Skip to navigation

Security Advisory Critical: samba security update

Advisory: RHSA-2007:1013-7
Type: Security Advisory
Severity: Critical
Issued on: 2007-11-15
Last updated on: 2007-11-15
Affected Products: Red Hat Desktop (v. 3)
Red Hat Enterprise Linux AS (v. 2.1)
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux ES (v. 2.1)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux WS (v. 2.1)
Red Hat Enterprise Linux WS (v. 3)
Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor
CVEs (cve.mitre.org): CVE-2007-4572
CVE-2007-5398

Details

Updated samba packages that fix several security issues are now available
for Red Hat Enterprise Linux 2.1 and 3.

This update has been rated as having critical security impact by the Red
Hat Security Response Team.

Samba is a suite of programs used by machines to share files, printers, and
other information.

A buffer overflow flaw was found in the way Samba creates NetBIOS replies.
If a Samba server is configured to run as a WINS server, a remote
unauthenticated user could cause the Samba server to crash or execute
arbitrary code. (CVE-2007-5398)

A heap-based buffer overflow flaw was found in the way Samba authenticates
users. A remote unauthenticated user could trigger this flaw to cause the
Samba server to crash. Careful analysis of this flaw has determined that
arbitrary code execution is not possible, and under most circumstances will
not result in a crash of the Samba server. (CVE-2007-4572)

Red Hat would like to thank Alin Rad Pop of Secunia Research, and the Samba
developers for responsibly disclosing these issues.

Users of Samba are advised to ugprade to these updated packages, which
contain backported patches to resolve these issues.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Updated packages

Red Hat Desktop (v. 3)

SRPMS:
samba-3.0.9-1.3E.14.1.src.rpm
File outdated by:  RHSA-2010:0697
    MD5: 109ff11f7bae2ea32001733dfcb494a4
 
IA-32:
samba-3.0.9-1.3E.14.1.i386.rpm
File outdated by:  RHSA-2010:0697
    MD5: 4de0c6d2dae246e46a56db2cec7b64de
samba-client-3.0.9-1.3E.14.1.i386.rpm
File outdated by:  RHSA-2010:0697
    MD5: bfb5a0569b61135deb3f9364fa36da1b
samba-common-3.0.9-1.3E.14.1.i386.rpm
File outdated by:  RHSA-2010:0697
    MD5: e7b6b04bdf7d0051d2c49272c155fd08
samba-swat-3.0.9-1.3E.14.1.i386.rpm
File outdated by:  RHSA-2010:0697
    MD5: ae11744aa2d5e3acb6005049376645d1
 
x86_64:
samba-3.0.9-1.3E.14.1.i386.rpm
File outdated by:  RHSA-2010:0697
    MD5: 4de0c6d2dae246e46a56db2cec7b64de
samba-3.0.9-1.3E.14.1.x86_64.rpm
File outdated by:  RHSA-2010:0697
    MD5: 27c811b470b7350b3139448d74f2de27
samba-client-3.0.9-1.3E.14.1.x86_64.rpm
File outdated by:  RHSA-2010:0697
    MD5: 63cc1e310310586bbeff693cd5353a49
samba-common-3.0.9-1.3E.14.1.i386.rpm
File outdated by:  RHSA-2010:0697
    MD5: e7b6b04bdf7d0051d2c49272c155fd08
samba-common-3.0.9-1.3E.14.1.x86_64.rpm
File outdated by:  RHSA-2010:0697
    MD5: 689ce45d04eba3215f144691815ab8bb
samba-swat-3.0.9-1.3E.14.1.x86_64.rpm
File outdated by:  RHSA-2010:0697
    MD5: 984deb53f02277f5cb4e7aac5c44ea0a
 
Red Hat Enterprise Linux AS (v. 2.1)

SRPMS:
samba-2.2.12-1.21as.8.1.src.rpm
File outdated by:  RHSA-2008:0288
    MD5: c256e2c91c123f1832f52acd841c723e
 
IA-32:
samba-2.2.12-1.21as.8.1.i386.rpm
File outdated by:  RHSA-2008:0288
    MD5: 3668a9e0f562d8f90cc663a0d4947511
samba-client-2.2.12-1.21as.8.1.i386.rpm
File outdated by:  RHSA-2008:0288
    MD5: 7ad1f876f07f3350ed11e08cd2dfd048
samba-common-2.2.12-1.21as.8.1.i386.rpm
File outdated by:  RHSA-2008:0288
    MD5: b9b6703ad46f5e07a2c353c4f3213bbd
samba-swat-2.2.12-1.21as.8.1.i386.rpm
File outdated by:  RHSA-2008:0288
    MD5: 1b096bad8e57d2f8312d8b5481693594
 
IA-64:
samba-2.2.12-1.21as.8.1.ia64.rpm
File outdated by:  RHSA-2008:0288
    MD5: a63a1829e8d3585e0f9598cbb585ff95
samba-client-2.2.12-1.21as.8.1.ia64.rpm
File outdated by:  RHSA-2008:0288
    MD5: 139643a501d501a38a9841537bbff295
samba-common-2.2.12-1.21as.8.1.ia64.rpm
File outdated by:  RHSA-2008:0288
    MD5: ed8b98dbb27211c6f40e0d91726082fa
samba-swat-2.2.12-1.21as.8.1.ia64.rpm
File outdated by:  RHSA-2008:0288
    MD5: 4f070a66e6afd76da95e0c7c7a9b1251
 
Red Hat Enterprise Linux AS (v. 3)

SRPMS:
samba-3.0.9-1.3E.14.1.src.rpm
File outdated by:  RHSA-2010:0697
    MD5: 109ff11f7bae2ea32001733dfcb494a4
 
IA-32:
samba-3.0.9-1.3E.14.1.i386.rpm
File outdated by:  RHSA-2010:0697
    MD5: 4de0c6d2dae246e46a56db2cec7b64de
samba-client-3.0.9-1.3E.14.1.i386.rpm
File outdated by:  RHSA-2010:0697
    MD5: bfb5a0569b61135deb3f9364fa36da1b
samba-common-3.0.9-1.3E.14.1.i386.rpm
File outdated by:  RHSA-2010:0697
    MD5: e7b6b04bdf7d0051d2c49272c155fd08
samba-swat-3.0.9-1.3E.14.1.i386.rpm
File outdated by:  RHSA-2010:0697
    MD5: ae11744aa2d5e3acb6005049376645d1
 
IA-64:
samba-3.0.9-1.3E.14.1.i386.rpm
File outdated by:  RHSA-2010:0697
    MD5: 4de0c6d2dae246e46a56db2cec7b64de
samba-3.0.9-1.3E.14.1.ia64.rpm
File outdated by:  RHSA-2010:0697
    MD5: e199d3394b047493501054854becba95
samba-client-3.0.9-1.3E.14.1.ia64.rpm
File outdated by:  RHSA-2010:0697
    MD5: 7683498f19d4dc2457c94c2b2c383c5c
samba-common-3.0.9-1.3E.14.1.i386.rpm
File outdated by:  RHSA-2010:0697
    MD5: e7b6b04bdf7d0051d2c49272c155fd08
samba-common-3.0.9-1.3E.14.1.ia64.rpm
File outdated by:  RHSA-2010:0697
    MD5: 072b014b104dd5c3e47cb7ff95f49c19
samba-swat-3.0.9-1.3E.14.1.ia64.rpm
File outdated by:  RHSA-2010:0697
    MD5: 90d018a6319715a6ebaa8ec589d6a5ed
 
PPC:
samba-3.0.9-1.3E.14.1.ppc.rpm
File outdated by:  RHSA-2010:0697
    MD5: 2d19e0c0dd38a67a58f7554ed1813960
samba-3.0.9-1.3E.14.1.ppc64.rpm
File outdated by:  RHSA-2010:0697
    MD5: 7220d706da598f65fb2034c59436ca39
samba-client-3.0.9-1.3E.14.1.ppc.rpm
File outdated by:  RHSA-2010:0697
    MD5: e0b4f4c3d2b1a0110e4cd854ee4b5d63
samba-common-3.0.9-1.3E.14.1.ppc.rpm
File outdated by:  RHSA-2010:0697
    MD5: bb761b0be35251a3271fe517485b73fc
samba-common-3.0.9-1.3E.14.1.ppc64.rpm
File outdated by:  RHSA-2010:0697
    MD5: fa3ebbb6aff8c03433d314fdf7907eda
samba-swat-3.0.9-1.3E.14.1.ppc.rpm
File outdated by:  RHSA-2010:0697
    MD5: ea9388a3ef700197148af7217cab23e7
 
s390:
samba-3.0.9-1.3E.14.1.s390.rpm
File outdated by:  RHSA-2010:0697
    MD5: 442c0489b0b6e47c30d29920d86ad1c6
samba-client-3.0.9-1.3E.14.1.s390.rpm
File outdated by:  RHSA-2010:0697
    MD5: 8fd814d9aaf60d506c00458f046e135f
samba-common-3.0.9-1.3E.14.1.s390.rpm
File outdated by:  RHSA-2010:0697
    MD5: ad59ab1c42546e3713d8e2fa06ca5dcf
samba-swat-3.0.9-1.3E.14.1.s390.rpm
File outdated by:  RHSA-2010:0697
    MD5: ff6c34142632863ceeba2b51ee6ab63d
 
s390x:
samba-3.0.9-1.3E.14.1.s390.rpm
File outdated by:  RHSA-2010:0697
    MD5: 442c0489b0b6e47c30d29920d86ad1c6
samba-3.0.9-1.3E.14.1.s390x.rpm
File outdated by:  RHSA-2010:0697
    MD5: 4631bddcfdea1831b9e710788663b2f3
samba-client-3.0.9-1.3E.14.1.s390x.rpm
File outdated by:  RHSA-2010:0697
    MD5: 4ed24e0dc5a06239b696b7ca3f0299af
samba-common-3.0.9-1.3E.14.1.s390.rpm
File outdated by:  RHSA-2010:0697
    MD5: ad59ab1c42546e3713d8e2fa06ca5dcf
samba-common-3.0.9-1.3E.14.1.s390x.rpm
File outdated by:  RHSA-2010:0697
    MD5: 4e802689c31db058065f7899f2fcc0c9
samba-swat-3.0.9-1.3E.14.1.s390x.rpm
File outdated by:  RHSA-2010:0697
    MD5: 1314e87a446697fe5b76a621b5cfff58
 
x86_64:
samba-3.0.9-1.3E.14.1.i386.rpm
File outdated by:  RHSA-2010:0697
    MD5: 4de0c6d2dae246e46a56db2cec7b64de
samba-3.0.9-1.3E.14.1.x86_64.rpm
File outdated by:  RHSA-2010:0697
    MD5: 27c811b470b7350b3139448d74f2de27
samba-client-3.0.9-1.3E.14.1.x86_64.rpm
File outdated by:  RHSA-2010:0697
    MD5: 63cc1e310310586bbeff693cd5353a49
samba-common-3.0.9-1.3E.14.1.i386.rpm
File outdated by:  RHSA-2010:0697
    MD5: e7b6b04bdf7d0051d2c49272c155fd08
samba-common-3.0.9-1.3E.14.1.x86_64.rpm
File outdated by:  RHSA-2010:0697
    MD5: 689ce45d04eba3215f144691815ab8bb
samba-swat-3.0.9-1.3E.14.1.x86_64.rpm
File outdated by:  RHSA-2010:0697
    MD5: 984deb53f02277f5cb4e7aac5c44ea0a
 
Red Hat Enterprise Linux ES (v. 2.1)

SRPMS:
samba-2.2.12-1.21as.8.1.src.rpm
File outdated by:  RHSA-2008:0288
    MD5: c256e2c91c123f1832f52acd841c723e
 
IA-32:
samba-2.2.12-1.21as.8.1.i386.rpm
File outdated by:  RHSA-2008:0288
    MD5: 3668a9e0f562d8f90cc663a0d4947511
samba-client-2.2.12-1.21as.8.1.i386.rpm
File outdated by:  RHSA-2008:0288
    MD5: 7ad1f876f07f3350ed11e08cd2dfd048
samba-common-2.2.12-1.21as.8.1.i386.rpm
File outdated by:  RHSA-2008:0288
    MD5: b9b6703ad46f5e07a2c353c4f3213bbd
samba-swat-2.2.12-1.21as.8.1.i386.rpm
File outdated by:  RHSA-2008:0288
    MD5: 1b096bad8e57d2f8312d8b5481693594
 
Red Hat Enterprise Linux ES (v. 3)

SRPMS:
samba-3.0.9-1.3E.14.1.src.rpm
File outdated by:  RHSA-2010:0697
    MD5: 109ff11f7bae2ea32001733dfcb494a4
 
IA-32:
samba-3.0.9-1.3E.14.1.i386.rpm
File outdated by:  RHSA-2010:0697
    MD5: 4de0c6d2dae246e46a56db2cec7b64de
samba-client-3.0.9-1.3E.14.1.i386.rpm
File outdated by:  RHSA-2010:0697
    MD5: bfb5a0569b61135deb3f9364fa36da1b
samba-common-3.0.9-1.3E.14.1.i386.rpm
File outdated by:  RHSA-2010:0697
    MD5: e7b6b04bdf7d0051d2c49272c155fd08
samba-swat-3.0.9-1.3E.14.1.i386.rpm
File outdated by:  RHSA-2010:0697
    MD5: ae11744aa2d5e3acb6005049376645d1
 
IA-64:
samba-3.0.9-1.3E.14.1.i386.rpm
File outdated by:  RHSA-2010:0697
    MD5: 4de0c6d2dae246e46a56db2cec7b64de
samba-3.0.9-1.3E.14.1.ia64.rpm
File outdated by:  RHSA-2010:0697
    MD5: e199d3394b047493501054854becba95
samba-client-3.0.9-1.3E.14.1.ia64.rpm
File outdated by:  RHSA-2010:0697
    MD5: 7683498f19d4dc2457c94c2b2c383c5c
samba-common-3.0.9-1.3E.14.1.i386.rpm
File outdated by:  RHSA-2010:0697
    MD5: e7b6b04bdf7d0051d2c49272c155fd08
samba-common-3.0.9-1.3E.14.1.ia64.rpm
File outdated by:  RHSA-2010:0697
    MD5: 072b014b104dd5c3e47cb7ff95f49c19
samba-swat-3.0.9-1.3E.14.1.ia64.rpm
File outdated by:  RHSA-2010:0697
    MD5: 90d018a6319715a6ebaa8ec589d6a5ed
 
x86_64:
samba-3.0.9-1.3E.14.1.i386.rpm
File outdated by:  RHSA-2010:0697
    MD5: 4de0c6d2dae246e46a56db2cec7b64de
samba-3.0.9-1.3E.14.1.x86_64.rpm
File outdated by:  RHSA-2010:0697
    MD5: 27c811b470b7350b3139448d74f2de27
samba-client-3.0.9-1.3E.14.1.x86_64.rpm
File outdated by:  RHSA-2010:0697
    MD5: 63cc1e310310586bbeff693cd5353a49
samba-common-3.0.9-1.3E.14.1.i386.rpm
File outdated by:  RHSA-2010:0697
    MD5: e7b6b04bdf7d0051d2c49272c155fd08
samba-common-3.0.9-1.3E.14.1.x86_64.rpm
File outdated by:  RHSA-2010:0697
    MD5: 689ce45d04eba3215f144691815ab8bb
samba-swat-3.0.9-1.3E.14.1.x86_64.rpm
File outdated by:  RHSA-2010:0697
    MD5: 984deb53f02277f5cb4e7aac5c44ea0a
 
Red Hat Enterprise Linux WS (v. 2.1)

SRPMS:
samba-2.2.12-1.21as.8.1.src.rpm
File outdated by:  RHSA-2008:0288
    MD5: c256e2c91c123f1832f52acd841c723e
 
IA-32:
samba-2.2.12-1.21as.8.1.i386.rpm
File outdated by:  RHSA-2008:0288
    MD5: 3668a9e0f562d8f90cc663a0d4947511
samba-client-2.2.12-1.21as.8.1.i386.rpm
File outdated by:  RHSA-2008:0288
    MD5: 7ad1f876f07f3350ed11e08cd2dfd048
samba-common-2.2.12-1.21as.8.1.i386.rpm
File outdated by:  RHSA-2008:0288
    MD5: b9b6703ad46f5e07a2c353c4f3213bbd
samba-swat-2.2.12-1.21as.8.1.i386.rpm
File outdated by:  RHSA-2008:0288
    MD5: 1b096bad8e57d2f8312d8b5481693594
 
Red Hat Enterprise Linux WS (v. 3)

SRPMS:
samba-3.0.9-1.3E.14.1.src.rpm
File outdated by:  RHSA-2010:0697
    MD5: 109ff11f7bae2ea32001733dfcb494a4
 
IA-32:
samba-3.0.9-1.3E.14.1.i386.rpm
File outdated by:  RHSA-2010:0697
    MD5: 4de0c6d2dae246e46a56db2cec7b64de
samba-client-3.0.9-1.3E.14.1.i386.rpm
File outdated by:  RHSA-2010:0697
    MD5: bfb5a0569b61135deb3f9364fa36da1b
samba-common-3.0.9-1.3E.14.1.i386.rpm
File outdated by:  RHSA-2010:0697
    MD5: e7b6b04bdf7d0051d2c49272c155fd08
samba-swat-3.0.9-1.3E.14.1.i386.rpm
File outdated by:  RHSA-2010:0697
    MD5: ae11744aa2d5e3acb6005049376645d1
 
IA-64:
samba-3.0.9-1.3E.14.1.i386.rpm
File outdated by:  RHSA-2010:0697
    MD5: 4de0c6d2dae246e46a56db2cec7b64de
samba-3.0.9-1.3E.14.1.ia64.rpm
File outdated by:  RHSA-2010:0697
    MD5: e199d3394b047493501054854becba95
samba-client-3.0.9-1.3E.14.1.ia64.rpm
File outdated by:  RHSA-2010:0697
    MD5: 7683498f19d4dc2457c94c2b2c383c5c
samba-common-3.0.9-1.3E.14.1.i386.rpm
File outdated by:  RHSA-2010:0697
    MD5: e7b6b04bdf7d0051d2c49272c155fd08
samba-common-3.0.9-1.3E.14.1.ia64.rpm
File outdated by:  RHSA-2010:0697
    MD5: 072b014b104dd5c3e47cb7ff95f49c19
samba-swat-3.0.9-1.3E.14.1.ia64.rpm
File outdated by:  RHSA-2010:0697
    MD5: 90d018a6319715a6ebaa8ec589d6a5ed
 
x86_64:
samba-3.0.9-1.3E.14.1.i386.rpm
File outdated by:  RHSA-2010:0697
    MD5: 4de0c6d2dae246e46a56db2cec7b64de
samba-3.0.9-1.3E.14.1.x86_64.rpm
File outdated by:  RHSA-2010:0697
    MD5: 27c811b470b7350b3139448d74f2de27
samba-client-3.0.9-1.3E.14.1.x86_64.rpm
File outdated by:  RHSA-2010:0697
    MD5: 63cc1e310310586bbeff693cd5353a49
samba-common-3.0.9-1.3E.14.1.i386.rpm
File outdated by:  RHSA-2010:0697
    MD5: e7b6b04bdf7d0051d2c49272c155fd08
samba-common-3.0.9-1.3E.14.1.x86_64.rpm
File outdated by:  RHSA-2010:0697
    MD5: 689ce45d04eba3215f144691815ab8bb
samba-swat-3.0.9-1.3E.14.1.x86_64.rpm
File outdated by:  RHSA-2010:0697
    MD5: 984deb53f02277f5cb4e7aac5c44ea0a
 
Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor

SRPMS:
samba-2.2.12-1.21as.8.1.src.rpm
File outdated by:  RHSA-2008:0288
    MD5: c256e2c91c123f1832f52acd841c723e
 
IA-64:
samba-2.2.12-1.21as.8.1.ia64.rpm
File outdated by:  RHSA-2008:0288
    MD5: a63a1829e8d3585e0f9598cbb585ff95
samba-client-2.2.12-1.21as.8.1.ia64.rpm
File outdated by:  RHSA-2008:0288
    MD5: 139643a501d501a38a9841537bbff295
samba-common-2.2.12-1.21as.8.1.ia64.rpm
File outdated by:  RHSA-2008:0288
    MD5: ed8b98dbb27211c6f40e0d91726082fa
samba-swat-2.2.12-1.21as.8.1.ia64.rpm
File outdated by:  RHSA-2008:0288
    MD5: 4f070a66e6afd76da95e0c7c7a9b1251
 

Bugs fixed (see bugzilla for more information)

294631 - CVE-2007-4572 samba buffer overflow
358831 - CVE-2007-5398 Samba "reply_netbios_packet()" Buffer Overflow Vulnerability


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/