__________________________________________________________ The U.S. Department of Energy Computer Incident Advisory Capability ___ __ __ _ ___ / | /_\ / \___ __|__ / \ \___ __________________________________________________________ INFORMATION BULLETIN Samba Security Update [Red Hat RHSA:2007:0354-4] May 14, 2007 18:00 GMT Number R-240 [REVISED 17 May 2007] [REVISED 7 June 2007] [REVISED 31 Jul 2007] ______________________________________________________________________________ PROBLEM: Various bugs were found in NDR parsing, used to decode MS-RPC requests in Samba and unescaped user input parameters were being passed as arguments to /bin/sh. PLATFORM: Red Hat Desktop (v. 3, v. 4) Red Hat Enterprise Linux (v. 5 server) Red Hat Enterprise Linux AS, ES, WS (v. 2.1, v. 3, v. 4) Red Hat Enterprise Linux Desktop (v. 5 client) Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor Debian GNU/Linux 4.0 (etch) HP-UX B.11.11, B.11.23, B.11.31 running CIFS Server (Samba) A.02.01, A.02.01.01, A.02.01.02, A02.02, A.02.02.01, A02.02.02, A.02.03, A.02.03.01 SGI Advanced Linux Environment 3 ProPack 3 DAMAGE: A remote attacker could have sent carefuly crafted requests causing a heap overflow, which may lead to the ability to execute arbitrary code on the server. SOLUTION: Upgrade to the appropriate version. ______________________________________________________________________________ VULNERABILITY The risk is MEDIUM. A remote attacker could have sent carefuly ASSESSMENT: crafted requests causing a heap overflow, which may lead to the ability to execute arbitrary code on the server. ______________________________________________________________________________ LINKS: CIAC BULLETIN: http://www.ciac.org/ciac/bulletins/r-240.shtml ORIGINAL BULLETIN: https://rhn.redhat.com/errata/RHSA-2007-0354.html ADDITIONAL LINKS: http://www.debian.org/security/2007/dsa-1291 Visit Hewlett-Packard's Subscription Service for: HPSBUX02218 SSRT071424 rev. 1 SGI Security Advisory 20070502-01-P Security Update #75 http://www.sgi.com/support/security/advisories.html CVE: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2007-2446 CVE-2007-2447 ______________________________________________________________________________ REVISION HISTORY: 05/17/2007 - revised R-240 to add a link to Debian Security Advisory DSA-1291-1 for Debian GNU/Linux 4.0 (etch). 06/07/2007 - revised R-240 to add a link to Hewlett-Packard's Subscription Service for HPSBUX02218 SSRT071424 rev. 1 for HP-UX B.11.11, B.11.23, B.11.31 running CIFS Server (Samba) A.02.01, A.02.01.01, A.02.01.02, A02.02, A.02.02.01, A02.02.02, A.02.03, A.02.03.01. 07/31/2007 - revised R-240 to add a link to SGI Security Advisory 20070502-01-P for SGI Advanced Linux Environment 3 ProPack 3. [***** Start Red Hat RHSA:2007:0354-4 *****] Critical: samba security update Advisory: RHSA-2007:0354-4 Type: Security Advisory Severity: Critical Issued on: 2007-05-14 Last updated on: 2007-05-14 Affected Products: Red Hat Desktop (v. 3) Red Hat Desktop (v. 4) Red Hat Enterprise Linux (v. 5 server) Red Hat Enterprise Linux AS (v. 2.1) Red Hat Enterprise Linux AS (v. 3) Red Hat Enterprise Linux AS (v. 4) Red Hat Enterprise Linux Desktop (v. 5 client) Red Hat Enterprise Linux ES (v. 2.1) Red Hat Enterprise Linux ES (v. 3) Red Hat Enterprise Linux ES (v. 4) Red Hat Enterprise Linux WS (v. 2.1) Red Hat Enterprise Linux WS (v. 3) Red Hat Enterprise Linux WS (v. 4) Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor OVAL: com.redhat.rhsa-20070354.xml CVEs (cve.mitre.org): CVE-2007-2446 CVE-2007-2447 Details Updated samba packages that fix several security flaws are now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. Samba provides file and printer sharing services to SMB/CIFS clients. Various bugs were found in NDR parsing, used to decode MS-RPC requests in Samba. A remote attacker could have sent carefully crafted requests causing a heap overflow, which may have led to the ability to execute arbitrary code on the server. (CVE-2007-2446) Unescaped user input parameters were being passed as arguments to /bin/sh. A remote, authenticated, user could have triggered this flaw and executed arbitrary code on the server. Additionally, on Red Hat Enterprise Linux 5 only, this flaw could be triggered by a remote unauthenticated user if Samba was configured to use the non-default "username map script" option. (CVE-2007-2447) Users of Samba should upgrade to these packages, which contain backported patches to correct these issues. After upgrading, Samba should be restarted using "service smb restart" On Red Hat Enterprise Linux 5 the impact of these issues is reduced as Samba is constrained by the default SELinux "targeted" policy. Red Hat would like to thank the Samba developers, TippingPoint, and iDefense for reporting these issues. Solution Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 Updated packages Red Hat Desktop (v. 3) -------------------------------------------------------------------------------- SRPMS: samba-3.0.9-1.3E.13.2.src.rpm 982e42d0f127c1e2a51d359bf2aab510 IA-32: samba-3.0.9-1.3E.13.2.i386.rpm e7d437d661d77847244374ce573d07b3 samba-client-3.0.9-1.3E.13.2.i386.rpm 30e1deb7d2727a12096470d9b10a7b60 samba-common-3.0.9-1.3E.13.2.i386.rpm 7e20b7db536c690a54e401e5005cba5e samba-swat-3.0.9-1.3E.13.2.i386.rpm 2342172df01567e08801116e47a40af2 x86_64: samba-3.0.9-1.3E.13.2.i386.rpm e7d437d661d77847244374ce573d07b3 samba-3.0.9-1.3E.13.2.x86_64.rpm 4a46067c8dff497d69702c7eda0cbe05 samba-client-3.0.9-1.3E.13.2.x86_64.rpm 65b901c4b299ecfbad96aa0d6b0da3ad samba-common-3.0.9-1.3E.13.2.i386.rpm 7e20b7db536c690a54e401e5005cba5e samba-common-3.0.9-1.3E.13.2.x86_64.rpm b1ad6c4b6b2432f85881dd9ef60da038 samba-swat-3.0.9-1.3E.13.2.x86_64.rpm 749a56352137efe67190f48130c635b4 Red Hat Desktop (v. 4) -------------------------------------------------------------------------------- SRPMS: samba-3.0.10-1.4E.12.2.src.rpm b90a07617c1ae7cda06c8fd1c401a86b IA-32: samba-3.0.10-1.4E.12.2.i386.rpm 7435378a0da4e6fefc25cd32ca98c420 samba-client-3.0.10-1.4E.12.2.i386.rpm e02a0419ba712c830966251f1aefab87 samba-common-3.0.10-1.4E.12.2.i386.rpm 0882e627ac4726f3721413f7ac39ad16 samba-swat-3.0.10-1.4E.12.2.i386.rpm 68f98ab48675522470b57016d8b1083d x86_64: samba-3.0.10-1.4E.12.2.x86_64.rpm aac9eddb33bf62ea02eca4d62a81ea83 samba-client-3.0.10-1.4E.12.2.x86_64.rpm 22ab3dfa5a8ef4856aa44e303d55432c samba-common-3.0.10-1.4E.12.2.i386.rpm 0882e627ac4726f3721413f7ac39ad16 samba-common-3.0.10-1.4E.12.2.x86_64.rpm 106c787142b47e414f6407ca157900e7 samba-swat-3.0.10-1.4E.12.2.x86_64.rpm b41891d4abe6ca0a83397f58aba9227c Red Hat Enterprise Linux (v. 5 server) -------------------------------------------------------------------------------- SRPMS: samba-3.0.23c-2.el5.2.0.2.src.rpm 8e1a296d8566dae75e8d40aa0160d5f2 IA-32: samba-3.0.23c-2.el5.2.0.2.i386.rpm cef591be0ed9983a5dde43783de017a2 samba-client-3.0.23c-2.el5.2.0.2.i386.rpm 9e5cc687c3fb11f45fbe1dbdb71406e6 samba-common-3.0.23c-2.el5.2.0.2.i386.rpm b54f4204f604bbf9c9b6b0526b4ae7d5 samba-swat-3.0.23c-2.el5.2.0.2.i386.rpm 31cdf6cd059cd109cfdaa634b3f0bfa8 IA-64: samba-3.0.23c-2.el5.2.0.2.ia64.rpm 6640df487d950057b887e4e525a5b150 samba-client-3.0.23c-2.el5.2.0.2.ia64.rpm 18095e583ad32c0ec96cff89ddd64a8a samba-common-3.0.23c-2.el5.2.0.2.ia64.rpm e1743d2bdb09e388afb2e93a37f08958 samba-swat-3.0.23c-2.el5.2.0.2.ia64.rpm 6b5267744596369b64bfcb335d05b6ac PPC: samba-3.0.23c-2.el5.2.0.2.ppc.rpm bcc392ea02e385e96963d64ee6c63fde samba-client-3.0.23c-2.el5.2.0.2.ppc.rpm b7e67ddb5b60c0fb76b5a97f7b869162 samba-common-3.0.23c-2.el5.2.0.2.ppc.rpm b61cfc322dfa21df175fdc370f103663 samba-common-3.0.23c-2.el5.2.0.2.ppc64.rpm 2bb447da9c6114947e229f98ea558900 samba-swat-3.0.23c-2.el5.2.0.2.ppc.rpm 43f487065627e1e120d3f2dc7fdb98fb s390x: samba-3.0.23c-2.el5.2.0.2.s390x.rpm 3d48ed61ab7abd6181f9e822b1d58ea4 samba-client-3.0.23c-2.el5.2.0.2.s390x.rpm fab37746befc18a39d84baf089b19301 samba-common-3.0.23c-2.el5.2.0.2.s390.rpm ff2d26620f467b4a9b02d69fae96c0f6 samba-common-3.0.23c-2.el5.2.0.2.s390x.rpm f275e639f20e64b507b45e6efd09ea42 samba-swat-3.0.23c-2.el5.2.0.2.s390x.rpm 44dc729eb4fe39d229caeb2f944f7a62 x86_64: samba-3.0.23c-2.el5.2.0.2.x86_64.rpm 733a8c0a9faeb09cc4916d8fa0353d4b samba-client-3.0.23c-2.el5.2.0.2.x86_64.rpm 1830a5c21f9c53c5e8896d4a127ec269 samba-common-3.0.23c-2.el5.2.0.2.i386.rpm b54f4204f604bbf9c9b6b0526b4ae7d5 samba-common-3.0.23c-2.el5.2.0.2.x86_64.rpm bfb1b87a4a5ab783801e6c683ce9c133 samba-swat-3.0.23c-2.el5.2.0.2.x86_64.rpm 20d6e756463ee11f7cbe3dee32fcb6ae Red Hat Enterprise Linux AS (v. 2.1) -------------------------------------------------------------------------------- SRPMS: samba-2.2.12-1.21as.6.src.rpm 3dfaf7633c62096cbb6b2ea451e07ae6 IA-32: samba-2.2.12-1.21as.6.i386.rpm a415e4bdc305d9c7fcba11177ed861bf samba-client-2.2.12-1.21as.6.i386.rpm 06339ca7476307923876bbb03636d90e samba-common-2.2.12-1.21as.6.i386.rpm add417c22d3c32f7f0bca5b4802b271f samba-swat-2.2.12-1.21as.6.i386.rpm 11d506ca65afbefc0420f3b9a5783814 IA-64: samba-2.2.12-1.21as.6.ia64.rpm 31b637a6d25ad619ba102eae0ccf8620 samba-client-2.2.12-1.21as.6.ia64.rpm a792f93ff1dc9bfc4b25381c82e0a616 samba-common-2.2.12-1.21as.6.ia64.rpm b0d16af096ad65ab617c45389beeead9 samba-swat-2.2.12-1.21as.6.ia64.rpm b17ddf7b5166243eb27c5604cff68865 Red Hat Enterprise Linux AS (v. 3) -------------------------------------------------------------------------------- SRPMS: samba-3.0.9-1.3E.13.2.src.rpm 982e42d0f127c1e2a51d359bf2aab510 IA-32: samba-3.0.9-1.3E.13.2.i386.rpm e7d437d661d77847244374ce573d07b3 samba-client-3.0.9-1.3E.13.2.i386.rpm 30e1deb7d2727a12096470d9b10a7b60 samba-common-3.0.9-1.3E.13.2.i386.rpm 7e20b7db536c690a54e401e5005cba5e samba-swat-3.0.9-1.3E.13.2.i386.rpm 2342172df01567e08801116e47a40af2 IA-64: samba-3.0.9-1.3E.13.2.i386.rpm e7d437d661d77847244374ce573d07b3 samba-3.0.9-1.3E.13.2.ia64.rpm 22b67ca839e791b2e07468263735f8fd samba-client-3.0.9-1.3E.13.2.ia64.rpm cf874463566fd13e9d4aa6729cce2043 samba-common-3.0.9-1.3E.13.2.i386.rpm 7e20b7db536c690a54e401e5005cba5e samba-common-3.0.9-1.3E.13.2.ia64.rpm 4e9b9fb15d8abba2321de71ee427fd88 samba-swat-3.0.9-1.3E.13.2.ia64.rpm 8c87ed3ff37761ad1f7bdffd66b198e5 PPC: samba-3.0.9-1.3E.13.2.ppc.rpm d0661ecfb5092640163dff73891bd0fb samba-3.0.9-1.3E.13.2.ppc64.rpm dc4a9e46c05759f0790144e74f9e33cd samba-client-3.0.9-1.3E.13.2.ppc.rpm 1758164debb7f5619dbd31e27b6b6cb5 samba-common-3.0.9-1.3E.13.2.ppc.rpm 09fa501fb3cbe8cb5901d60d462f3927 samba-common-3.0.9-1.3E.13.2.ppc64.rpm b139b2bc06b4c92f2d9e26c73b361808 samba-swat-3.0.9-1.3E.13.2.ppc.rpm 09cedbea1906793f1650e70b05419ba5 s390: samba-3.0.9-1.3E.13.2.s390.rpm a573e76901daef88fa517644b6eebb92 samba-client-3.0.9-1.3E.13.2.s390.rpm 79fbe78c8d4c284039bf7846a023ff41 samba-common-3.0.9-1.3E.13.2.s390.rpm bc29c638d1e9c259f081dbcd6a2b7f0d samba-swat-3.0.9-1.3E.13.2.s390.rpm 745225a518433d724587804f267af965 s390x: samba-3.0.9-1.3E.13.2.s390.rpm a573e76901daef88fa517644b6eebb92 samba-3.0.9-1.3E.13.2.s390x.rpm 7857d7198569f87fd0aca61fbf7c6bf4 samba-client-3.0.9-1.3E.13.2.s390x.rpm 7ab798f87136f8c9d2faeedd9ee82c43 samba-common-3.0.9-1.3E.13.2.s390.rpm bc29c638d1e9c259f081dbcd6a2b7f0d samba-common-3.0.9-1.3E.13.2.s390x.rpm a79979f7c402fd74c080282b1f6736e8 samba-swat-3.0.9-1.3E.13.2.s390x.rpm df29535bfafaa3add4f6250769498d83 x86_64: samba-3.0.9-1.3E.13.2.i386.rpm e7d437d661d77847244374ce573d07b3 samba-3.0.9-1.3E.13.2.x86_64.rpm 4a46067c8dff497d69702c7eda0cbe05 samba-client-3.0.9-1.3E.13.2.x86_64.rpm 65b901c4b299ecfbad96aa0d6b0da3ad samba-common-3.0.9-1.3E.13.2.i386.rpm 7e20b7db536c690a54e401e5005cba5e samba-common-3.0.9-1.3E.13.2.x86_64.rpm b1ad6c4b6b2432f85881dd9ef60da038 samba-swat-3.0.9-1.3E.13.2.x86_64.rpm 749a56352137efe67190f48130c635b4 Red Hat Enterprise Linux AS (v. 4) -------------------------------------------------------------------------------- SRPMS: samba-3.0.10-1.4E.12.2.src.rpm b90a07617c1ae7cda06c8fd1c401a86b IA-32: samba-3.0.10-1.4E.12.2.i386.rpm 7435378a0da4e6fefc25cd32ca98c420 samba-client-3.0.10-1.4E.12.2.i386.rpm e02a0419ba712c830966251f1aefab87 samba-common-3.0.10-1.4E.12.2.i386.rpm 0882e627ac4726f3721413f7ac39ad16 samba-swat-3.0.10-1.4E.12.2.i386.rpm 68f98ab48675522470b57016d8b1083d IA-64: samba-3.0.10-1.4E.12.2.ia64.rpm 17b7cca2b119f3ebb8021e9a6ecd1c38 samba-client-3.0.10-1.4E.12.2.ia64.rpm 021be072613b0e6e4b16adf989c96ffe samba-common-3.0.10-1.4E.12.2.i386.rpm 0882e627ac4726f3721413f7ac39ad16 samba-common-3.0.10-1.4E.12.2.ia64.rpm e33573d0319519c0e132f8d215eb5586 samba-swat-3.0.10-1.4E.12.2.ia64.rpm ae50702e239296a7c569307f45bbf62c PPC: samba-3.0.10-1.4E.12.2.ppc.rpm 17d3e7bd2f1e31f50bd182da04e6d35d samba-client-3.0.10-1.4E.12.2.ppc.rpm c2ca3fa1e06b6b087bc966e2f646478d samba-common-3.0.10-1.4E.12.2.ppc.rpm e3c3659c1c0e4b753084d5d407e0432d samba-common-3.0.10-1.4E.12.2.ppc64.rpm 197cbae8c03bdcb90b088429f6bfd267 samba-swat-3.0.10-1.4E.12.2.ppc.rpm a4303d4df84d5418e21cb66ddf0defbe s390: samba-3.0.10-1.4E.12.2.s390.rpm e378501ed9bc2cf94c7a407033f8c634 samba-client-3.0.10-1.4E.12.2.s390.rpm f8acfc278298f8f04773dd2f25736480 samba-common-3.0.10-1.4E.12.2.s390.rpm 43b55dfa0205315a8ebf227c7878279e samba-swat-3.0.10-1.4E.12.2.s390.rpm 03d7eb03d1dcf3f576135f6875544f04 s390x: samba-3.0.10-1.4E.12.2.s390x.rpm fd9d9175143671e65d76a155b2994948 samba-client-3.0.10-1.4E.12.2.s390x.rpm fcf6be6e4caa35ace28417efa475a200 samba-common-3.0.10-1.4E.12.2.s390.rpm 43b55dfa0205315a8ebf227c7878279e samba-common-3.0.10-1.4E.12.2.s390x.rpm 6676694e961d18f45bde34fb6ccadb0d samba-swat-3.0.10-1.4E.12.2.s390x.rpm b8b4f91c8675f1dea90d8aadf59b977f x86_64: samba-3.0.10-1.4E.12.2.x86_64.rpm aac9eddb33bf62ea02eca4d62a81ea83 samba-client-3.0.10-1.4E.12.2.x86_64.rpm 22ab3dfa5a8ef4856aa44e303d55432c samba-common-3.0.10-1.4E.12.2.i386.rpm 0882e627ac4726f3721413f7ac39ad16 samba-common-3.0.10-1.4E.12.2.x86_64.rpm 106c787142b47e414f6407ca157900e7 samba-swat-3.0.10-1.4E.12.2.x86_64.rpm b41891d4abe6ca0a83397f58aba9227c Red Hat Enterprise Linux Desktop (v. 5 client) -------------------------------------------------------------------------------- SRPMS: samba-3.0.23c-2.el5.2.0.2.src.rpm 8e1a296d8566dae75e8d40aa0160d5f2 IA-32: samba-3.0.23c-2.el5.2.0.2.i386.rpm cef591be0ed9983a5dde43783de017a2 samba-client-3.0.23c-2.el5.2.0.2.i386.rpm 9e5cc687c3fb11f45fbe1dbdb71406e6 samba-common-3.0.23c-2.el5.2.0.2.i386.rpm b54f4204f604bbf9c9b6b0526b4ae7d5 samba-swat-3.0.23c-2.el5.2.0.2.i386.rpm 31cdf6cd059cd109cfdaa634b3f0bfa8 x86_64: samba-3.0.23c-2.el5.2.0.2.x86_64.rpm 733a8c0a9faeb09cc4916d8fa0353d4b samba-client-3.0.23c-2.el5.2.0.2.x86_64.rpm 1830a5c21f9c53c5e8896d4a127ec269 samba-common-3.0.23c-2.el5.2.0.2.i386.rpm b54f4204f604bbf9c9b6b0526b4ae7d5 samba-common-3.0.23c-2.el5.2.0.2.x86_64.rpm bfb1b87a4a5ab783801e6c683ce9c133 samba-swat-3.0.23c-2.el5.2.0.2.x86_64.rpm 20d6e756463ee11f7cbe3dee32fcb6ae Red Hat Enterprise Linux ES (v. 2.1) -------------------------------------------------------------------------------- SRPMS: samba-2.2.12-1.21as.6.src.rpm 3dfaf7633c62096cbb6b2ea451e07ae6 IA-32: samba-2.2.12-1.21as.6.i386.rpm a415e4bdc305d9c7fcba11177ed861bf samba-client-2.2.12-1.21as.6.i386.rpm 06339ca7476307923876bbb03636d90e samba-common-2.2.12-1.21as.6.i386.rpm add417c22d3c32f7f0bca5b4802b271f samba-swat-2.2.12-1.21as.6.i386.rpm 11d506ca65afbefc0420f3b9a5783814 Red Hat Enterprise Linux ES (v. 3) -------------------------------------------------------------------------------- SRPMS: samba-3.0.9-1.3E.13.2.src.rpm 982e42d0f127c1e2a51d359bf2aab510 IA-32: samba-3.0.9-1.3E.13.2.i386.rpm e7d437d661d77847244374ce573d07b3 samba-client-3.0.9-1.3E.13.2.i386.rpm 30e1deb7d2727a12096470d9b10a7b60 samba-common-3.0.9-1.3E.13.2.i386.rpm 7e20b7db536c690a54e401e5005cba5e samba-swat-3.0.9-1.3E.13.2.i386.rpm 2342172df01567e08801116e47a40af2 IA-64: samba-3.0.9-1.3E.13.2.i386.rpm e7d437d661d77847244374ce573d07b3 samba-3.0.9-1.3E.13.2.ia64.rpm 22b67ca839e791b2e07468263735f8fd samba-client-3.0.9-1.3E.13.2.ia64.rpm cf874463566fd13e9d4aa6729cce2043 samba-common-3.0.9-1.3E.13.2.i386.rpm 7e20b7db536c690a54e401e5005cba5e samba-common-3.0.9-1.3E.13.2.ia64.rpm 4e9b9fb15d8abba2321de71ee427fd88 samba-swat-3.0.9-1.3E.13.2.ia64.rpm 8c87ed3ff37761ad1f7bdffd66b198e5 x86_64: samba-3.0.9-1.3E.13.2.i386.rpm e7d437d661d77847244374ce573d07b3 samba-3.0.9-1.3E.13.2.x86_64.rpm 4a46067c8dff497d69702c7eda0cbe05 samba-client-3.0.9-1.3E.13.2.x86_64.rpm 65b901c4b299ecfbad96aa0d6b0da3ad samba-common-3.0.9-1.3E.13.2.i386.rpm 7e20b7db536c690a54e401e5005cba5e samba-common-3.0.9-1.3E.13.2.x86_64.rpm b1ad6c4b6b2432f85881dd9ef60da038 samba-swat-3.0.9-1.3E.13.2.x86_64.rpm 749a56352137efe67190f48130c635b4 Red Hat Enterprise Linux ES (v. 4) -------------------------------------------------------------------------------- SRPMS: samba-3.0.10-1.4E.12.2.src.rpm b90a07617c1ae7cda06c8fd1c401a86b IA-32: samba-3.0.10-1.4E.12.2.i386.rpm 7435378a0da4e6fefc25cd32ca98c420 samba-client-3.0.10-1.4E.12.2.i386.rpm e02a0419ba712c830966251f1aefab87 samba-common-3.0.10-1.4E.12.2.i386.rpm 0882e627ac4726f3721413f7ac39ad16 samba-swat-3.0.10-1.4E.12.2.i386.rpm 68f98ab48675522470b57016d8b1083d IA-64: samba-3.0.10-1.4E.12.2.ia64.rpm 17b7cca2b119f3ebb8021e9a6ecd1c38 samba-client-3.0.10-1.4E.12.2.ia64.rpm 021be072613b0e6e4b16adf989c96ffe samba-common-3.0.10-1.4E.12.2.i386.rpm 0882e627ac4726f3721413f7ac39ad16 samba-common-3.0.10-1.4E.12.2.ia64.rpm e33573d0319519c0e132f8d215eb5586 samba-swat-3.0.10-1.4E.12.2.ia64.rpm ae50702e239296a7c569307f45bbf62c x86_64: samba-3.0.10-1.4E.12.2.x86_64.rpm aac9eddb33bf62ea02eca4d62a81ea83 samba-client-3.0.10-1.4E.12.2.x86_64.rpm 22ab3dfa5a8ef4856aa44e303d55432c samba-common-3.0.10-1.4E.12.2.i386.rpm 0882e627ac4726f3721413f7ac39ad16 samba-common-3.0.10-1.4E.12.2.x86_64.rpm 106c787142b47e414f6407ca157900e7 samba-swat-3.0.10-1.4E.12.2.x86_64.rpm b41891d4abe6ca0a83397f58aba9227c Red Hat Enterprise Linux WS (v. 2.1) -------------------------------------------------------------------------------- SRPMS: samba-2.2.12-1.21as.6.src.rpm 3dfaf7633c62096cbb6b2ea451e07ae6 IA-32: samba-2.2.12-1.21as.6.i386.rpm a415e4bdc305d9c7fcba11177ed861bf samba-client-2.2.12-1.21as.6.i386.rpm 06339ca7476307923876bbb03636d90e samba-common-2.2.12-1.21as.6.i386.rpm add417c22d3c32f7f0bca5b4802b271f samba-swat-2.2.12-1.21as.6.i386.rpm 11d506ca65afbefc0420f3b9a5783814 Red Hat Enterprise Linux WS (v. 3) -------------------------------------------------------------------------------- SRPMS: samba-3.0.9-1.3E.13.2.src.rpm 982e42d0f127c1e2a51d359bf2aab510 IA-32: samba-3.0.9-1.3E.13.2.i386.rpm e7d437d661d77847244374ce573d07b3 samba-client-3.0.9-1.3E.13.2.i386.rpm 30e1deb7d2727a12096470d9b10a7b60 samba-common-3.0.9-1.3E.13.2.i386.rpm 7e20b7db536c690a54e401e5005cba5e samba-swat-3.0.9-1.3E.13.2.i386.rpm 2342172df01567e08801116e47a40af2 IA-64: samba-3.0.9-1.3E.13.2.i386.rpm e7d437d661d77847244374ce573d07b3 samba-3.0.9-1.3E.13.2.ia64.rpm 22b67ca839e791b2e07468263735f8fd samba-client-3.0.9-1.3E.13.2.ia64.rpm cf874463566fd13e9d4aa6729cce2043 samba-common-3.0.9-1.3E.13.2.i386.rpm 7e20b7db536c690a54e401e5005cba5e samba-common-3.0.9-1.3E.13.2.ia64.rpm 4e9b9fb15d8abba2321de71ee427fd88 samba-swat-3.0.9-1.3E.13.2.ia64.rpm 8c87ed3ff37761ad1f7bdffd66b198e5 x86_64: samba-3.0.9-1.3E.13.2.i386.rpm e7d437d661d77847244374ce573d07b3 samba-3.0.9-1.3E.13.2.x86_64.rpm 4a46067c8dff497d69702c7eda0cbe05 samba-client-3.0.9-1.3E.13.2.x86_64.rpm 65b901c4b299ecfbad96aa0d6b0da3ad samba-common-3.0.9-1.3E.13.2.i386.rpm 7e20b7db536c690a54e401e5005cba5e samba-common-3.0.9-1.3E.13.2.x86_64.rpm b1ad6c4b6b2432f85881dd9ef60da038 samba-swat-3.0.9-1.3E.13.2.x86_64.rpm 749a56352137efe67190f48130c635b4 Red Hat Enterprise Linux WS (v. 4) -------------------------------------------------------------------------------- SRPMS: samba-3.0.10-1.4E.12.2.src.rpm b90a07617c1ae7cda06c8fd1c401a86b IA-32: samba-3.0.10-1.4E.12.2.i386.rpm 7435378a0da4e6fefc25cd32ca98c420 samba-client-3.0.10-1.4E.12.2.i386.rpm e02a0419ba712c830966251f1aefab87 samba-common-3.0.10-1.4E.12.2.i386.rpm 0882e627ac4726f3721413f7ac39ad16 samba-swat-3.0.10-1.4E.12.2.i386.rpm 68f98ab48675522470b57016d8b1083d IA-64: samba-3.0.10-1.4E.12.2.ia64.rpm 17b7cca2b119f3ebb8021e9a6ecd1c38 samba-client-3.0.10-1.4E.12.2.ia64.rpm 021be072613b0e6e4b16adf989c96ffe samba-common-3.0.10-1.4E.12.2.i386.rpm 0882e627ac4726f3721413f7ac39ad16 samba-common-3.0.10-1.4E.12.2.ia64.rpm e33573d0319519c0e132f8d215eb5586 samba-swat-3.0.10-1.4E.12.2.ia64.rpm ae50702e239296a7c569307f45bbf62c x86_64: samba-3.0.10-1.4E.12.2.x86_64.rpm aac9eddb33bf62ea02eca4d62a81ea83 samba-client-3.0.10-1.4E.12.2.x86_64.rpm 22ab3dfa5a8ef4856aa44e303d55432c samba-common-3.0.10-1.4E.12.2.i386.rpm 0882e627ac4726f3721413f7ac39ad16 samba-common-3.0.10-1.4E.12.2.x86_64.rpm 106c787142b47e414f6407ca157900e7 samba-swat-3.0.10-1.4E.12.2.x86_64.rpm b41891d4abe6ca0a83397f58aba9227c Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor -------------------------------------------------------------------------------- SRPMS: samba-2.2.12-1.21as.6.src.rpm 3dfaf7633c62096cbb6b2ea451e07ae6 IA-64: samba-2.2.12-1.21as.6.ia64.rpm 31b637a6d25ad619ba102eae0ccf8620 samba-client-2.2.12-1.21as.6.ia64.rpm a792f93ff1dc9bfc4b25381c82e0a616 samba-common-2.2.12-1.21as.6.ia64.rpm b0d16af096ad65ab617c45389beeead9 samba-swat-2.2.12-1.21as.6.ia64.rpm b17ddf7b5166243eb27c5604cff68865 (The unlinked packages above are only available from the Red Hat Network) Bugs fixed (see bugzilla for more information) 239429 - CVE-2007-2446 samba heap overflows 239774 - CVE-2007-2447 samba code injection References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2446 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2447 http://www.samba.org/samba/security/CVE-2007-2447.html http://www.samba.org/samba/security/CVE-2007-2446.html http://www.redhat.com/security/updates/classification/#critical -------------------------------------------------------------------------------- These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from: https://www.redhat.com/security/team/key/#package The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/ [***** End Red Hat RHSA:2007:0354-4 *****] _______________________________________________________________________________ CIAC wishes to acknowledge the contributions of Red Hat for the information contained in this bulletin. _______________________________________________________________________________ CIAC, the Computer Incident Advisory Capability, is the computer security incident response team for the U.S. Department of Energy (DOE) and the emergency backup response team for the National Institutes of Health (NIH). CIAC is located at the Lawrence Livermore National Laboratory in Livermore, California. CIAC is also a founding member of FIRST, the Forum of Incident Response and Security Teams, a global organization established to foster cooperation and coordination among computer security teams worldwide. CIAC services are available to DOE, DOE contractors, and the NIH. CIAC can be contacted at: Voice: +1 925-422-8193 (7x24) FAX: +1 925-423-8002 STU-III: +1 925-423-2604 E-mail: ciac@ciac.org Previous CIAC notices, anti-virus software, and other information are available from the CIAC Computer Security Archive. World Wide Web: http://www.ciac.org/ Anonymous FTP: ftp.ciac.org PLEASE NOTE: Many users outside of the DOE, ESnet, and NIH computing communities receive CIAC bulletins. If you are not part of these communities, please contact your agency's response team to report incidents. Your agency's team will coordinate with CIAC. The Forum of Incident Response and Security Teams (FIRST) is a world-wide organization. A list of FIRST member organizations and their constituencies can be obtained via WWW at http://www.first.org/. This document was prepared as an account of work sponsored by an agency of the United States Government. Neither the United States Government nor the University of California nor any of their employees, makes any warranty, express or implied, or assumes any legal liability or responsibility for the accuracy, completeness, or usefulness of any information, apparatus, product, or process disclosed, or represents that its use would not infringe privately owned rights. Reference herein to any specific commercial products, process, or service by trade name, trademark, manufacturer, or otherwise, does not necessarily constitute or imply its endorsement, recommendation or favoring by the United States Government or the University of California. The views and opinions of authors expressed herein do not necessarily state or reflect those of the United States Government or the University of California, and shall not be used for advertising or product endorsement purposes. LAST 10 CIAC BULLETINS ISSUED (Previous bulletins available from CIAC) R-230: Vulnerabilities in Microsoft Excel (934233) R-231: Vulnerabilities in Microsoft Word R-232: Vulnerability in Microsoft Office R-233: Cumulative Security Update for Internet Explorer R-234: Vulnerability in CAPICOM R-235: PHP Security Update R-236: ldap-account-manager-- multiple vulnerabilities R-237: Trend Micro ServerProtect EarthAgent Vulnerability R-238: VIM Security Update R-239: Multiple Vulnerabilities in the IOS FTP Server