Aviso de seguridad de Debian

DSA-262-1 samba -- explotación remota

Fecha del informe:
15 de mar de 2003
Paquetes afectados:
samba
Vulnerable:
Referencias a bases de datos de seguridad:
En la base de datos de Bugtraq (en SecurityFocus): Id. en BugTraq 7107, Id. en BugTraq 7106.
En el diccionario CVE de Mitre: CVE-2003-0085, CVE-2003-0086.
Información adicional:

Sebastian Krahmer, del equipo de la auditoría de seguridad de SuSE, encontró dos problemas en samba, una popular implementación de SMB/CIFS. Los problemas son:

  • un desbordamiento de búfer en el paquete SMB/CIFS fragmentaba el código de reensamblado usado por smbd. Ya que smbd corre como root, un atacante podía usar esto para obtener acceso como root a una máquina que estuviera corriendo smbd.
  • el código para escribir archivos reg era vulnerable por una fuga en chown que hacía posible que un usuario local escribiera archivos del sistema.

Ambos problemas se han corregido en la versión 2.2.8 y en la versión 2.2.3a-12.1 del paquete para Debian GNU/Linux 3.0/woody.

Arreglado en:

Debian GNU/Linux 3.0 (woody)

Fuentes:
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12.1.dsc
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a.orig.tar.gz
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12.1.diff.gz
Componentes independientes de la arquitectura:
http://security.debian.org/pool/updates/main/s/samba/samba-doc_2.2.3a-12.1_all.deb
alpha (DEC Alpha):
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-12.1_alpha.deb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-12.1_alpha.deb
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-12.1_alpha.deb
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-12.1_alpha.deb
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-12.1_alpha.deb
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12.1_alpha.deb
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-12.1_alpha.deb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-12.1_alpha.deb
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-12.1_alpha.deb
arm (ARM):
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-12.1_arm.deb
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-12.1_arm.deb
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-12.1_arm.deb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-12.1_arm.deb
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-12.1_arm.deb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-12.1_arm.deb
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-12.1_arm.deb
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12.1_arm.deb
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-12.1_arm.deb
hppa (HP PA RISC):
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12.1_hppa.deb
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-12.1_hppa.deb
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-12.1_hppa.deb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-12.1_hppa.deb
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-12.1_hppa.deb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-12.1_hppa.deb
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-12.1_hppa.deb
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-12.1_hppa.deb
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-12.1_hppa.deb
i386 (Intel ia32):
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-12.1_i386.deb
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12.1_i386.deb
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-12.1_i386.deb
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-12.1_i386.deb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-12.1_i386.deb
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-12.1_i386.deb
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-12.1_i386.deb
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-12.1_i386.deb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-12.1_i386.deb
ia64 (Intel ia64):
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12.1_ia64.deb
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-12.1_ia64.deb
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-12.1_ia64.deb
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-12.1_ia64.deb
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-12.1_ia64.deb
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-12.1_ia64.deb
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-12.1_ia64.deb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-12.1_ia64.deb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-12.1_ia64.deb
mips (MIPS (Big Endian)):
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-12.1_mips.deb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-12.1_mips.deb
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-12.1_mips.deb
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-12.1_mips.deb
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-12.1_mips.deb
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-12.1_mips.deb
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12.1_mips.deb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-12.1_mips.deb
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-12.1_mips.deb
mipsel (MIPS (Little Endian)):
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-12.1_mipsel.deb
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-12.1_mipsel.deb
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-12.1_mipsel.deb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-12.1_mipsel.deb
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12.1_mipsel.deb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-12.1_mipsel.deb
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-12.1_mipsel.deb
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-12.1_mipsel.deb
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-12.1_mipsel.deb
powerpc (PowerPC):
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-12.1_powerpc.deb
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-12.1_powerpc.deb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-12.1_powerpc.deb
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12.1_powerpc.deb
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-12.1_powerpc.deb
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-12.1_powerpc.deb
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-12.1_powerpc.deb
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-12.1_powerpc.deb
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-12.1_powerpc.deb
s390 (IBM S/390):
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12.1_s390.deb
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-12.1_s390.deb
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-12.1_s390.deb
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-12.1_s390.deb
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-12.1_s390.deb
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-12.1_s390.deb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-12.1_s390.deb
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-12.1_s390.deb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-12.1_s390.deb
sparc (Sun SPARC/UltraSPARC):
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-12.1_sparc.deb
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-12.1_sparc.deb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-12.1_sparc.deb
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-12.1_sparc.deb
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-12.1_sparc.deb
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12.1_sparc.deb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-12.1_sparc.deb
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-12.1_sparc.deb
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-12.1_sparc.deb

Las sumas MD5 de los ficheros que se listan están disponibles en el aviso original.