Samba 2.0.8 security fix

From: tridge@SAMBA.ORG
Date: Wed Apr 18 2001 - 02:06:48 CEST

  • Next message: Chris Wright: "Immunix OS Security update for samba"

    I've just released Samba 2.0.8. This release fixes a significant
    security vulnerability that allows local users to corrupt local
    devices (such as raw disks).

    For most users the Samba Team recommends Samba 2.2.0 which has just
    been released. Version 2.2.0 has all the security fixes plus many new
    features and other bug fixes. Version 2.0.8 is meant for very
    conservative sites that want a absolutely minimal security fix rather
    than a large update.

    The security hole was found by Marcus Meissner
    (Marcus.Meissner@caldera.de) during a routine security audit of the
    Samba source code. Many thanks to Marcus and Caldera for taking the
    time to audit the code. The hole involved an incorrect usage of
    temporary files and can be exploited by a local user with a shell
    account on the Samba server to destroy data on a local device, such as
    /dev/hda. The exploit is relatively easy to perform so all sites with
    untrusted local users should update immediately to either version
    2.0.8 or version 2.2.0.

    The 2.0.8 release is available at
        ftp://ftp.samba.org/pub/samba/samba-2.0.8.tar.gz
    the patch is available at:
        ftp://ftp.samba.org/pub/samba/patches/samba-2.0.7-2.0.8.diffs.gz

    The 2.2.0 release is available at:
        ftp://ftp.samba.org/pub/samba/samba-2.2.0.tar.gz

    We do not plan on doing any more releases of Samba 2.0.x.

    Distribution vendors have been notified about the security fix and
    will be doing new releases shortly.

    Cheers, Tridge



    This archive was generated by hypermail 2b30 : Thu Apr 26 2001 - 22:29:16 CEST