357bdb973d5d3
          Size/MD5:   480050 f997320f1632df23733ea9ab52e97304
          Size/MD5:   904870 ebfc35cc77895b71fabc8e1c0e86aaf9
          Size/MD5:  2165388 e320925355392b5c4c090cabf9eb26c9

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:   436108 f59fe0e740d41d3c137b66b4427cebbb
          Size/MD5:   116744 eb73aee71858dc330e2036ae1790a918
          Size/MD5:   794592 69d2540fccf37929719f790c384e6775
          Size/MD5:  5909686 b37dfb3cce895b2dc5a53d193f5f7aa2
          Size/MD5:  2438608 21669c79186fd71465472e015e593a47
          Size/MD5: 11861106 c666608eaa4033c4434db19df7e581ed
          Size/MD5:  3342624 c7c2f85d373abe019341276aed71ed99
          Size/MD5:  4017186 949fa9ffedc65b88e3a7bdb3561eb1a0
          Size/MD5:   427836 8a2be5e45ee0d1e788e49b33600382cb
          Size/MD5:   820532 5117b2c2d3a36e9fd0e4b4db58c6b9aa
          Size/MD5:  1926068 cddb40575915534cfad73d9bbf5ac9d4

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:   478398 b5da8283e7bcd7756bc432a49fccd3df
          Size/MD5:   116738 fbd1c64e8a0fe388afeea00cb3548707
          Size/MD5:   859722 4e560cc7685001955ff5e2637a8a5948
          Size/MD5:  6537120 71010397d35668f35720448ef444440c
          Size/MD5:  2653854 3af210311515ca002d20a9f574a1877f
          Size/MD5: 12574162 0ef9716c7fa0d29769b94d90f8aa63d8
          Size/MD5:  3727558 def536e9c9048cc3baeea25994967105
          Size/MD5:  4455088 40ae9c689803a6815e46e685037925ca
          Size/MD5:   487720 7d85486d53b6648ad9f785d60465f4e8
          Size/MD5:   894090 b6f6f8cd379516bb3bd4d3f405c7af36
          Size/MD5:  2145272 6b5f80acc055e7c0b720f19bf70d944d

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:   442672 f30fad7f0d26c65c1190f238972d6963
          Size/MD5:   116740 d9a0da634fb3231cd55c7451df85b73e
          Size/MD5:   796942 59992157d71435e66b7dc8694e782d1f
          Size/MD5:  5933384 529716783a15efe712da118861c14bcf
          Size/MD5:  2408870 ff2bb1c98f263fe58afef9b9912404ec
          Size/MD5: 10880364 d541529278a1a90d2a42594a791059be
          Size/MD5:  3346564 1305e270529586d0b1384ffd47f1c2c3
          Size/MD5:  3964076 5ea575848c6f263841f0fb3a86a8fd51
          Size/MD5:   436616 2d41efc4dbf4e731ab48e3eecf4f8963
          Size/MD5:   805882 1b4247358022c505512a9021f6dc0862
          Size/MD5:  1923466 a59f37251f92963eb64afe0e65ec4706

Updated packages for Ubuntu 7.10:

  Source archives:

          Size/MD5:   205645 09fb5f772d2c3929b5a4e0dc2438c8a7
          Size/MD5:     1430 c31313f44061b2a2cb0c0103623bba07
          Size/MD5: 18180031 16b47e6add332e5ac4523fc88c381d06

  Architecture independent packages:

          Size/MD5:  6615780 9e18e258ba5cf663ee4bd61896d84fbe
          Size/MD5:  6980500 96c312c49940a15e98c944f4f841d4b9

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:   513676 4bfaa0c09beba5e9e404c32b05c2bf00
          Size/MD5:  1286728 6d0d54809437e275b3f3eecb00001b1b
          Size/MD5:   961086 4ad8f11bf1bd0130de1710cb8617560e
          Size/MD5:  3039706 d4c5ab7369e17bd9c62481c83e00e725
          Size/MD5: 20867648 32889a9ae05332c7e3d3024b594e6575
          Size/MD5:  4180670 36b57f2cc1026e3d5d3b66d50e370840
          Size/MD5:  5290016 9eb114b72bdc513d8116b7c1fb73b731
          Size/MD5:   527758 2d5f735da32bdea7e04e9556c6b16221
          Size/MD5:  1041804 7cf1f5839068f6fba422842ec29e3cd5
          Size/MD5:  2461390 203bb00391c715937856965c289c8c28

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:   465938 39ca5445dd85f82c0f6d56460e90e058
          Size/MD5:  1201742 7b2be1e6884425b1dfe3d41511e96276
          Size/MD5:   885524 97bfc696a571bf4c1695bb9ea1cc1dc3
          Size/MD5:  2836100 b9190c90a212432a862a784594af510b
          Size/MD5: 20137494 68402890f3a4a6185ec5c262f77c7557
          Size/MD5:  3842432 456806b7b6050d183f3cbb07d90cce70
          Size/MD5:  4887544 66bb9e29c62ef4607afb497976e1126a
          Size/MD5:   485840 5d55ddbf7c82011d130238f6c11a2a6b
          Size/MD5:   974214 a84ca759a1f9d160a4224108430d24b6
          Size/MD5:  2243292 7a9fe51417c22d4ed3680d431ddf7776

  lpia architecture (Low Power Intel Architecture):

          Size/MD5:   455366 443fb2fd194733ea4ae7623069502118
          Size/MD5:  1160326 7e1af832d83977b275fc4836d900314a
          Size/MD5:   856584 5de552912d40d5cb20a567ec30652319
          Size/MD5:  2755774 f6838938588988dc94093474f017d127
          Size/MD5: 20643974 6d5b90592ac8a2e8766cce22e9d00fcf
          Size/MD5:  3737220 1757ab79409592e82c5820ff94178907
          Size/MD5:  4719564 122a6f545c8b24efca5ede060d638e30
          Size/MD5:   475378 4ee821f1ab93b3204f0b28114cda1e6d
          Size/MD5:   943250 e380a1def3dc5e8fae62ee886f99f1a7
          Size/MD5:  2180014 93546f26f36f6e862d05e10a008900cb

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:   509098 8ac0fc678825ec72a39fc0d374c92b6c
          Size/MD5:  1208080 d3df02019c277ca25016f18fedb2ffd7
          Size/MD5:   961500 cc05db3e57ce44b73036dc6569b605ac
          Size/MD5:  2985798 5b90fbecb7f5fba5081822a36cd23dbb
          Size/MD5: 21449466 7e8a268e70f6c0ec27bb1c147281f99b
          Size/MD5:  4123150 17aa692f89ee9d7785f00a79d66d31af
          Size/MD5:  5200756 46f7a494b3d680ef9d8d3040e5868ce4
          Size/MD5:   533682 d9bc711a7b0f0aad4038b72480640d73
          Size/MD5:  1019192 f9f38c2156d0f05035b4502d0b9a90c0
          Size/MD5:  2416466 2cb8e8bd0aef9a0ee293cb125fc82d5b

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:   472338 e88f46e220b350e973c70696193fbe52
          Size/MD5:  1280312 a3431074397172551c3b28100c6c5f57
          Size/MD5:   889278 76229732d47d810527fba825e39c803e
          Size/MD5:  2802350 b94ef3c083b1ab22614371bdbe4eff7a
          Size/MD5: 18681078 257432cb710f73e9f6228fd96d4dd869
          Size/MD5:  3852738 60cb8489c650e93e7d89b2ad69ccdfd9
          Size/MD5:  4822736 a902e8a6447bdf97fc82b1f1cbc8c1d3
          Size/MD5:   493760 05c487cc4f24121bb488af76078d2171
          Size/MD5:   957988 ea569f8f7670c9cabd0419fe1ba51b1b
          Size/MD5:  2241552 54154a29ed7c6d1ff675e077c588b60e

Updated packages for Ubuntu 8.04 LTS:

  Source archives:

          Size/MD5:   219478 f0bb6a0e88abd123b99718f3d1395751
          Size/MD5:     1438 6ee26263f68f9b5359e932f8656feca6
          Size/MD5: 18172643 59754cb0c19da6e65c42d0a163c5885a

  Architecture independent packages:

          Size/MD5:  6621418 09150a88dbb6f51892128d97abb3e41c
          Size/MD5:  7008294 07d1c49cad4abd330035b10ebf82bbd7

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:   519600 f972355bdc820c7eb1a51d3b01dae899
          Size/MD5:  1291588 6c39c8d9a576cf655d534131cb37f6d0
          Size/MD5:   966924 d1caac4e45aee4f4bdcfa3e198692aa8
          Size/MD5:  3057644 531208f5b8bdbd80c0ce8b6671a4b92f
          Size/MD5: 20882062 f93eb15cc7b51eb7a2681c050099b2ed
          Size/MD5:  4193418 f115116a2e88fa138c8303059ae29286
          Size/MD5:  5303172 f0132a861c173e9f230e71be13733f39
          Size/MD5:    94648 0da0f74c83e7b065acdee0572bd36e83
          Size/MD5:  1047838 bfdae8d3e329157e566dfaa866562ef5
          Size/MD5:  2471654 c1495a9f0679dd9be7f9e5ce594e8888

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:   471292 3e845f0f44293f335000b249dc73b143
          Size/MD5:  1201030 c43c39b9b20fd034dbaa2d9915d99d52
          Size/MD5:   886394 62aafcf6f3dcd609b884a90352a496d1
          Size/MD5:  2839270 1a00ccd9a4ae56c71b2c1678245f6a29
          Size/MD5: 20203364 623abd50d07a0a4aa4fe95e3755abd05
          Size/MD5:  3839198 6a7d00a2bf834d4e94564455f3f54a34
          Size/MD5:  4862966 0d282e7d87c87bf4e046d0cdee0e80f9
          Size/MD5:    93964 ab493bb7f06b7a1cbc8ac7ad737e7463
          Size/MD5:   973596 43db789f81ee1f1a02571e0ce49e0bd7
          Size/MD5:  2247536 ca1ee09fb5d2d2816999526a367d2290

  lpia architecture (Low Power Intel Architecture):

          Size/MD5:   462224 c7f1017bc3a6b23180dfe4af6a84d710
          Size/MD5:  1167244 6b023de1038a2851fc0f43db8bc3ccda
          Size/MD5:   863544 2acedf479d474fa81c2f5ecc7ce44526
          Size/MD5:  2778114 7d8ef8d67e3f87ed939f502e42698439
          Size/MD5: 20579370 b25c56ee77f75944739d75f540ece22c
          Size/MD5:  3755524 fb8e37eb5a3e7ad53b72c293d36d469a
          Size/MD5:  4733396 f71f7ad9055dbabca91f98d9c8414a25
          Size/MD5:    94060 3188c0146f2bdfca996810612d9c64fa
          Size/MD5:   950166 f2905aaab2fad7afd9f8d52da88f6e5a
          Size/MD5:  2194372 d6b9b11053e642e2e5eccaa1d090b7d8

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:   514828 fe1399a8bbff1c02ed1e84822889e6be
          Size/MD5:  1198978 1ea0c52a7789c68f5dde9e7792ba858f
          Size/MD5:   955578 b05103891744c0c6fbbec2d5826d9f9a
          Size/MD5:  2989904 6a969461fefd3dd3d3d35fbd0e061d8a
          Size/MD5: 21171970 93f821b79c8cf61ca282e388e3ac018f
          Size/MD5:  4124540 86ee3d51b8dc103b421841dadb39a440
          Size/MD5:  5161494 a383c0b6f8f701d41d19c0c8cc64e85b
          Size/MD5:    98164 04eca09552d18f84e3eb9151c0112e24
          Size/MD5:  1017072 d3d6b7f2603d1aa4e040714f1301428e
          Size/MD5:  2419076 dbbe3d893779905eb83bc65c53fffd39

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:   473688 becdcdc57ca8feb1bb359d99edfac1ef
          Size/MD5:  1263266 e46c5037ca8b18c1c29434965b443762
          Size/MD5:   881338 5cc281d03bf6f9f2b871bd5ea3b5b2a3
          Size/MD5:  2779300 ad15c6892bdf80ee47754579906df552
          Size/MD5: 18513064 86d141ad45c1dcb29777dc4772d4ea84
          Size/MD5:  3801600 b6a9503b4a941043e2c78715772e8eea
          Size/MD5:  4742064 7abcb8604fefe753a4da0ee43d034909
          Size/MD5:    94784 3dcaf421738f1911d4e6aebcd3b7997c
          Size/MD5:   947224 09a07583e20ee63f8ba64be348362222
          Size/MD5:  2216906 974b2bc0f874de7bcf6587b2b6223807

Ubuntu 6.06 LTS: USN-617-2 Moderate: Samba Regression Denial of Service

ubuntu
Calendar Grey June 30, 2008
Dist Ubuntu Esm H88
Samba vulnerabilities in Ubuntu may result in service interruptions. Implement patches promptly to reduce potential exposure to remote attacks.
Samba developers discovered that nmbd could be made to overrun a buffer during the processing of GETDC logon server requests. When samba is configured as a Primary or Backup...

Summary

Topics%20covered

Topics Covered

security advisory moderate denial of service ubuntu samba regression

Update Instructions

References

Ubuntu Security Notice USN-617-2 June 30, 2008

Topics%20covered

Topics Covered

security advisory moderate denial of service ubuntu samba regression

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here