Security Advisory samba security update

Advisory: RHSA-2004:064-11
Type: Security Advisory
Severity: Low
Issued on: 2004-05-21
Last updated on: 2004-05-21
Affected Products: Red Hat Desktop (v. 3)
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux WS (v. 3)
OVAL: N/A
CVEs (cve.mitre.org): CVE-2004-0082

Details

Updated Samba packages that fix a security vulnerability are now available.

Samba provides file and printer sharing services to SMB/CIFS clients.

The Samba team discovered an issue that affects version 3.0.0 and 3.0.1 of
Samba. If an account for a user is created, but marked as disabled using
the mksmbpasswd script, it is possible for Samba to overwrite the user's
password with the contents of an uninitialized buffer. This might lead to
a disabled account becoming enabled with a password that could be guessed
by an attacker.

Although this is likely to be a low risk issue for most Samba users, we
have provided updated packages, which contain a backported patch correcting
this issue.

Red Hat would like to thank the Samba team for reporting this issue and
providing us with a patch.

Note: Due to a packaging error in samba-3.0.0-14.3E, the winbind daemon is
not automatically restarted when the Samba package is upgraded. After
up2date has installed the samba-3.0.2-4.3E packages, you must run
"/sbin/service winbind condrestart" as root to restart the winbind daemon.


Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade. Only those
RPMs which are currently installed will be updated. Those RPMs which are
not installed but included in the list will not be updated. Note that you
can also use wildcards (*.rpm) if your current directory *only* contains the
desired RPMs.

Please note that this update is also available via Red Hat Network. Many
people find this an easier way to apply updates. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

Updated packages

Red Hat Desktop (v. 3)
SRPMS:
samba-3.0.2-6.3E.src.rpm
File outdated by:  RHSA-2009:1528		     d80573d81d2e839ff95d6b2be63837be
 
IA-32:
samba-3.0.2-6.3E.i386.rpm
File outdated by:  RHSA-2009:1528		     4894f9fa9e46dfc0e4d59c27c569a4c2
samba-client-3.0.2-6.3E.i386.rpm
File outdated by:  RHSA-2009:1528		     95796c3368430ba3893551699f9c5834
samba-common-3.0.2-6.3E.i386.rpm
File outdated by:  RHSA-2009:1528		     2306521c559190833b067585ac315945
samba-swat-3.0.2-6.3E.i386.rpm
File outdated by:  RHSA-2009:1528		     90b778d53802ab039c1f18fd0aa64083
 
x86_64:
samba-3.0.2-6.3E.i386.rpm
File outdated by:  RHSA-2009:1528		     4894f9fa9e46dfc0e4d59c27c569a4c2
samba-3.0.2-6.3E.x86_64.rpm
File outdated by:  RHSA-2009:1528		     df382357df3280a33d9586025138d3a0
samba-client-3.0.2-6.3E.x86_64.rpm
File outdated by:  RHSA-2009:1528		     44e7c0335c0021d3a23f6102ebd3acb3
samba-common-3.0.2-6.3E.x86_64.rpm
File outdated by:  RHSA-2009:1528		     ee2ee02f6421e3d08ef9e75f9c5f7392
samba-swat-3.0.2-6.3E.x86_64.rpm
File outdated by:  RHSA-2009:1528		     3cf5454d6c959e3fabcbaf74f69afc0f
 
Red Hat Enterprise Linux AS (v. 3)
SRPMS:
samba-3.0.2-6.3E.src.rpm
File outdated by:  RHSA-2009:1528		     d80573d81d2e839ff95d6b2be63837be
 
IA-32:
samba-3.0.2-6.3E.i386.rpm
File outdated by:  RHSA-2009:1528		     4894f9fa9e46dfc0e4d59c27c569a4c2
samba-client-3.0.2-6.3E.i386.rpm
File outdated by:  RHSA-2009:1528		     95796c3368430ba3893551699f9c5834
samba-common-3.0.2-6.3E.i386.rpm
File outdated by:  RHSA-2009:1528		     2306521c559190833b067585ac315945
samba-swat-3.0.2-6.3E.i386.rpm
File outdated by:  RHSA-2009:1528		     90b778d53802ab039c1f18fd0aa64083
 
IA-64:
samba-3.0.2-6.3E.ia64.rpm
File outdated by:  RHSA-2009:1528		     b80cddc956ed6f5ad59043366a41bc4f
samba-client-3.0.2-6.3E.ia64.rpm
File outdated by:  RHSA-2009:1528		     a7c2f086eccd48ff31ab2b9c75a767f3
samba-common-3.0.2-6.3E.ia64.rpm
File outdated by:  RHSA-2009:1528		     9610be71c8d32a75d989d2b528b96d18
samba-swat-3.0.2-6.3E.ia64.rpm
File outdated by:  RHSA-2009:1528		     a13f133ace1afad2a6921d8b9e1883af
 
PPC:
samba-3.0.2-6.3E.ppc.rpm
File outdated by:  RHSA-2009:1528		     203365f82bb7992916661bdb1aeb857d
samba-3.0.2-6.3E.ppc64.rpm
File outdated by:  RHSA-2009:1528		     24e48c200f963a688b098649a64a32bf
samba-client-3.0.2-6.3E.ppc.rpm
File outdated by:  RHSA-2009:1528		     eb79808dbb47e491ff9d18defccda118
samba-common-3.0.2-6.3E.ppc.rpm
File outdated by:  RHSA-2009:1528		     617b3c631fc76575af934245e6635f3d
samba-swat-3.0.2-6.3E.ppc.rpm
File outdated by:  RHSA-2009:1528		     391ba4ffc0fbc242b14facdec568a558
 
s390:
samba-3.0.2-6.3E.s390.rpm
File outdated by:  RHSA-2009:1528		     43f9d50ff38ad6818276f958face9996
samba-client-3.0.2-6.3E.s390.rpm
File outdated by:  RHSA-2009:1528		     cc15a68397c220b763091f8c2da677d0
samba-common-3.0.2-6.3E.s390.rpm
File outdated by:  RHSA-2009:1528		     794f3e221a7e767248077ea33025a28d
samba-swat-3.0.2-6.3E.s390.rpm
File outdated by:  RHSA-2009:1528		     766d56a66ee1e3ad920bc4af61784265
 
s390x:
samba-3.0.2-6.3E.s390.rpm
File outdated by:  RHSA-2009:1528		     43f9d50ff38ad6818276f958face9996
samba-3.0.2-6.3E.s390x.rpm
File outdated by:  RHSA-2009:1528		     2efbf724256045ca176310523163cdd5
samba-client-3.0.2-6.3E.s390x.rpm
File outdated by:  RHSA-2009:1528		     1a47701428c8eacd7bf45603c8902e0a
samba-common-3.0.2-6.3E.s390x.rpm
File outdated by:  RHSA-2009:1528		     8d22e6863316410073b26a295c19a769
samba-swat-3.0.2-6.3E.s390x.rpm
File outdated by:  RHSA-2009:1528		     6ba3fd33c327bf348910bb8042188a4e
 
x86_64:
samba-3.0.2-6.3E.i386.rpm
File outdated by:  RHSA-2009:1528		     4894f9fa9e46dfc0e4d59c27c569a4c2
samba-3.0.2-6.3E.x86_64.rpm
File outdated by:  RHSA-2009:1528		     df382357df3280a33d9586025138d3a0
samba-client-3.0.2-6.3E.x86_64.rpm
File outdated by:  RHSA-2009:1528		     44e7c0335c0021d3a23f6102ebd3acb3
samba-common-3.0.2-6.3E.x86_64.rpm
File outdated by:  RHSA-2009:1528		     ee2ee02f6421e3d08ef9e75f9c5f7392
samba-swat-3.0.2-6.3E.x86_64.rpm
File outdated by:  RHSA-2009:1528		     3cf5454d6c959e3fabcbaf74f69afc0f
 
Red Hat Enterprise Linux ES (v. 3)
SRPMS:
samba-3.0.2-6.3E.src.rpm
File outdated by:  RHSA-2009:1528		     d80573d81d2e839ff95d6b2be63837be
 
IA-32:
samba-3.0.2-6.3E.i386.rpm
File outdated by:  RHSA-2009:1528		     4894f9fa9e46dfc0e4d59c27c569a4c2
samba-client-3.0.2-6.3E.i386.rpm
File outdated by:  RHSA-2009:1528		     95796c3368430ba3893551699f9c5834
samba-common-3.0.2-6.3E.i386.rpm
File outdated by:  RHSA-2009:1528		     2306521c559190833b067585ac315945
samba-swat-3.0.2-6.3E.i386.rpm
File outdated by:  RHSA-2009:1528		     90b778d53802ab039c1f18fd0aa64083
 
IA-64:
samba-3.0.2-6.3E.ia64.rpm
File outdated by:  RHSA-2009:1528		     b80cddc956ed6f5ad59043366a41bc4f
samba-client-3.0.2-6.3E.ia64.rpm
File outdated by:  RHSA-2009:1528		     a7c2f086eccd48ff31ab2b9c75a767f3
samba-common-3.0.2-6.3E.ia64.rpm
File outdated by:  RHSA-2009:1528		     9610be71c8d32a75d989d2b528b96d18
samba-swat-3.0.2-6.3E.ia64.rpm
File outdated by:  RHSA-2009:1528		     a13f133ace1afad2a6921d8b9e1883af
 
x86_64:
samba-3.0.2-6.3E.i386.rpm
File outdated by:  RHSA-2009:1528		     4894f9fa9e46dfc0e4d59c27c569a4c2
samba-3.0.2-6.3E.x86_64.rpm
File outdated by:  RHSA-2009:1528		     df382357df3280a33d9586025138d3a0
samba-client-3.0.2-6.3E.x86_64.rpm
File outdated by:  RHSA-2009:1528		     44e7c0335c0021d3a23f6102ebd3acb3
samba-common-3.0.2-6.3E.x86_64.rpm
File outdated by:  RHSA-2009:1528		     ee2ee02f6421e3d08ef9e75f9c5f7392
samba-swat-3.0.2-6.3E.x86_64.rpm
File outdated by:  RHSA-2009:1528		     3cf5454d6c959e3fabcbaf74f69afc0f
 
Red Hat Enterprise Linux WS (v. 3)
SRPMS:
samba-3.0.2-6.3E.src.rpm
File outdated by:  RHSA-2009:1528		     d80573d81d2e839ff95d6b2be63837be
 
IA-32:
samba-3.0.2-6.3E.i386.rpm
File outdated by:  RHSA-2009:1528		     4894f9fa9e46dfc0e4d59c27c569a4c2
samba-client-3.0.2-6.3E.i386.rpm
File outdated by:  RHSA-2009:1528		     95796c3368430ba3893551699f9c5834
samba-common-3.0.2-6.3E.i386.rpm
File outdated by:  RHSA-2009:1528		     2306521c559190833b067585ac315945
samba-swat-3.0.2-6.3E.i386.rpm
File outdated by:  RHSA-2009:1528		     90b778d53802ab039c1f18fd0aa64083
 
IA-64:
samba-3.0.2-6.3E.ia64.rpm
File outdated by:  RHSA-2009:1528		     b80cddc956ed6f5ad59043366a41bc4f
samba-client-3.0.2-6.3E.ia64.rpm
File outdated by:  RHSA-2009:1528		     a7c2f086eccd48ff31ab2b9c75a767f3
samba-common-3.0.2-6.3E.ia64.rpm
File outdated by:  RHSA-2009:1528		     9610be71c8d32a75d989d2b528b96d18
samba-swat-3.0.2-6.3E.ia64.rpm
File outdated by:  RHSA-2009:1528		     a13f133ace1afad2a6921d8b9e1883af
 
x86_64:
samba-3.0.2-6.3E.i386.rpm
File outdated by:  RHSA-2009:1528		     4894f9fa9e46dfc0e4d59c27c569a4c2
samba-3.0.2-6.3E.x86_64.rpm
File outdated by:  RHSA-2009:1528		     df382357df3280a33d9586025138d3a0
samba-client-3.0.2-6.3E.x86_64.rpm
File outdated by:  RHSA-2009:1528		     44e7c0335c0021d3a23f6102ebd3acb3
samba-common-3.0.2-6.3E.x86_64.rpm
File outdated by:  RHSA-2009:1528		     ee2ee02f6421e3d08ef9e75f9c5f7392
samba-swat-3.0.2-6.3E.x86_64.rpm
File outdated by:  RHSA-2009:1528		     3cf5454d6c959e3fabcbaf74f69afc0f
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

114995 - CAN-2004-0082 mksmbpasswd vulnerability


References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0082

Keywords

smb

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/