Home / mailings [RHSA-2007:1013-01] Critical: samba security update
Posted on 15 November 2007
RedHat-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ---------------------------------------------------------------------
Red Hat Security Advisory
Synopsis: Critical: samba security update
Advisory ID: RHSA-2007:1013-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-1013.html
Issue date: 2007-11-15
Updated on: 2007-11-15
Product: Red Hat Enterprise Linux
CVE Names: CVE-2007-4572 CVE-2007-5398
- ---------------------------------------------------------------------
1. Summary:
Updated samba packages that fix several security issues are now available
for Red Hat Enterprise Linux 2.1 and 3.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
3. Problem description:
Samba is a suite of programs used by machines to share files, printers, and
other information.
A buffer overflow flaw was found in the way Samba creates NetBIOS replies.
If a Samba server is configured to run as a WINS server, a remote
unauthenticated user could cause the Samba server to crash or execute
arbitrary code. (CVE-2007-5398)
A heap-based buffer overflow flaw was found in the way Samba authenticates
users. A remote unauthenticated user could trigger this flaw to cause the
Samba server to crash. Careful analysis of this flaw has determined that
arbitrary code execution is not possible, and under most circumstances will
not result in a crash of the Samba server. (CVE-2007-4572)
Red Hat would like to thank Alin Rad Pop of Secunia Research, and the Samba
developers for responsibly disclosing these issues.
Users of Samba are advised to ugprade to these updated packages, which
contain backported patches to resolve these issues.
4. Solution:
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
5. Bug IDs fixed (http://bugzilla.redhat.com/):
294631 - CVE-2007-4572 samba buffer overflow
358831 - CVE-2007-5398 Samba "reply_netbios_packet()" Buffer Overflow Vulnerability
6. RPMs required:
Red Hat Enterprise Linux AS (Advanced Server) version 2.1 :
SRPMS:
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/samba-2.2.12-1.21as.8.1.src.rpm
c256e2c91c123f1832f52acd841c723e samba-2.2.12-1.21as.8.1.src.rpm
i386:
3668a9e0f562d8f90cc663a0d4947511 samba-2.2.12-1.21as.8.1.i386.rpm
7ad1f876f07f3350ed11e08cd2dfd048 samba-client-2.2.12-1.21as.8.1.i386.rpm
b9b6703ad46f5e07a2c353c4f3213bbd samba-common-2.2.12-1.21as.8.1.i386.rpm
1b096bad8e57d2f8312d8b5481693594 samba-swat-2.2.12-1.21as.8.1.i386.rpm
ia64:
a63a1829e8d3585e0f9598cbb585ff95 samba-2.2.12-1.21as.8.1.ia64.rpm
139643a501d501a38a9841537bbff295 samba-client-2.2.12-1.21as.8.1.ia64.rpm
ed8b98dbb27211c6f40e0d91726082fa samba-common-2.2.12-1.21as.8.1.ia64.rpm
4f070a66e6afd76da95e0c7c7a9b1251 samba-swat-2.2.12-1.21as.8.1.ia64.rpm
Red Hat Linux Advanced Workstation 2.1:
SRPMS:
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/samba-2.2.12-1.21as.8.1.src.rpm
c256e2c91c123f1832f52acd841c723e samba-2.2.12-1.21as.8.1.src.rpm
ia64:
a63a1829e8d3585e0f9598cbb585ff95 samba-2.2.12-1.21as.8.1.ia64.rpm
139643a501d501a38a9841537bbff295 samba-client-2.2.12-1.21as.8.1.ia64.rpm
ed8b98dbb27211c6f40e0d91726082fa samba-common-2.2.12-1.21as.8.1.ia64.rpm
4f070a66e6afd76da95e0c7c7a9b1251 samba-swat-2.2.12-1.21as.8.1.ia64.rpm
Red Hat Enterprise Linux ES version 2.1:
SRPMS:
ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/samba-2.2.12-1.21as.8.1.src.rpm
c256e2c91c123f1832f52acd841c723e samba-2.2.12-1.21as.8.1.src.rpm
i386:
3668a9e0f562d8f90cc663a0d4947511 samba-2.2.12-1.21as.8.1.i386.rpm
7ad1f876f07f3350ed11e08cd2dfd048 samba-client-2.2.12-1.21as.8.1.i386.rpm
b9b6703ad46f5e07a2c353c4f3213bbd samba-common-2.2.12-1.21as.8.1.i386.rpm
1b096bad8e57d2f8312d8b5481693594 samba-swat-2.2.12-1.21as.8.1.i386.rpm
Red Hat Enterprise Linux WS version 2.1:
SRPMS:
ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/samba-2.2.12-1.21as.8.1.src.rpm
c256e2c91c123f1832f52acd841c723e samba-2.2.12-1.21as.8.1.src.rpm
i386:
3668a9e0f562d8f90cc663a0d4947511 samba-2.2.12-1.21as.8.1.i386.rpm
7ad1f876f07f3350ed11e08cd2dfd048 samba-client-2.2.12-1.21as.8.1.i386.rpm
b9b6703ad46f5e07a2c353c4f3213bbd samba-common-2.2.12-1.21as.8.1.i386.rpm
1b096bad8e57d2f8312d8b5481693594 samba-swat-2.2.12-1.21as.8.1.i386.rpm
Red Hat Enterprise Linux AS version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/samba-3.0.9-1.3E.14.1.src.rpm
109ff11f7bae2ea32001733dfcb494a4 samba-3.0.9-1.3E.14.1.src.rpm
i386:
4de0c6d2dae246e46a56db2cec7b64de samba-3.0.9-1.3E.14.1.i386.rpm
bfb5a0569b61135deb3f9364fa36da1b samba-client-3.0.9-1.3E.14.1.i386.rpm
e7b6b04bdf7d0051d2c49272c155fd08 samba-common-3.0.9-1.3E.14.1.i386.rpm
f37ccac147eed9566c04e0b4a21b7531 samba-debuginfo-3.0.9-1.3E.14.1.i386.rpm
ae11744aa2d5e3acb6005049376645d1 samba-swat-3.0.9-1.3E.14.1.i386.rpm
ia64:
4de0c6d2dae246e46a56db2cec7b64de samba-3.0.9-1.3E.14.1.i386.rpm
e199d3394b047493501054854becba95 samba-3.0.9-1.3E.14.1.ia64.rpm
7683498f19d4dc2457c94c2b2c383c5c samba-client-3.0.9-1.3E.14.1.ia64.rpm
e7b6b04bdf7d0051d2c49272c155fd08 samba-common-3.0.9-1.3E.14.1.i386.rpm
072b014b104dd5c3e47cb7ff95f49c19 samba-common-3.0.9-1.3E.14.1.ia64.rpm
f37ccac147eed9566c04e0b4a21b7531 samba-debuginfo-3.0.9-1.3E.14.1.i386.rpm
dcefead38a15b5045623c062b62f93cb samba-debuginfo-3.0.9-1.3E.14.1.ia64.rpm
90d018a6319715a6ebaa8ec589d6a5ed samba-swat-3.0.9-1.3E.14.1.ia64.rpm
ppc:
2d19e0c0dd38a67a58f7554ed1813960 samba-3.0.9-1.3E.14.1.ppc.rpm
7220d706da598f65fb2034c59436ca39 samba-3.0.9-1.3E.14.1.ppc64.rpm
e0b4f4c3d2b1a0110e4cd854ee4b5d63 samba-client-3.0.9-1.3E.14.1.ppc.rpm
bb761b0be35251a3271fe517485b73fc samba-common-3.0.9-1.3E.14.1.ppc.rpm
fa3ebbb6aff8c03433d314fdf7907eda samba-common-3.0.9-1.3E.14.1.ppc64.rpm
040a878f51d0628cc81fc509f8241b61 samba-debuginfo-3.0.9-1.3E.14.1.ppc.rpm
94e7a01b31e73b9779df25a97b8b8588 samba-debuginfo-3.0.9-1.3E.14.1.ppc64.rpm
ea9388a3ef700197148af7217cab23e7 samba-swat-3.0.9-1.3E.14.1.ppc.rpm
s390:
442c0489b0b6e47c30d29920d86ad1c6 samba-3.0.9-1.3E.14.1.s390.rpm
8fd814d9aaf60d506c00458f046e135f samba-client-3.0.9-1.3E.14.1.s390.rpm
ad59ab1c42546e3713d8e2fa06ca5dcf samba-common-3.0.9-1.3E.14.1.s390.rpm
ddd8aac31875f86285765f449464b9b6 samba-debuginfo-3.0.9-1.3E.14.1.s390.rpm
ff6c34142632863ceeba2b51ee6ab63d samba-swat-3.0.9-1.3E.14.1.s390.rpm
s390x:
442c0489b0b6e47c30d29920d86ad1c6 samba-3.0.9-1.3E.14.1.s390.rpm
4631bddcfdea1831b9e710788663b2f3 samba-3.0.9-1.3E.14.1.s390x.rpm
4ed24e0dc5a06239b696b7ca3f0299af samba-client-3.0.9-1.3E.14.1.s390x.rpm
ad59ab1c42546e3713d8e2fa06ca5dcf samba-common-3.0.9-1.3E.14.1.s390.rpm
4e802689c31db058065f7899f2fcc0c9 samba-common-3.0.9-1.3E.14.1.s390x.rpm
ddd8aac31875f86285765f449464b9b6 samba-debuginfo-3.0.9-1.3E.14.1.s390.rpm
efbf689c8e0baae4a2c4bc6f9be95e69 samba-debuginfo-3.0.9-1.3E.14.1.s390x.rpm
1314e87a446697fe5b76a621b5cfff58 samba-swat-3.0.9-1.3E.14.1.s390x.rpm
x86_64:
4de0c6d2dae246e46a56db2cec7b64de samba-3.0.9-1.3E.14.1.i386.rpm
27c811b470b7350b3139448d74f2de27 samba-3.0.9-1.3E.14.1.x86_64.rpm
63cc1e310310586bbeff693cd5353a49 samba-client-3.0.9-1.3E.14.1.x86_64.rpm
e7b6b04bdf7d0051d2c49272c155fd08 samba-common-3.0.9-1.3E.14.1.i386.rpm
689ce45d04eba3215f144691815ab8bb samba-common-3.0.9-1.3E.14.1.x86_64.rpm
f37ccac147eed9566c04e0b4a21b7531 samba-debuginfo-3.0.9-1.3E.14.1.i386.rpm
f18185d69a5ba27b86fa99f2d20d0048 samba-debuginfo-3.0.9-1.3E.14.1.x86_64.rpm
984deb53f02277f5cb4e7aac5c44ea0a samba-swat-3.0.9-1.3E.14.1.x86_64.rpm
Red Hat Desktop version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/samba-3.0.9-1.3E.14.1.src.rpm
109ff11f7bae2ea32001733dfcb494a4 samba-3.0.9-1.3E.14.1.src.rpm
i386:
4de0c6d2dae246e46a56db2cec7b64de samba-3.0.9-1.3E.14.1.i386.rpm
bfb5a0569b61135deb3f9364fa36da1b samba-client-3.0.9-1.3E.14.1.i386.rpm
e7b6b04bdf7d0051d2c49272c155fd08 samba-common-3.0.9-1.3E.14.1.i386.rpm
f37ccac147eed9566c04e0b4a21b7531 samba-debuginfo-3.0.9-1.3E.14.1.i386.rpm
ae11744aa2d5e3acb6005049376645d1 samba-swat-3.0.9-1.3E.14.1.i386.rpm
x86_64:
4de0c6d2dae246e46a56db2cec7b64de samba-3.0.9-1.3E.14.1.i386.rpm
27c811b470b7350b3139448d74f2de27 samba-3.0.9-1.3E.14.1.x86_64.rpm
63cc1e310310586bbeff693cd5353a49 samba-client-3.0.9-1.3E.14.1.x86_64.rpm
e7b6b04bdf7d0051d2c49272c155fd08 samba-common-3.0.9-1.3E.14.1.i386.rpm
689ce45d04eba3215f144691815ab8bb samba-common-3.0.9-1.3E.14.1.x86_64.rpm
f37ccac147eed9566c04e0b4a21b7531 samba-debuginfo-3.0.9-1.3E.14.1.i386.rpm
f18185d69a5ba27b86fa99f2d20d0048 samba-debuginfo-3.0.9-1.3E.14.1.x86_64.rpm
984deb53f02277f5cb4e7aac5c44ea0a samba-swat-3.0.9-1.3E.14.1.x86_64.rpm
Red Hat Enterprise Linux ES version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/samba-3.0.9-1.3E.14.1.src.rpm
109ff11f7bae2ea32001733dfcb494a4 samba-3.0.9-1.3E.14.1.src.rpm
i386:
4de0c6d2dae246e46a56db2cec7b64de samba-3.0.9-1.3E.14.1.i386.rpm
bfb5a0569b61135deb3f9364fa36da1b samba-client-3.0.9-1.3E.14.1.i386.rpm
e7b6b04bdf7d0051d2c49272c155fd08 samba-common-3.0.9-1.3E.14.1.i386.rpm
f37ccac147eed9566c04e0b4a21b7531 samba-debuginfo-3.0.9-1.3E.14.1.i386.rpm
ae11744aa2d5e3acb6005049376645d1 samba-swat-3.0.9-1.3E.14.1.i386.rpm
ia64:
4de0c6d2dae246e46a56db2cec7b64de samba-3.0.9-1.3E.14.1.i386.rpm
e199d3394b047493501054854becba95 samba-3.0.9-1.3E.14.1.ia64.rpm
7683498f19d4dc2457c94c2b2c383c5c samba-client-3.0.9-1.3E.14.1.ia64.rpm
e7b6b04bdf7d0051d2c49272c155fd08 samba-common-3.0.9-1.3E.14.1.i386.rpm
072b014b104dd5c3e47cb7ff95f49c19 samba-common-3.0.9-1.3E.14.1.ia64.rpm
f37ccac147eed9566c04e0b4a21b7531 samba-debuginfo-3.0.9-1.3E.14.1.i386.rpm
dcefead38a15b5045623c062b62f93cb samba-debuginfo-3.0.9-1.3E.14.1.ia64.rpm
90d018a6319715a6ebaa8ec589d6a5ed samba-swat-3.0.9-1.3E.14.1.ia64.rpm
x86_64:
4de0c6d2dae246e46a56db2cec7b64de samba-3.0.9-1.3E.14.1.i386.rpm
27c811b470b7350b3139448d74f2de27 samba-3.0.9-1.3E.14.1.x86_64.rpm
63cc1e310310586bbeff693cd5353a49 samba-client-3.0.9-1.3E.14.1.x86_64.rpm
e7b6b04bdf7d0051d2c49272c155fd08 samba-common-3.0.9-1.3E.14.1.i386.rpm
689ce45d04eba3215f144691815ab8bb samba-common-3.0.9-1.3E.14.1.x86_64.rpm
f37ccac147eed9566c04e0b4a21b7531 samba-debuginfo-3.0.9-1.3E.14.1.i386.rpm
f18185d69a5ba27b86fa99f2d20d0048 samba-debuginfo-3.0.9-1.3E.14.1.x86_64.rpm
984deb53f02277f5cb4e7aac5c44ea0a samba-swat-3.0.9-1.3E.14.1.x86_64.rpm
Red Hat Enterprise Linux WS version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/samba-3.0.9-1.3E.14.1.src.rpm
109ff11f7bae2ea32001733dfcb494a4 samba-3.0.9-1.3E.14.1.src.rpm
i386:
4de0c6d2dae246e46a56db2cec7b64de samba-3.0.9-1.3E.14.1.i386.rpm
bfb5a0569b61135deb3f9364fa36da1b samba-client-3.0.9-1.3E.14.1.i386.rpm
e7b6b04bdf7d0051d2c49272c155fd08 samba-common-3.0.9-1.3E.14.1.i386.rpm
f37ccac147eed9566c04e0b4a21b7531 samba-debuginfo-3.0.9-1.3E.14.1.i386.rpm
ae11744aa2d5e3acb6005049376645d1 samba-swat-3.0.9-1.3E.14.1.i386.rpm
ia64:
4de0c6d2dae246e46a56db2cec7b64de samba-3.0.9-1.3E.14.1.i386.rpm
e199d3394b047493501054854becba95 samba-3.0.9-1.3E.14.1.ia64.rpm
7683498f19d4dc2457c94c2b2c383c5c samba-client-3.0.9-1.3E.14.1.ia64.rpm
e7b6b04bdf7d0051d2c49272c155fd08 samba-common-3.0.9-1.3E.14.1.i386.rpm
072b014b104dd5c3e47cb7ff95f49c19 samba-common-3.0.9-1.3E.14.1.ia64.rpm
f37ccac147eed9566c04e0b4a21b7531 samba-debuginfo-3.0.9-1.3E.14.1.i386.rpm
dcefead38a15b5045623c062b62f93cb samba-debuginfo-3.0.9-1.3E.14.1.ia64.rpm
90d018a6319715a6ebaa8ec589d6a5ed samba-swat-3.0.9-1.3E.14.1.ia64.rpm
x86_64:
4de0c6d2dae246e46a56db2cec7b64de samba-3.0.9-1.3E.14.1.i386.rpm
27c811b470b7350b3139448d74f2de27 samba-3.0.9-1.3E.14.1.x86_64.rpm
63cc1e310310586bbeff693cd5353a49 samba-client-3.0.9-1.3E.14.1.x86_64.rpm
e7b6b04bdf7d0051d2c49272c155fd08 samba-common-3.0.9-1.3E.14.1.i386.rpm
689ce45d04eba3215f144691815ab8bb samba-common-3.0.9-1.3E.14.1.x86_64.rpm
f37ccac147eed9566c04e0b4a21b7531 samba-debuginfo-3.0.9-1.3E.14.1.i386.rpm
f18185d69a5ba27b86fa99f2d20d0048 samba-debuginfo-3.0.9-1.3E.14.1.x86_64.rpm
984deb53f02277f5cb4e7aac5c44ea0a samba-swat-3.0.9-1.3E.14.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package
7. References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4572
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5398
http://www.redhat.com/security/updates/classification/#critical
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/
Copyright 2007 Red Hat, Inc.