Next Page >>
smbclient
===========================================================
Ubuntu Security Notice USN-839-1 October 01, 2009
samba vulnerabilities
CVE-2009-1886, CVE-2009-1888, CVE-2009-2813, CVE-2009-2906,
CVE-2009-2948
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High
Title: Samba: Execution of arbitrary code
Date: November 20, 2007
Bugs: #197519
ID: 200711-29
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://labs.idefense.com/intelligence/vulnerabilities/
Jun 16, 2010
I. BACKGROUND
Samba is an open-source Unix server application used to implement
Windows file sharing and domain controlling functionality. For more
information, please visit: http://www.samba.org
II. DESCRIPTION
- -------------------------------------------------------------------
~ VMware Security Advisory
Advisory ID: VMSA-2008-0003
Synopsis: Moderate: Updated aacraid driver and samba
~ and python service console updates
Issue date: 2008-02-04
Updated on: 2008-02-04 (initial release of advisory)
CVE numbers: CVE-2007-6015 CVE-2006-7228 CVE-2007-2052
~ CVE-2007-4965 CVE-2007-4308
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================
Ubuntu Security Notice USN-544-2 November 16, 2007
samba regression
CVE-2007-4572, https://launchpad.net/bugs/163042
===========================================================
A security issue affects the following Ubuntu releases:
Samba Remote Directory Traversal
logic fuckup discovered & exploited by Kingcope in 2010
It seems there was a quite similar bug found back in 2004:
http://marc.info/?l=bugtraq&m=109658688505723&w=2
A remote attacker can read, list and retrieve nearly all files on the System remotely.
Required is a valid samba account for a share which is writeable OR
a writeable share which is configured to be a guest account share,
in this case this is a preauth exploit.
===========================================================
Ubuntu Security Notice USN-617-1 June 17, 2008
samba vulnerabilities
CVE-2007-4572, CVE-2008-1105
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 7.04
== Subject: Boundary failure when parsing SMB responses
== can result in a buffer overrun
==
== CVE ID#: CVE-2008-1105
==
== Versions: Samba 3.0.0 - 3.0.29 (inclusive)
==
== Summary: Specifically crafted SMB responses can result
== in a heap overflow in the Samba client code.
== Because the server process, smbd, can itself
== act as a client during operations such as
===========================================================
Ubuntu Security Notice USN-918-1 March 24, 2010
samba vulnerability
CVE-2010-0926
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 8.04 LTS
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================
Ubuntu Security Notice USN-544-1 November 16, 2007
samba vulnerabilities
CVE-2007-4572, CVE-2007-5398
===========================================================
A security issue affects the following Ubuntu releases:
Mandriva Linux Security Advisory MDVSA-2009:320
http://www.mandriva.com/security/
_______________________________________________________________________
Package : samba
Date : December 6, 2009
Affected: 2008.0
_______________________________________________________________________
Problem Description:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High
Title: Samba: Execution of arbitrary code
Date: December 10, 2007
Bugs: #200773
ID: 200712-10
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
===========================================================
Ubuntu Security Notice USN-556-1 December 18, 2007
samba vulnerability
CVE-2007-6015
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 6.10
== Subject: Stack buffer overflow in nmbd's logon
== request processing.
==
== CVE ID#: CVE-2007-4572
==
== Versions: Samba 3.0.0 - 3.0.26a (inclusive)
==
== Summary: Processing of specially crafted GETDC
== mailslot requests can result in a buffer
== overrun in nmbd. It is not believed that
== that this issues can be exploited to
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
==========================================================
==
== Subject: Remote code execution in Samba's WINS
== server daemon (nmbd) when processing name
== registration followed name query requests.
==
== CVE ID#: CVE-2007-5398
==
======================================================================
Secunia Research 15/11/2007
- Samba "reply_netbios_packet()" Buffer Overflow Vulnerability -
======================================================================
Table of Contents
Affected Software....................................................1
Debian Security Advisory DSA-1409-2 security@debian.org
http://www.debian.org/security/ Steve Kemp
November 26, 2007 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : samba
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2007-4572, CVE-2007-5398
== domain users using the rfc2307 or sfu
== winbind nss info plugin.
==
== CVE ID#: CVE-2007-4138
==
== Versions: Samba 3.0.25 - 3.0.25c (inclusive)
==
== Summary: When the "winbind nss info" parameter in
== smb.conf is set to either "sfu" or "rfc2307",
== Windows users are incorrectly assigned
== a primary gid of 0 in the absence of the
Mandriva Linux Security Advisory MDVSA-2009:277
http://www.mandriva.com/security/
_______________________________________________________________________
Package : samba
Date : October 14, 2009
Affected: 2008.1, 2009.0, 2009.1, Corporate 3.0, Corporate 4.0,
Enterprise Server 5.0
_______________________________________________________________________
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01475657
Version: 1
HPSBUX02341 SSRT080075 rev.1 - HP-UX running HP CIFS Server (Samba), Remote Execution of Arbitrary Code
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-06-23
Last Updated: 2008-06-23
Mandriva Linux Security Advisory MDVSA-2009:196
http://www.mandriva.com/security/
_______________________________________________________________________
Package : samba
Date : August 7, 2009
Affected: 2009.0, Enterprise Server 5.0
_______________________________________________________________________
Problem Description:
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01377687
Version: 1
HPSBUX02316 SSRT071495 rev.1 - HP-UX running HP CIFS Server (Samba), Remote Execution of Arbitrary Code
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-03-10
Last Updated: 2008-03-08
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01475657
Version: 1
HPSBUX02341 SSRT080075 rev.1 - HP-UX running HP CIFS Server (Samba), Remote Execution of Arbitrary Code
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-06-23
Last Updated: 2008-06-23
Debian Security Advisory DSA-1908-1 security@debian.org
http://www.debian.org/security/ Nico Golde
October 14th, 2009 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Package : samba
Vulnerability : several
Problem type : local/remote
Debian-specific: no
Debian bug : none
CVE ID : CVE-2009-2948 CVE-2009-2906 CVE-2009-2813
First and foremost I did not know about the configuration setting which
closes the bug when i posted the advisory. So this was my mistake.
But for the most servers which are not entirely hardened (and my
assumption is that this applies to many servers in internal networks)
the traversal can be a serious issue, because a samba user (even nobody)
can create the symlinks. It would in my point of view be more secure to
only allow administrators to create symlinks as it is intended.
Again I might be wrong with this thought.
I first audited Windows Server 2008 for the new SMB2 hardlinking
features. Symlinking on a windows server is possible but only when the
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Samba: Data disclosure
Date: March 07, 2009
Bugs: #247620
ID: 200903-07
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
== Subject: Boundary failure in GETDC mailslot
== processing can result in a buffer overrun
==
== CVE ID#: CVE-2007-6015
==
== Versions: Samba 3.0.0 - 3.0.27a (inclusive)
==
== Summary: Specifically crafted GETDC mailslot requests
== can trigger a boundary error in the domain
== controller GETDC mail slot support which
== can be remotely exploited to execute arbitrary
Debian Security Advisory 1409 security@debian.org
http://www.debian.org/security/ Steve Kemp
November 22, 2007 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : samba
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2007-4572, CVE-2007-5398
Debian Security Advisory DSA-1409-3 security@debian.org
http://www.debian.org/security/ Steve Kemp
November 29, 2007 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : samba
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2007-4572, CVE-2007-5398
===========================================================
Ubuntu Security Notice USN-617-2 June 30, 2008
samba regression
CVE-2008-1105, https://bugs.launchpad.net/bugs/241448
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 7.04
Next Page>>
|
