Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2007.0318 -- [RedHat]
Critical: samba security update
15 May 2007
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Samba
Publisher: Red Hat
Operating System: Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 4
Red Hat Enterprise Linux 3
Impact: Execute Arbitrary Code/Commands
Access: Remote/Unauthenticated
CVE Names: CVE-2007-2447 CVE-2007-2446
Ref: AL-2007.0065
Original Bulletin: https://rhn.redhat.com/errata/RHSA-2007-0354.html
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- - ---------------------------------------------------------------------
Red Hat Security Advisory
Synopsis: Critical: samba security update
Advisory ID: RHSA-2007:0354-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0354.html
Issue date: 2007-05-14
Updated on: 2007-05-14
Product: Red Hat Enterprise Linux
CVE Names: CVE-2007-2446 CVE-2007-2447
- - ---------------------------------------------------------------------
1. Summary:
Updated samba packages that fix several security flaws are now available.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64
3. Problem description:
Samba provides file and printer sharing services to SMB/CIFS clients.
Various bugs were found in NDR parsing, used to decode MS-RPC requests in
Samba. A remote attacker could have sent carefully crafted requests
causing a heap overflow, which may have led to the ability to execute
arbitrary code on the server. (CVE-2007-2446)
Unescaped user input parameters were being passed as arguments to /bin/sh.
A remote, authenticated, user could have triggered this flaw and executed
arbitrary code on the server. Additionally, on Red Hat Enterprise Linux 5
only, this flaw could be triggered by a remote unauthenticated user if
Samba was configured to use the non-default "username map script" option.
(CVE-2007-2447)
Users of Samba should upgrade to these packages, which contain backported
patches to correct these issues. After upgrading, Samba should be
restarted using "service smb restart"
On Red Hat Enterprise Linux 5 the impact of these issues is reduced as
Samba is constrained by the default SELinux "targeted" policy.
Red Hat would like to thank the Samba developers, TippingPoint, and
iDefense for reporting these issues.
4. Solution:
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
5. Bug IDs fixed (http://bugzilla.redhat.com/):
239429 - CVE-2007-2446 samba heap overflows
239774 - CVE-2007-2447 samba code injection
6. RPMs required:
Red Hat Enterprise Linux AS (Advanced Server) version 2.1:
SRPMS:
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/samba-2.2.12-1.21as.6.src.rpm
3dfaf7633c62096cbb6b2ea451e07ae6 samba-2.2.12-1.21as.6.src.rpm
i386:
a415e4bdc305d9c7fcba11177ed861bf samba-2.2.12-1.21as.6.i386.rpm
06339ca7476307923876bbb03636d90e samba-client-2.2.12-1.21as.6.i386.rpm
add417c22d3c32f7f0bca5b4802b271f samba-common-2.2.12-1.21as.6.i386.rpm
11d506ca65afbefc0420f3b9a5783814 samba-swat-2.2.12-1.21as.6.i386.rpm
ia64:
31b637a6d25ad619ba102eae0ccf8620 samba-2.2.12-1.21as.6.ia64.rpm
a792f93ff1dc9bfc4b25381c82e0a616 samba-client-2.2.12-1.21as.6.ia64.rpm
b0d16af096ad65ab617c45389beeead9 samba-common-2.2.12-1.21as.6.ia64.rpm
b17ddf7b5166243eb27c5604cff68865 samba-swat-2.2.12-1.21as.6.ia64.rpm
Red Hat Linux Advanced Workstation 2.1:
SRPMS:
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/samba-2.2.12-1.21as.6.src.rpm
3dfaf7633c62096cbb6b2ea451e07ae6 samba-2.2.12-1.21as.6.src.rpm
ia64:
31b637a6d25ad619ba102eae0ccf8620 samba-2.2.12-1.21as.6.ia64.rpm
a792f93ff1dc9bfc4b25381c82e0a616 samba-client-2.2.12-1.21as.6.ia64.rpm
b0d16af096ad65ab617c45389beeead9 samba-common-2.2.12-1.21as.6.ia64.rpm
b17ddf7b5166243eb27c5604cff68865 samba-swat-2.2.12-1.21as.6.ia64.rpm
Red Hat Enterprise Linux ES version 2.1:
SRPMS:
ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/samba-2.2.12-1.21as.6.src.rpm
3dfaf7633c62096cbb6b2ea451e07ae6 samba-2.2.12-1.21as.6.src.rpm
i386:
a415e4bdc305d9c7fcba11177ed861bf samba-2.2.12-1.21as.6.i386.rpm
06339ca7476307923876bbb03636d90e samba-client-2.2.12-1.21as.6.i386.rpm
add417c22d3c32f7f0bca5b4802b271f samba-common-2.2.12-1.21as.6.i386.rpm
11d506ca65afbefc0420f3b9a5783814 samba-swat-2.2.12-1.21as.6.i386.rpm
Red Hat Enterprise Linux WS version 2.1:
SRPMS:
ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/samba-2.2.12-1.21as.6.src.rpm
3dfaf7633c62096cbb6b2ea451e07ae6 samba-2.2.12-1.21as.6.src.rpm
i386:
a415e4bdc305d9c7fcba11177ed861bf samba-2.2.12-1.21as.6.i386.rpm
06339ca7476307923876bbb03636d90e samba-client-2.2.12-1.21as.6.i386.rpm
add417c22d3c32f7f0bca5b4802b271f samba-common-2.2.12-1.21as.6.i386.rpm
11d506ca65afbefc0420f3b9a5783814 samba-swat-2.2.12-1.21as.6.i386.rpm
Red Hat Enterprise Linux AS version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/samba-3.0.9-1.3E.13.2.src.rpm
982e42d0f127c1e2a51d359bf2aab510 samba-3.0.9-1.3E.13.2.src.rpm
i386:
e7d437d661d77847244374ce573d07b3 samba-3.0.9-1.3E.13.2.i386.rpm
30e1deb7d2727a12096470d9b10a7b60 samba-client-3.0.9-1.3E.13.2.i386.rpm
7e20b7db536c690a54e401e5005cba5e samba-common-3.0.9-1.3E.13.2.i386.rpm
740f487a43036d1139226dc1499c8413 samba-debuginfo-3.0.9-1.3E.13.2.i386.rpm
2342172df01567e08801116e47a40af2 samba-swat-3.0.9-1.3E.13.2.i386.rpm
ia64:
e7d437d661d77847244374ce573d07b3 samba-3.0.9-1.3E.13.2.i386.rpm
22b67ca839e791b2e07468263735f8fd samba-3.0.9-1.3E.13.2.ia64.rpm
cf874463566fd13e9d4aa6729cce2043 samba-client-3.0.9-1.3E.13.2.ia64.rpm
7e20b7db536c690a54e401e5005cba5e samba-common-3.0.9-1.3E.13.2.i386.rpm
4e9b9fb15d8abba2321de71ee427fd88 samba-common-3.0.9-1.3E.13.2.ia64.rpm
740f487a43036d1139226dc1499c8413 samba-debuginfo-3.0.9-1.3E.13.2.i386.rpm
bb482cdac05f5f591421875212257fac samba-debuginfo-3.0.9-1.3E.13.2.ia64.rpm
8c87ed3ff37761ad1f7bdffd66b198e5 samba-swat-3.0.9-1.3E.13.2.ia64.rpm
ppc:
d0661ecfb5092640163dff73891bd0fb samba-3.0.9-1.3E.13.2.ppc.rpm
dc4a9e46c05759f0790144e74f9e33cd samba-3.0.9-1.3E.13.2.ppc64.rpm
1758164debb7f5619dbd31e27b6b6cb5 samba-client-3.0.9-1.3E.13.2.ppc.rpm
09fa501fb3cbe8cb5901d60d462f3927 samba-common-3.0.9-1.3E.13.2.ppc.rpm
b139b2bc06b4c92f2d9e26c73b361808 samba-common-3.0.9-1.3E.13.2.ppc64.rpm
96c0ec6ccbadb9405937045054a19634 samba-debuginfo-3.0.9-1.3E.13.2.ppc.rpm
def32e089ec3f9ba9fcced003e6e395b samba-debuginfo-3.0.9-1.3E.13.2.ppc64.rpm
09cedbea1906793f1650e70b05419ba5 samba-swat-3.0.9-1.3E.13.2.ppc.rpm
s390:
a573e76901daef88fa517644b6eebb92 samba-3.0.9-1.3E.13.2.s390.rpm
79fbe78c8d4c284039bf7846a023ff41 samba-client-3.0.9-1.3E.13.2.s390.rpm
bc29c638d1e9c259f081dbcd6a2b7f0d samba-common-3.0.9-1.3E.13.2.s390.rpm
af9ae9cdb1264440f488eba3a596a369 samba-debuginfo-3.0.9-1.3E.13.2.s390.rpm
745225a518433d724587804f267af965 samba-swat-3.0.9-1.3E.13.2.s390.rpm
s390x:
a573e76901daef88fa517644b6eebb92 samba-3.0.9-1.3E.13.2.s390.rpm
7857d7198569f87fd0aca61fbf7c6bf4 samba-3.0.9-1.3E.13.2.s390x.rpm
7ab798f87136f8c9d2faeedd9ee82c43 samba-client-3.0.9-1.3E.13.2.s390x.rpm
bc29c638d1e9c259f081dbcd6a2b7f0d samba-common-3.0.9-1.3E.13.2.s390.rpm
a79979f7c402fd74c080282b1f6736e8 samba-common-3.0.9-1.3E.13.2.s390x.rpm
af9ae9cdb1264440f488eba3a596a369 samba-debuginfo-3.0.9-1.3E.13.2.s390.rpm
aec7f48e5a3231fd30a5cc3f02986a05 samba-debuginfo-3.0.9-1.3E.13.2.s390x.rpm
df29535bfafaa3add4f6250769498d83 samba-swat-3.0.9-1.3E.13.2.s390x.rpm
x86_64:
e7d437d661d77847244374ce573d07b3 samba-3.0.9-1.3E.13.2.i386.rpm
4a46067c8dff497d69702c7eda0cbe05 samba-3.0.9-1.3E.13.2.x86_64.rpm
65b901c4b299ecfbad96aa0d6b0da3ad samba-client-3.0.9-1.3E.13.2.x86_64.rpm
7e20b7db536c690a54e401e5005cba5e samba-common-3.0.9-1.3E.13.2.i386.rpm
b1ad6c4b6b2432f85881dd9ef60da038 samba-common-3.0.9-1.3E.13.2.x86_64.rpm
740f487a43036d1139226dc1499c8413 samba-debuginfo-3.0.9-1.3E.13.2.i386.rpm
97ff40a8239619542376bfd587117ee6 samba-debuginfo-3.0.9-1.3E.13.2.x86_64.rpm
749a56352137efe67190f48130c635b4 samba-swat-3.0.9-1.3E.13.2.x86_64.rpm
Red Hat Desktop version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/samba-3.0.9-1.3E.13.2.src.rpm
982e42d0f127c1e2a51d359bf2aab510 samba-3.0.9-1.3E.13.2.src.rpm
i386:
e7d437d661d77847244374ce573d07b3 samba-3.0.9-1.3E.13.2.i386.rpm
30e1deb7d2727a12096470d9b10a7b60 samba-client-3.0.9-1.3E.13.2.i386.rpm
7e20b7db536c690a54e401e5005cba5e samba-common-3.0.9-1.3E.13.2.i386.rpm
740f487a43036d1139226dc1499c8413 samba-debuginfo-3.0.9-1.3E.13.2.i386.rpm
2342172df01567e08801116e47a40af2 samba-swat-3.0.9-1.3E.13.2.i386.rpm
x86_64:
e7d437d661d77847244374ce573d07b3 samba-3.0.9-1.3E.13.2.i386.rpm
4a46067c8dff497d69702c7eda0cbe05 samba-3.0.9-1.3E.13.2.x86_64.rpm
65b901c4b299ecfbad96aa0d6b0da3ad samba-client-3.0.9-1.3E.13.2.x86_64.rpm
7e20b7db536c690a54e401e5005cba5e samba-common-3.0.9-1.3E.13.2.i386.rpm
b1ad6c4b6b2432f85881dd9ef60da038 samba-common-3.0.9-1.3E.13.2.x86_64.rpm
740f487a43036d1139226dc1499c8413 samba-debuginfo-3.0.9-1.3E.13.2.i386.rpm
97ff40a8239619542376bfd587117ee6 samba-debuginfo-3.0.9-1.3E.13.2.x86_64.rpm
749a56352137efe67190f48130c635b4 samba-swat-3.0.9-1.3E.13.2.x86_64.rpm
Red Hat Enterprise Linux ES version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/samba-3.0.9-1.3E.13.2.src.rpm
982e42d0f127c1e2a51d359bf2aab510 samba-3.0.9-1.3E.13.2.src.rpm
i386:
e7d437d661d77847244374ce573d07b3 samba-3.0.9-1.3E.13.2.i386.rpm
30e1deb7d2727a12096470d9b10a7b60 samba-client-3.0.9-1.3E.13.2.i386.rpm
7e20b7db536c690a54e401e5005cba5e samba-common-3.0.9-1.3E.13.2.i386.rpm
740f487a43036d1139226dc1499c8413 samba-debuginfo-3.0.9-1.3E.13.2.i386.rpm
2342172df01567e08801116e47a40af2 samba-swat-3.0.9-1.3E.13.2.i386.rpm
ia64:
e7d437d661d77847244374ce573d07b3 samba-3.0.9-1.3E.13.2.i386.rpm
22b67ca839e791b2e07468263735f8fd samba-3.0.9-1.3E.13.2.ia64.rpm
cf874463566fd13e9d4aa6729cce2043 samba-client-3.0.9-1.3E.13.2.ia64.rpm
7e20b7db536c690a54e401e5005cba5e samba-common-3.0.9-1.3E.13.2.i386.rpm
4e9b9fb15d8abba2321de71ee427fd88 samba-common-3.0.9-1.3E.13.2.ia64.rpm
740f487a43036d1139226dc1499c8413 samba-debuginfo-3.0.9-1.3E.13.2.i386.rpm
bb482cdac05f5f591421875212257fac samba-debuginfo-3.0.9-1.3E.13.2.ia64.rpm
8c87ed3ff37761ad1f7bdffd66b198e5 samba-swat-3.0.9-1.3E.13.2.ia64.rpm
x86_64:
e7d437d661d77847244374ce573d07b3 samba-3.0.9-1.3E.13.2.i386.rpm
4a46067c8dff497d69702c7eda0cbe05 samba-3.0.9-1.3E.13.2.x86_64.rpm
65b901c4b299ecfbad96aa0d6b0da3ad samba-client-3.0.9-1.3E.13.2.x86_64.rpm
7e20b7db536c690a54e401e5005cba5e samba-common-3.0.9-1.3E.13.2.i386.rpm
b1ad6c4b6b2432f85881dd9ef60da038 samba-common-3.0.9-1.3E.13.2.x86_64.rpm
740f487a43036d1139226dc1499c8413 samba-debuginfo-3.0.9-1.3E.13.2.i386.rpm
97ff40a8239619542376bfd587117ee6 samba-debuginfo-3.0.9-1.3E.13.2.x86_64.rpm
749a56352137efe67190f48130c635b4 samba-swat-3.0.9-1.3E.13.2.x86_64.rpm
Red Hat Enterprise Linux WS version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/samba-3.0.9-1.3E.13.2.src.rpm
982e42d0f127c1e2a51d359bf2aab510 samba-3.0.9-1.3E.13.2.src.rpm
i386:
e7d437d661d77847244374ce573d07b3 samba-3.0.9-1.3E.13.2.i386.rpm
30e1deb7d2727a12096470d9b10a7b60 samba-client-3.0.9-1.3E.13.2.i386.rpm
7e20b7db536c690a54e401e5005cba5e samba-common-3.0.9-1.3E.13.2.i386.rpm
740f487a43036d1139226dc1499c8413 samba-debuginfo-3.0.9-1.3E.13.2.i386.rpm
2342172df01567e08801116e47a40af2 samba-swat-3.0.9-1.3E.13.2.i386.rpm
ia64:
e7d437d661d77847244374ce573d07b3 samba-3.0.9-1.3E.13.2.i386.rpm
22b67ca839e791b2e07468263735f8fd samba-3.0.9-1.3E.13.2.ia64.rpm
cf874463566fd13e9d4aa6729cce2043 samba-client-3.0.9-1.3E.13.2.ia64.rpm
7e20b7db536c690a54e401e5005cba5e samba-common-3.0.9-1.3E.13.2.i386.rpm
4e9b9fb15d8abba2321de71ee427fd88 samba-common-3.0.9-1.3E.13.2.ia64.rpm
740f487a43036d1139226dc1499c8413 samba-debuginfo-3.0.9-1.3E.13.2.i386.rpm
bb482cdac05f5f591421875212257fac samba-debuginfo-3.0.9-1.3E.13.2.ia64.rpm
8c87ed3ff37761ad1f7bdffd66b198e5 samba-swat-3.0.9-1.3E.13.2.ia64.rpm
x86_64:
e7d437d661d77847244374ce573d07b3 samba-3.0.9-1.3E.13.2.i386.rpm
4a46067c8dff497d69702c7eda0cbe05 samba-3.0.9-1.3E.13.2.x86_64.rpm
65b901c4b299ecfbad96aa0d6b0da3ad samba-client-3.0.9-1.3E.13.2.x86_64.rpm
7e20b7db536c690a54e401e5005cba5e samba-common-3.0.9-1.3E.13.2.i386.rpm
b1ad6c4b6b2432f85881dd9ef60da038 samba-common-3.0.9-1.3E.13.2.x86_64.rpm
740f487a43036d1139226dc1499c8413 samba-debuginfo-3.0.9-1.3E.13.2.i386.rpm
97ff40a8239619542376bfd587117ee6 samba-debuginfo-3.0.9-1.3E.13.2.x86_64.rpm
749a56352137efe67190f48130c635b4 samba-swat-3.0.9-1.3E.13.2.x86_64.rpm
Red Hat Enterprise Linux AS version 4:
SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/samba-3.0.10-1.4E.12.2.src.rpm
b90a07617c1ae7cda06c8fd1c401a86b samba-3.0.10-1.4E.12.2.src.rpm
i386:
7435378a0da4e6fefc25cd32ca98c420 samba-3.0.10-1.4E.12.2.i386.rpm
e02a0419ba712c830966251f1aefab87 samba-client-3.0.10-1.4E.12.2.i386.rpm
0882e627ac4726f3721413f7ac39ad16 samba-common-3.0.10-1.4E.12.2.i386.rpm
6310d291a2a11bf363499d6cbe1cbd93 samba-debuginfo-3.0.10-1.4E.12.2.i386.rpm
68f98ab48675522470b57016d8b1083d samba-swat-3.0.10-1.4E.12.2.i386.rpm
ia64:
17b7cca2b119f3ebb8021e9a6ecd1c38 samba-3.0.10-1.4E.12.2.ia64.rpm
021be072613b0e6e4b16adf989c96ffe samba-client-3.0.10-1.4E.12.2.ia64.rpm
0882e627ac4726f3721413f7ac39ad16 samba-common-3.0.10-1.4E.12.2.i386.rpm
e33573d0319519c0e132f8d215eb5586 samba-common-3.0.10-1.4E.12.2.ia64.rpm
6310d291a2a11bf363499d6cbe1cbd93 samba-debuginfo-3.0.10-1.4E.12.2.i386.rpm
b804f93bfa439c81994eeb7229486d31 samba-debuginfo-3.0.10-1.4E.12.2.ia64.rpm
ae50702e239296a7c569307f45bbf62c samba-swat-3.0.10-1.4E.12.2.ia64.rpm
ppc:
17d3e7bd2f1e31f50bd182da04e6d35d samba-3.0.10-1.4E.12.2.ppc.rpm
c2ca3fa1e06b6b087bc966e2f646478d samba-client-3.0.10-1.4E.12.2.ppc.rpm
e3c3659c1c0e4b753084d5d407e0432d samba-common-3.0.10-1.4E.12.2.ppc.rpm
197cbae8c03bdcb90b088429f6bfd267 samba-common-3.0.10-1.4E.12.2.ppc64.rpm
15f06d1091df37b58bcf2ab80449d902 samba-debuginfo-3.0.10-1.4E.12.2.ppc.rpm
b6919c9ddf4eb7776b5c590a8740c404 samba-debuginfo-3.0.10-1.4E.12.2.ppc64.rpm
a4303d4df84d5418e21cb66ddf0defbe samba-swat-3.0.10-1.4E.12.2.ppc.rpm
s390:
e378501ed9bc2cf94c7a407033f8c634 samba-3.0.10-1.4E.12.2.s390.rpm
f8acfc278298f8f04773dd2f25736480 samba-client-3.0.10-1.4E.12.2.s390.rpm
43b55dfa0205315a8ebf227c7878279e samba-common-3.0.10-1.4E.12.2.s390.rpm
e5e71784d27775d76a17a519b7172004 samba-debuginfo-3.0.10-1.4E.12.2.s390.rpm
03d7eb03d1dcf3f576135f6875544f04 samba-swat-3.0.10-1.4E.12.2.s390.rpm
s390x:
fd9d9175143671e65d76a155b2994948 samba-3.0.10-1.4E.12.2.s390x.rpm
fcf6be6e4caa35ace28417efa475a200 samba-client-3.0.10-1.4E.12.2.s390x.rpm
43b55dfa0205315a8ebf227c7878279e samba-common-3.0.10-1.4E.12.2.s390.rpm
6676694e961d18f45bde34fb6ccadb0d samba-common-3.0.10-1.4E.12.2.s390x.rpm
e5e71784d27775d76a17a519b7172004 samba-debuginfo-3.0.10-1.4E.12.2.s390.rpm
cbbedbf178ffbfcd7d5290a66e54d4df samba-debuginfo-3.0.10-1.4E.12.2.s390x.rpm
b8b4f91c8675f1dea90d8aadf59b977f samba-swat-3.0.10-1.4E.12.2.s390x.rpm
x86_64:
aac9eddb33bf62ea02eca4d62a81ea83 samba-3.0.10-1.4E.12.2.x86_64.rpm
22ab3dfa5a8ef4856aa44e303d55432c samba-client-3.0.10-1.4E.12.2.x86_64.rpm
0882e627ac4726f3721413f7ac39ad16 samba-common-3.0.10-1.4E.12.2.i386.rpm
106c787142b47e414f6407ca157900e7 samba-common-3.0.10-1.4E.12.2.x86_64.rpm
6310d291a2a11bf363499d6cbe1cbd93 samba-debuginfo-3.0.10-1.4E.12.2.i386.rpm
da2cfb9f246b56170834a8d10fa79092 samba-debuginfo-3.0.10-1.4E.12.2.x86_64.rpm
b41891d4abe6ca0a83397f58aba9227c samba-swat-3.0.10-1.4E.12.2.x86_64.rpm
Red Hat Enterprise Linux Desktop version 4:
SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/samba-3.0.10-1.4E.12.2.src.rpm
b90a07617c1ae7cda06c8fd1c401a86b samba-3.0.10-1.4E.12.2.src.rpm
i386:
7435378a0da4e6fefc25cd32ca98c420 samba-3.0.10-1.4E.12.2.i386.rpm
e02a0419ba712c830966251f1aefab87 samba-client-3.0.10-1.4E.12.2.i386.rpm
0882e627ac4726f3721413f7ac39ad16 samba-common-3.0.10-1.4E.12.2.i386.rpm
6310d291a2a11bf363499d6cbe1cbd93 samba-debuginfo-3.0.10-1.4E.12.2.i386.rpm
68f98ab48675522470b57016d8b1083d samba-swat-3.0.10-1.4E.12.2.i386.rpm
x86_64:
aac9eddb33bf62ea02eca4d62a81ea83 samba-3.0.10-1.4E.12.2.x86_64.rpm
22ab3dfa5a8ef4856aa44e303d55432c samba-client-3.0.10-1.4E.12.2.x86_64.rpm
0882e627ac4726f3721413f7ac39ad16 samba-common-3.0.10-1.4E.12.2.i386.rpm
106c787142b47e414f6407ca157900e7 samba-common-3.0.10-1.4E.12.2.x86_64.rpm
6310d291a2a11bf363499d6cbe1cbd93 samba-debuginfo-3.0.10-1.4E.12.2.i386.rpm
da2cfb9f246b56170834a8d10fa79092 samba-debuginfo-3.0.10-1.4E.12.2.x86_64.rpm
b41891d4abe6ca0a83397f58aba9227c samba-swat-3.0.10-1.4E.12.2.x86_64.rpm
Red Hat Enterprise Linux ES version 4:
SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/samba-3.0.10-1.4E.12.2.src.rpm
b90a07617c1ae7cda06c8fd1c401a86b samba-3.0.10-1.4E.12.2.src.rpm
i386:
7435378a0da4e6fefc25cd32ca98c420 samba-3.0.10-1.4E.12.2.i386.rpm
e02a0419ba712c830966251f1aefab87 samba-client-3.0.10-1.4E.12.2.i386.rpm
0882e627ac4726f3721413f7ac39ad16 samba-common-3.0.10-1.4E.12.2.i386.rpm
6310d291a2a11bf363499d6cbe1cbd93 samba-debuginfo-3.0.10-1.4E.12.2.i386.rpm
68f98ab48675522470b57016d8b1083d samba-swat-3.0.10-1.4E.12.2.i386.rpm
ia64:
17b7cca2b119f3ebb8021e9a6ecd1c38 samba-3.0.10-1.4E.12.2.ia64.rpm
021be072613b0e6e4b16adf989c96ffe samba-client-3.0.10-1.4E.12.2.ia64.rpm
0882e627ac4726f3721413f7ac39ad16 samba-common-3.0.10-1.4E.12.2.i386.rpm
e33573d0319519c0e132f8d215eb5586 samba-common-3.0.10-1.4E.12.2.ia64.rpm
6310d291a2a11bf363499d6cbe1cbd93 samba-debuginfo-3.0.10-1.4E.12.2.i386.rpm
b804f93bfa439c81994eeb7229486d31 samba-debuginfo-3.0.10-1.4E.12.2.ia64.rpm
ae50702e239296a7c569307f45bbf62c samba-swat-3.0.10-1.4E.12.2.ia64.rpm
x86_64:
aac9eddb33bf62ea02eca4d62a81ea83 samba-3.0.10-1.4E.12.2.x86_64.rpm
22ab3dfa5a8ef4856aa44e303d55432c samba-client-3.0.10-1.4E.12.2.x86_64.rpm
0882e627ac4726f3721413f7ac39ad16 samba-common-3.0.10-1.4E.12.2.i386.rpm
106c787142b47e414f6407ca157900e7 samba-common-3.0.10-1.4E.12.2.x86_64.rpm
6310d291a2a11bf363499d6cbe1cbd93 samba-debuginfo-3.0.10-1.4E.12.2.i386.rpm
da2cfb9f246b56170834a8d10fa79092 samba-debuginfo-3.0.10-1.4E.12.2.x86_64.rpm
b41891d4abe6ca0a83397f58aba9227c samba-swat-3.0.10-1.4E.12.2.x86_64.rpm
Red Hat Enterprise Linux WS version 4:
SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/samba-3.0.10-1.4E.12.2.src.rpm
b90a07617c1ae7cda06c8fd1c401a86b samba-3.0.10-1.4E.12.2.src.rpm
i386:
7435378a0da4e6fefc25cd32ca98c420 samba-3.0.10-1.4E.12.2.i386.rpm
e02a0419ba712c830966251f1aefab87 samba-client-3.0.10-1.4E.12.2.i386.rpm
0882e627ac4726f3721413f7ac39ad16 samba-common-3.0.10-1.4E.12.2.i386.rpm
6310d291a2a11bf363499d6cbe1cbd93 samba-debuginfo-3.0.10-1.4E.12.2.i386.rpm
68f98ab48675522470b57016d8b1083d samba-swat-3.0.10-1.4E.12.2.i386.rpm
ia64:
17b7cca2b119f3ebb8021e9a6ecd1c38 samba-3.0.10-1.4E.12.2.ia64.rpm
021be072613b0e6e4b16adf989c96ffe samba-client-3.0.10-1.4E.12.2.ia64.rpm
0882e627ac4726f3721413f7ac39ad16 samba-common-3.0.10-1.4E.12.2.i386.rpm
e33573d0319519c0e132f8d215eb5586 samba-common-3.0.10-1.4E.12.2.ia64.rpm
6310d291a2a11bf363499d6cbe1cbd93 samba-debuginfo-3.0.10-1.4E.12.2.i386.rpm
b804f93bfa439c81994eeb7229486d31 samba-debuginfo-3.0.10-1.4E.12.2.ia64.rpm
ae50702e239296a7c569307f45bbf62c samba-swat-3.0.10-1.4E.12.2.ia64.rpm
x86_64:
aac9eddb33bf62ea02eca4d62a81ea83 samba-3.0.10-1.4E.12.2.x86_64.rpm
22ab3dfa5a8ef4856aa44e303d55432c samba-client-3.0.10-1.4E.12.2.x86_64.rpm
0882e627ac4726f3721413f7ac39ad16 samba-common-3.0.10-1.4E.12.2.i386.rpm
106c787142b47e414f6407ca157900e7 samba-common-3.0.10-1.4E.12.2.x86_64.rpm
6310d291a2a11bf363499d6cbe1cbd93 samba-debuginfo-3.0.10-1.4E.12.2.i386.rpm
da2cfb9f246b56170834a8d10fa79092 samba-debuginfo-3.0.10-1.4E.12.2.x86_64.rpm
b41891d4abe6ca0a83397f58aba9227c samba-swat-3.0.10-1.4E.12.2.x86_64.rpm
Red Hat Enterprise Linux Desktop (v. 5 client):
SRPMS:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/samba-3.0.23c-2.el5.2.0.2.src.rpm
8e1a296d8566dae75e8d40aa0160d5f2 samba-3.0.23c-2.el5.2.0.2.src.rpm
i386:
cef591be0ed9983a5dde43783de017a2 samba-3.0.23c-2.el5.2.0.2.i386.rpm
9e5cc687c3fb11f45fbe1dbdb71406e6 samba-client-3.0.23c-2.el5.2.0.2.i386.rpm
b54f4204f604bbf9c9b6b0526b4ae7d5 samba-common-3.0.23c-2.el5.2.0.2.i386.rpm
618157bd0d4240d8494f690eea37327d samba-debuginfo-3.0.23c-2.el5.2.0.2.i386.rpm
31cdf6cd059cd109cfdaa634b3f0bfa8 samba-swat-3.0.23c-2.el5.2.0.2.i386.rpm
x86_64:
733a8c0a9faeb09cc4916d8fa0353d4b samba-3.0.23c-2.el5.2.0.2.x86_64.rpm
1830a5c21f9c53c5e8896d4a127ec269 samba-client-3.0.23c-2.el5.2.0.2.x86_64.rpm
b54f4204f604bbf9c9b6b0526b4ae7d5 samba-common-3.0.23c-2.el5.2.0.2.i386.rpm
bfb1b87a4a5ab783801e6c683ce9c133 samba-common-3.0.23c-2.el5.2.0.2.x86_64.rpm
618157bd0d4240d8494f690eea37327d samba-debuginfo-3.0.23c-2.el5.2.0.2.i386.rpm
c2b9828eea8e4005ac0a3134c3893202 samba-debuginfo-3.0.23c-2.el5.2.0.2.x86_64.rpm
20d6e756463ee11f7cbe3dee32fcb6ae samba-swat-3.0.23c-2.el5.2.0.2.x86_64.rpm
Red Hat Enterprise Linux (v. 5 server):
SRPMS:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/samba-3.0.23c-2.el5.2.0.2.src.rpm
8e1a296d8566dae75e8d40aa0160d5f2 samba-3.0.23c-2.el5.2.0.2.src.rpm
i386:
cef591be0ed9983a5dde43783de017a2 samba-3.0.23c-2.el5.2.0.2.i386.rpm
9e5cc687c3fb11f45fbe1dbdb71406e6 samba-client-3.0.23c-2.el5.2.0.2.i386.rpm
b54f4204f604bbf9c9b6b0526b4ae7d5 samba-common-3.0.23c-2.el5.2.0.2.i386.rpm
618157bd0d4240d8494f690eea37327d samba-debuginfo-3.0.23c-2.el5.2.0.2.i386.rpm
31cdf6cd059cd109cfdaa634b3f0bfa8 samba-swat-3.0.23c-2.el5.2.0.2.i386.rpm
ia64:
6640df487d950057b887e4e525a5b150 samba-3.0.23c-2.el5.2.0.2.ia64.rpm
18095e583ad32c0ec96cff89ddd64a8a samba-client-3.0.23c-2.el5.2.0.2.ia64.rpm
e1743d2bdb09e388afb2e93a37f08958 samba-common-3.0.23c-2.el5.2.0.2.ia64.rpm
4fa82910391477cf79c3dff58a99934d samba-debuginfo-3.0.23c-2.el5.2.0.2.ia64.rpm
6b5267744596369b64bfcb335d05b6ac samba-swat-3.0.23c-2.el5.2.0.2.ia64.rpm
ppc:
bcc392ea02e385e96963d64ee6c63fde samba-3.0.23c-2.el5.2.0.2.ppc.rpm
b7e67ddb5b60c0fb76b5a97f7b869162 samba-client-3.0.23c-2.el5.2.0.2.ppc.rpm
b61cfc322dfa21df175fdc370f103663 samba-common-3.0.23c-2.el5.2.0.2.ppc.rpm
2bb447da9c6114947e229f98ea558900 samba-common-3.0.23c-2.el5.2.0.2.ppc64.rpm
6a83fbe7b719669147dff6582d2b5afb samba-debuginfo-3.0.23c-2.el5.2.0.2.ppc.rpm
f8fd74e9f3f54512084d5860a115e6d5 samba-debuginfo-3.0.23c-2.el5.2.0.2.ppc64.rpm
43f487065627e1e120d3f2dc7fdb98fb samba-swat-3.0.23c-2.el5.2.0.2.ppc.rpm
s390x:
3d48ed61ab7abd6181f9e822b1d58ea4 samba-3.0.23c-2.el5.2.0.2.s390x.rpm
fab37746befc18a39d84baf089b19301 samba-client-3.0.23c-2.el5.2.0.2.s390x.rpm
ff2d26620f467b4a9b02d69fae96c0f6 samba-common-3.0.23c-2.el5.2.0.2.s390.rpm
f275e639f20e64b507b45e6efd09ea42 samba-common-3.0.23c-2.el5.2.0.2.s390x.rpm
8d5e5746cd2b8f99380415fe749535f9 samba-debuginfo-3.0.23c-2.el5.2.0.2.s390.rpm
bb09432c064db03b01cc7b397b29dc21 samba-debuginfo-3.0.23c-2.el5.2.0.2.s390x.rpm
44dc729eb4fe39d229caeb2f944f7a62 samba-swat-3.0.23c-2.el5.2.0.2.s390x.rpm
x86_64:
733a8c0a9faeb09cc4916d8fa0353d4b samba-3.0.23c-2.el5.2.0.2.x86_64.rpm
1830a5c21f9c53c5e8896d4a127ec269 samba-client-3.0.23c-2.el5.2.0.2.x86_64.rpm
b54f4204f604bbf9c9b6b0526b4ae7d5 samba-common-3.0.23c-2.el5.2.0.2.i386.rpm
bfb1b87a4a5ab783801e6c683ce9c133 samba-common-3.0.23c-2.el5.2.0.2.x86_64.rpm
618157bd0d4240d8494f690eea37327d samba-debuginfo-3.0.23c-2.el5.2.0.2.i386.rpm
c2b9828eea8e4005ac0a3134c3893202 samba-debuginfo-3.0.23c-2.el5.2.0.2.x86_64.rpm
20d6e756463ee11f7cbe3dee32fcb6ae samba-swat-3.0.23c-2.el5.2.0.2.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package
7. References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2446
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2447
http://www.samba.org/samba/security/CVE-2007-2447.html
http://www.samba.org/samba/security/CVE-2007-2446.html
http://www.redhat.com/security/updates/classification/#critical
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/
Copyright 2007 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFGSH6bXlSAg2UNWIIRAkIvAJ97nu4wJsyNZjPddoOQbfDF4q73vgCgj2YH
783TzclOtLcX+wfiY9Qwjeo=
=8TZv
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBRkkw/ih9+71yA2DNAQLkXgP+Lr14cl5uiNeWg+aaksgqyP6AbiGOSJrF
mFuJqDamvM34I0uNsInrzh/sfIkU1YsnSwampctt+XxGuYU/+n6mSqZT5GUWFljL
St8tuCANfi3Odsdz7hjXC7IisxJxqNWSBP9a/oD8dzdp+getMb313ZLfwaHMs9kI
Vq6+FIR5vvk=
=SJiP
-----END PGP SIGNATURE-----