Date: 08 April 2003
References: ESB-2003.0258 ESB-2003.0260 ESB-2003.0262 ESB-2003.0266 ESB-2003.0272 ESB-2003.0274 ESB-2003.0299 ESB-2003.0340 ESB-2003.0524
Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
===========================================================================
A U S C E R T A L E R T
AL-2003.06 -- AUSCERT ALERT
Security bugfix for Samba
The Samba Team
08 April 2003
===========================================================================
AusCERT Alert Summary
---------------------
Product: samba 2.2.8 and prior
Vendor: The Samba Team
Operating System: Linux
BSD
UNIX
Impact: Root Compromise
Access Required: Remote
CVE Names: CAN-2003-0201
Due to the severity of this vulnerability and the release of fully
functional exploit code to the public, AusCERT is releasing this
information as an AusCERT Alert. AusCERT recommends that sites test and
implement the appropriate patches, as detailed below.
In additional to applying patches for this and similar vulnerabilities,
AusCERT recommends applying good security practice of minimal access.
Mitigation strategies may include disabling unnecessary services and
restricting access from untrusted networks.
AusCERT will continue to monitor this vulnerability and any exploit
activity. AusCERT members will be updated as information becomes
available.
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
This release provides an important security fix outlined in the
release notes that follow. This is the latest stable release of
Samba and the version that all production Samba servers should be
running for all current bug-fixes.
The source code can be downloaded from :
http://download.samba.org/samba/ftp/
in the file samba-2.2.8a.tar.gz or samba-2.2.8a.tar.bz2.
Both archives have been signed using the Samba Distribution Key
(available in the samba directory on the web server).
Binary packages will be released shortly for major platforms and
can be found at
http://download.samba.org/samba/ftp/Binary_Packages/
As always, all bugs are our responsibility.
--Sincerely
The Samba Team
****************************************
* IMPORTANT: Security bugfix for Samba *
****************************************
Summary
- - -------
Digital Defense, Inc. has alerted the Samba Team to a serious
vulnerability in all stable versions of Samba currently shipping.
The Common Vulnerabilities and Exposures (CVE) project has assigned
the ID CAN-2003-0201 to this defect.
This vulnerability, if exploited correctly, leads to an anonymous
user gaining root access on a Samba serving system. All versions
of Samba up to and including Samba 2.2.8 are vulnerable. An active
exploit of the bug has been reported in the wild. Alpha versions of
Samba 3.0 and above are *NOT* vulnerable.
Credit
- - ------
The Samba Team would like to thank Erik Parker and the team at
Digital Defense, Inc. for their efforts spent in the responsible
and timely reporting of this bug.
Patch Availability
- - ------------------
The Samba 2.2.8a release contains only updates to address this
security issue. A roll-up patch for release 2.2.7a and 2.0.10
addressing both CAN-2003-0201 and CAN-2003-0085 can be obtained
from http://www.samba.org/samba/ftp/patches/security/.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/
iD8DBQE+kWjmIR7qMdg1EfYRAgJXAKCFXWq0lMKStlsIXBZohdqJQnzmQQCgnmgx
S0bz5z81vQCQMkKFzENtXpU=
=1LJQ
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
This alert is provided as a service to AusCERT's members. As AusCERT did
not write the document quoted above, AusCERT has had no control over its
content. The decision to use any or all of this information is the
responsibility of each user or organisation, and should be done so in
accordance with site policies and procedures.
NOTE: This is only the original release of the alert. It may not be
updated when updates to the original are made. If downloading at a later
date, it is recommended that the alert is retrieved directly from the
author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the alert above. If you have any questions or need further information,
please contact them directly.
Previous advisories, alerts and external security bulletins can be
retrieved from:
http://www.auscert.org.au/render.html?cid=1977
If you believe that your system has been compromised, contact AusCERT or
your representative in FIRST (Forum of Incident Response and Security
Teams).
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business
hours which are GMT+10:00 (AEST). On call after hours
for member emergencies only.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBPpKqpSh9+71yA2DNAQF/hAP/femokw8rFrXYXH5ahBHXz6adb1NtjVcu
lI36eB+bsX7FB8E/nqLO+LUkO8LRp7UZ5QZ2XjUpHIBDS5TNJvlj8s96a3L9aRdm
/o1PHQvCNM8JCeHbQ3CG0cyIvSTs2FnF4Rxum4qhYO1DnGGn8rUgBPXSqmQNaGcL
PiX1PQcivmE=
=vH7B
-----END PGP SIGNATURE-----
|