Spring navigering over

• Om Debian
• Nyheder
• Få fat i Debian
• Support
• Udviklerhjørnet
• Sideoversigt
• Søg

Debians sikkerhedsbulletin

DSA-200-1 samba -- fjernudnyttelse

Rapporteret den:

22. nov 2002

Berørte pakker:

samba

Sårbar:

Ja

Referencer i sikkerhedsdatabaser:

I Mitres CVE-ordbog: CVE-2002-1318.

Yderligere oplysninger:

Steve Langasek har fundet en fejl i koden til håndtering adgangskoder i samba, som kan udnyttes: når der konverteres fra en DOS-codepage til little endian UCS2 unicode, kontrolleredes en bufferlængde ikke og en buffer kunne løbe over. Der er ingen kendte udnyttelser af dette, men det anbefales kraftigt at opgradere.

Dette problem er rettet i version 2.2.3a-12 af Debians samba-pakke og opstrøms 2.2.7.

Rettet i:

Debian GNU/Linux 3.0 (woody)

Kildekode:

http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12.dsc

http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a.orig.tar.gz

http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12.diff.gz

Arkitekturuafhængig komponent:

http://security.debian.org/pool/updates/main/s/samba/samba-doc_2.2.3a-12_all.deb

alpha (DEC Alpha):

http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-12_alpha.deb

http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-12_alpha.deb

http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-12_alpha.deb

http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-12_alpha.deb

http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-12_alpha.deb

http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-12_alpha.deb

http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-12_alpha.deb

http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-12_alpha.deb

http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12_alpha.deb

arm (ARM):

http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-12_arm.deb

http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-12_arm.deb

http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-12_arm.deb

http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12_arm.deb

http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-12_arm.deb

http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-12_arm.deb

http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-12_arm.deb

http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-12_arm.deb

http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-12_arm.deb

hppa (HP PA RISC):

http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-12_hppa.deb

http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-12_hppa.deb

http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-12_hppa.deb

http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-12_hppa.deb

http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-12_hppa.deb

http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-12_hppa.deb

http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-12_hppa.deb

http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-12_hppa.deb

http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12_hppa.deb

i386 (Intel ia32):

http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-12_i386.deb

http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-12_i386.deb

http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-12_i386.deb

http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-12_i386.deb

http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-12_i386.deb

http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12_i386.deb

http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-12_i386.deb

http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-12_i386.deb

http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-12_i386.deb

ia64 (Intel ia64):

http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-12_ia64.deb

http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-12_ia64.deb

http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-12_ia64.deb

http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12_ia64.deb

http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-12_ia64.deb

http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-12_ia64.deb

http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-12_ia64.deb

http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-12_ia64.deb

http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-12_ia64.deb

powerpc (PowerPC):

http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-12_powerpc.deb

http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-12_powerpc.deb

http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-12_powerpc.deb

http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-12_powerpc.deb

http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-12_powerpc.deb

http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12_powerpc.deb

http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-12_powerpc.deb

http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-12_powerpc.deb

http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-12_powerpc.deb

s390 (IBM S/390):

http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-12_s390.deb

http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-12_s390.deb

http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-12_s390.deb

http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-12_s390.deb

http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-12_s390.deb

http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-12_s390.deb

http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12_s390.deb

http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-12_s390.deb

http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-12_s390.deb

sparc (Sun SPARC/UltraSPARC):

http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12_sparc.deb

http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-12_sparc.deb

http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-12_sparc.deb

http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-12_sparc.deb

http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-12_sparc.deb

http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-12_sparc.deb

http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-12_sparc.deb

http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-12_sparc.deb

http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-12_sparc.deb

MD5-kontrolsummer for de listede filer findes i den originale sikkerhedsbulletin.

Denne side findes også på følgende sprog:

Deutsch English español français Italiano 日本語 (Nihongo) Português suomi svenska 中文(简) 中文(HK) 中文(繁)

Sådan opsætter du standardsprogvalg for dokumenter