Skip to navigation

Security Advisory Critical: samba security and bug fix update

Advisory: RHSA-2008:0290-7
Type: Security Advisory
Severity: Critical
Issued on: 2008-05-28
Last updated on: 2008-05-28
Affected Products: Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux EUS (v. 5.2.z server)
CVEs (cve.mitre.org): CVE-2008-1105

Details

Updated samba packages that fix a security issue and two bugs are now
available for Red Hat Enterprise Linux 5.

This update has been rated as having critical security impact by the Red
Hat Security Response Team.

Samba is a suite of programs used by machines to share files, printers, and
other information.

A heap-based buffer overflow flaw was found in the way Samba clients handle
over-sized packets. If a client connected to a malicious Samba server, it
was possible to execute arbitrary code as the Samba client user. It was
also possible for a remote user to send a specially crafted print request
to a Samba server that could result in the server executing the vulnerable
client code, resulting in arbitrary code execution with the permissions of
the Samba server. (CVE-2008-1105)

Red Hat would like to thank Alin Rad Pop of Secunia Research for
responsibly disclosing this issue.

This update also addresses two issues which prevented Samba from joining
certain Windows domains with tightened security policies, and prevented
certain signed SMB content from working as expected:

* when some Windows® 2000-based domain controllers were set to use
mandatory signing, Samba clients would drop the connection because of an
error when generating signatures. This presented as a "Server packet had
invalid SMB signature" error to the Samba client. This update corrects the
signature generation error.

* Samba servers using the "net ads join" command to connect to a Windows
Server® 2003-based domain would fail with "failed to get schannel session
key from server" and "NT_STATUS_ACCESS_DENIED" errors. This update
correctly binds to the NETLOGON share, allowing Samba servers to connect to
the domain properly.

Users of Samba are advised to upgrade to these updated packages, which
contain a backported patch to resolve these issues.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Updated packages

Red Hat Enterprise Linux (v. 5 server)

SRPMS:
samba-3.0.28-1.el5_2.1.src.rpm
File outdated by:  RHBA-2009:0251
    MD5: c8744eed3b3769a88d42ea5e40b6f913
 
IA-32:
samba-3.0.28-1.el5_2.1.i386.rpm
File outdated by:  RHSA-2014:0305
    MD5: ff885e0c6bb806e4c776dc11637033f9
samba-client-3.0.28-1.el5_2.1.i386.rpm
File outdated by:  RHSA-2014:0305
    MD5: d0c0753383c698e8a867e962a1dc6eac
samba-common-3.0.28-1.el5_2.1.i386.rpm
File outdated by:  RHSA-2014:0305
    MD5: aad625501297c2215fc2e92ac7de3883
samba-swat-3.0.28-1.el5_2.1.i386.rpm
File outdated by:  RHSA-2014:0305
    MD5: 3ed5051cf26776579da9171c1ea06422
 
IA-64:
samba-3.0.28-1.el5_2.1.ia64.rpm
File outdated by:  RHSA-2014:0305
    MD5: bffc7c59bf4b4d95c93d8133e1a809c0
samba-client-3.0.28-1.el5_2.1.ia64.rpm
File outdated by:  RHSA-2014:0305
    MD5: c4409b5b9c1019f3da1ba632c251f8de
samba-common-3.0.28-1.el5_2.1.ia64.rpm
File outdated by:  RHSA-2014:0305
    MD5: d52867fd43964687848e71fffe1ba56f
samba-swat-3.0.28-1.el5_2.1.ia64.rpm
File outdated by:  RHSA-2014:0305
    MD5: dd4acaae5a4b7536732296d0f878f07d
 
PPC:
samba-3.0.28-1.el5_2.1.ppc.rpm
File outdated by:  RHSA-2014:0305
    MD5: a192b606484547a9ea07c0625dbe00c0
samba-client-3.0.28-1.el5_2.1.ppc.rpm
File outdated by:  RHSA-2014:0305
    MD5: f57a6af5082cf952d1813cb169c199dc
samba-common-3.0.28-1.el5_2.1.ppc.rpm
File outdated by:  RHSA-2014:0305
    MD5: b367994c453c9e020473572efa594ab6
samba-common-3.0.28-1.el5_2.1.ppc64.rpm
File outdated by:  RHSA-2014:0305
    MD5: b02df5a8353e945211b1f3c77a3ecd4c
samba-swat-3.0.28-1.el5_2.1.ppc.rpm
File outdated by:  RHSA-2014:0305
    MD5: 776e8cd67a4bdc85d64614c53badfcbd
 
s390x:
samba-3.0.28-1.el5_2.1.s390x.rpm
File outdated by:  RHSA-2014:0305
    MD5: 71dca4f7a4313504bac85b43fcfd201d
samba-client-3.0.28-1.el5_2.1.s390x.rpm
File outdated by:  RHSA-2014:0305
    MD5: edde80529204f370233bd8b83fdde688
samba-common-3.0.28-1.el5_2.1.s390.rpm
File outdated by:  RHSA-2014:0305
    MD5: 62fe1fcdc613f81d778559c66f817733
samba-common-3.0.28-1.el5_2.1.s390x.rpm
File outdated by:  RHSA-2014:0305
    MD5: bdcd4149da834ae6f4380c0baaa94924
samba-swat-3.0.28-1.el5_2.1.s390x.rpm
File outdated by:  RHSA-2014:0305
    MD5: 20a9a28c2428a1dc12d992992a2b5ba8
 
x86_64:
samba-3.0.28-1.el5_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0305
    MD5: 28b93c0ca44a2d5bf4715e376cb029a4
samba-client-3.0.28-1.el5_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0305
    MD5: b352852eab120e68a912d2b6c7719cb2
samba-common-3.0.28-1.el5_2.1.i386.rpm
File outdated by:  RHSA-2014:0305
    MD5: aad625501297c2215fc2e92ac7de3883
samba-common-3.0.28-1.el5_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0305
    MD5: 490e730fe6ec48a1799bb50c983684e0
samba-swat-3.0.28-1.el5_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0305
    MD5: f7150764465b0f724cbce295d1d06e4b
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
samba-3.0.28-1.el5_2.1.src.rpm
File outdated by:  RHBA-2009:0251
    MD5: c8744eed3b3769a88d42ea5e40b6f913
 
IA-32:
samba-3.0.28-1.el5_2.1.i386.rpm
File outdated by:  RHSA-2014:0305
    MD5: ff885e0c6bb806e4c776dc11637033f9
samba-client-3.0.28-1.el5_2.1.i386.rpm
File outdated by:  RHSA-2014:0305
    MD5: d0c0753383c698e8a867e962a1dc6eac
samba-common-3.0.28-1.el5_2.1.i386.rpm
File outdated by:  RHSA-2014:0305
    MD5: aad625501297c2215fc2e92ac7de3883
samba-swat-3.0.28-1.el5_2.1.i386.rpm
File outdated by:  RHSA-2014:0305
    MD5: 3ed5051cf26776579da9171c1ea06422
 
x86_64:
samba-3.0.28-1.el5_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0305
    MD5: 28b93c0ca44a2d5bf4715e376cb029a4
samba-client-3.0.28-1.el5_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0305
    MD5: b352852eab120e68a912d2b6c7719cb2
samba-common-3.0.28-1.el5_2.1.i386.rpm
File outdated by:  RHSA-2014:0305
    MD5: aad625501297c2215fc2e92ac7de3883
samba-common-3.0.28-1.el5_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0305
    MD5: 490e730fe6ec48a1799bb50c983684e0
samba-swat-3.0.28-1.el5_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0305
    MD5: f7150764465b0f724cbce295d1d06e4b
 
Red Hat Enterprise Linux EUS (v. 5.2.z server)

SRPMS:
samba-3.0.28-1.el5_2.1.src.rpm
File outdated by:  RHBA-2009:0251
    MD5: c8744eed3b3769a88d42ea5e40b6f913
 
IA-32:
samba-3.0.28-1.el5_2.1.i386.rpm
File outdated by:  RHBA-2009:0251
    MD5: ff885e0c6bb806e4c776dc11637033f9
samba-client-3.0.28-1.el5_2.1.i386.rpm
File outdated by:  RHBA-2009:0251
    MD5: d0c0753383c698e8a867e962a1dc6eac
samba-common-3.0.28-1.el5_2.1.i386.rpm
File outdated by:  RHBA-2009:0251
    MD5: aad625501297c2215fc2e92ac7de3883
samba-swat-3.0.28-1.el5_2.1.i386.rpm
File outdated by:  RHBA-2009:0251
    MD5: 3ed5051cf26776579da9171c1ea06422
 
IA-64:
samba-3.0.28-1.el5_2.1.ia64.rpm
File outdated by:  RHBA-2009:0251
    MD5: bffc7c59bf4b4d95c93d8133e1a809c0
samba-client-3.0.28-1.el5_2.1.ia64.rpm
File outdated by:  RHBA-2009:0251
    MD5: c4409b5b9c1019f3da1ba632c251f8de
samba-common-3.0.28-1.el5_2.1.ia64.rpm
File outdated by:  RHBA-2009:0251
    MD5: d52867fd43964687848e71fffe1ba56f
samba-swat-3.0.28-1.el5_2.1.ia64.rpm
File outdated by:  RHBA-2009:0251
    MD5: dd4acaae5a4b7536732296d0f878f07d
 
PPC:
samba-3.0.28-1.el5_2.1.ppc.rpm
File outdated by:  RHBA-2009:0251
    MD5: a192b606484547a9ea07c0625dbe00c0
samba-client-3.0.28-1.el5_2.1.ppc.rpm
File outdated by:  RHBA-2009:0251
    MD5: f57a6af5082cf952d1813cb169c199dc
samba-common-3.0.28-1.el5_2.1.ppc.rpm
File outdated by:  RHBA-2009:0251
    MD5: b367994c453c9e020473572efa594ab6
samba-common-3.0.28-1.el5_2.1.ppc64.rpm
File outdated by:  RHBA-2009:0251
    MD5: b02df5a8353e945211b1f3c77a3ecd4c
samba-swat-3.0.28-1.el5_2.1.ppc.rpm
File outdated by:  RHBA-2009:0251
    MD5: 776e8cd67a4bdc85d64614c53badfcbd
 
s390x:
samba-3.0.28-1.el5_2.1.s390x.rpm
File outdated by:  RHBA-2009:0251
    MD5: 71dca4f7a4313504bac85b43fcfd201d
samba-client-3.0.28-1.el5_2.1.s390x.rpm
File outdated by:  RHBA-2009:0251
    MD5: edde80529204f370233bd8b83fdde688
samba-common-3.0.28-1.el5_2.1.s390.rpm
File outdated by:  RHBA-2009:0251
    MD5: 62fe1fcdc613f81d778559c66f817733
samba-common-3.0.28-1.el5_2.1.s390x.rpm
File outdated by:  RHBA-2009:0251
    MD5: bdcd4149da834ae6f4380c0baaa94924
samba-swat-3.0.28-1.el5_2.1.s390x.rpm
File outdated by:  RHBA-2009:0251
    MD5: 20a9a28c2428a1dc12d992992a2b5ba8
 
x86_64:
samba-3.0.28-1.el5_2.1.x86_64.rpm
File outdated by:  RHBA-2009:0251
    MD5: 28b93c0ca44a2d5bf4715e376cb029a4
samba-client-3.0.28-1.el5_2.1.x86_64.rpm
File outdated by:  RHBA-2009:0251
    MD5: b352852eab120e68a912d2b6c7719cb2
samba-common-3.0.28-1.el5_2.1.i386.rpm
File outdated by:  RHBA-2009:0251
    MD5: aad625501297c2215fc2e92ac7de3883
samba-common-3.0.28-1.el5_2.1.x86_64.rpm
File outdated by:  RHBA-2009:0251
    MD5: 490e730fe6ec48a1799bb50c983684e0
samba-swat-3.0.28-1.el5_2.1.x86_64.rpm
File outdated by:  RHBA-2009:0251
    MD5: f7150764465b0f724cbce295d1d06e4b
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

444637 - Join fails with stricter w2k3 security options set
446724 - CVE-2008-1105 Samba client buffer overflow
447380 - Signing issue: "Server packet had invalid SMB signature" with some Win2K servers


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/