Debians sikkerhedsbulletin

DSA-048-3 samba -- symlink-angreb

Rapporteret den:
9. maj 2001
Berørte pakker:
samba
Sårbar:
Ja
Referencer i sikkerhedsdatabaser:
I Bugtraq-databasen (hos SecurityFocus): BugTraq-id 2617.
I Mitres CVE-ordbog: CVE-2001-0406.
Yderligere oplysninger:
Marcus Meissner opdagede at Samba to steder ikke oprettede midlertidige filer på en sikker måde:
  • når en fjernbruger kiggede på printerkøen, oprettede Samba en midlertidig fil som kø-oplysningerne blev skrevet til. Dette blev gjort med et forudsigeligt filnavn, og usikkert, hvilket gjorde det muligt for en lokal bruger at snyde Samba til at overskrive tilfældige filer.
  • kommandoerne "more" og "mput" i smbclient oprettede også midlertidige filer på en usikker måde i /tmp.

Begge problemer er blevet rettet i version 2.0.7-3.2 og vi anbefaler at du omgående opgraderer din Samba-pakke. (Dette problem er også rettet i Samba version 2.2-koden.)

Bemærk: DSA-048-1 indeholdt en fejlagtigt kompileret Sparc-pakke, som den anden udgave rettede.

Den tredie udgave af dette bulletin blev skrevet fordi Marc Jacobsen fra HP opdatede at sikkerhedsrettelserne fra Samba 2.0.8 ikke fuldstændigt rettede /tmp-symlink-angrebet. Samba-teamet frigav version 2.0.9 for at rette det, og disse rettelser er blevet føjet til version 2.0.7-3.3 af Debians Samba-pakke.

Rettet i:

Debian GNU/Linux 2.2 (potato)

Kildekode:
http://security.debian.org/dists/stable/updates/main/source/samba_2.0.7-3.3.diff.gz
http://security.debian.org/dists/stable/updates/main/source/samba_2.0.7-3.3.dsc
http://security.debian.org/dists/stable/updates/main/source/samba_2.0.7.orig.tar.gz
Arkitekturuafhængig komponent:
http://security.debian.org/dists/stable/updates/main/binary-all/samba-doc_2.0.7-3.3_all.deb
Alpha:
http://security.debian.org/dists/stable/updates/main/binary-alpha/samba-common_2.0.7-3.3_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/samba_2.0.7-3.3_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/smbclient_2.0.7-3.3_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/smbfs_2.0.7-3.3_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/swat_2.0.7-3.3_alpha.deb
ARM:
http://security.debian.org/dists/stable/updates/main/binary-arm/samba-common_2.0.7-3.3_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/samba_2.0.7-3.3_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/smbclient_2.0.7-3.3_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/smbfs_2.0.7-3.3_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/swat_2.0.7-3.3_arm.deb
Intel IA-32:
http://security.debian.org/dists/stable/updates/main/binary-i386/samba-common_2.0.7-3.3_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/samba_2.0.7-3.3_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/smbclient_2.0.7-3.3_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/smbfs_2.0.7-3.3_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/swat_2.0.7-3.3_i386.deb
Motorola 680x0:
http://security.debian.org/dists/stable/updates/main/binary-m68k/samba-common_2.0.7-3.3_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/samba_2.0.7-3.3_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/smbclient_2.0.7-3.3_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/smbfs_2.0.7-3.3_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/swat_2.0.7-3.3_m68k.deb
PowerPC:
http://security.debian.org/dists/stable/updates/main/binary-powerpc/samba-common_2.0.7-3.3_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/samba_2.0.7-3.3_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/smbclient_2.0.7-3.3_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/smbfs_2.0.7-3.3_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/swat_2.0.7-3.3_powerpc.deb
Sun Sparc:
http://security.debian.org/dists/stable/updates/main/binary-sparc/samba-common_2.0.7-3.3_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/samba_2.0.7-3.3_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/smbclient_2.0.7-3.3_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/smbfs_2.0.7-3.3_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/swat_2.0.7-3.3_sparc.deb