Hoppa över navigering

• Om Debian
• Nyheter
• Få tag på Debian
• Support
• Utvecklarhörnet
• Sidöversikt
• Sök

Säkerhetsbulletin från Debian

DSA-200-1 samba -- fjärrattack

Rapporterat den:

2002-11-22

Berörda paket:

samba

Sårbara:

Ja

Referenser i säkerhetsdatabaser:

I Mitres CVE-förteckning: CVE-2002-1318.

Ytterligare information:

Steve Langasek upptäckte ett fel i lösenordshanteringen i samba som kan utnyttjas: vid översättning från DOS-teckentabell till little endian-UCS2-Unicode kontrollerades inte en buffertlängd vilket gjorde att en buffert kunde spillas. Det finns inget känt sätt att utnyttja detta, men en uppgradering rekommenderas å det bestämdaste.

Detta problem har rättats i version 2.2.3a-12 av Debians sambapaket samt i uppströmsversion 2.2.7.

Rättat i:

Debian GNU/Linux 3.0 (woody)

Källkod:

http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12.dsc

http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a.orig.tar.gz

http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12.diff.gz

Arkitekturoberoende komponent:

http://security.debian.org/pool/updates/main/s/samba/samba-doc_2.2.3a-12_all.deb

alpha (DEC Alpha):

http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-12_alpha.deb

http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-12_alpha.deb

http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-12_alpha.deb

http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-12_alpha.deb

http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-12_alpha.deb

http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-12_alpha.deb

http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-12_alpha.deb

http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-12_alpha.deb

http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12_alpha.deb

arm (ARM):

http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-12_arm.deb

http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-12_arm.deb

http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-12_arm.deb

http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12_arm.deb

http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-12_arm.deb

http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-12_arm.deb

http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-12_arm.deb

http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-12_arm.deb

http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-12_arm.deb

hppa (HP PA RISC):

http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-12_hppa.deb

http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-12_hppa.deb

http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-12_hppa.deb

http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-12_hppa.deb

http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-12_hppa.deb

http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-12_hppa.deb

http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-12_hppa.deb

http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-12_hppa.deb

http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12_hppa.deb

i386 (Intel ia32):

http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-12_i386.deb

http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-12_i386.deb

http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-12_i386.deb

http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-12_i386.deb

http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-12_i386.deb

http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12_i386.deb

http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-12_i386.deb

http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-12_i386.deb

http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-12_i386.deb

ia64 (Intel ia64):

http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-12_ia64.deb

http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-12_ia64.deb

http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-12_ia64.deb

http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12_ia64.deb

http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-12_ia64.deb

http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-12_ia64.deb

http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-12_ia64.deb

http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-12_ia64.deb

http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-12_ia64.deb

powerpc (PowerPC):

http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-12_powerpc.deb

http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-12_powerpc.deb

http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-12_powerpc.deb

http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-12_powerpc.deb

http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-12_powerpc.deb

http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12_powerpc.deb

http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-12_powerpc.deb

http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-12_powerpc.deb

http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-12_powerpc.deb

s390 (IBM S/390):

http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-12_s390.deb

http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-12_s390.deb

http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-12_s390.deb

http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-12_s390.deb

http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-12_s390.deb

http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-12_s390.deb

http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12_s390.deb

http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-12_s390.deb

http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-12_s390.deb

sparc (Sun SPARC/UltraSPARC):

http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12_sparc.deb

http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-12_sparc.deb

http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-12_sparc.deb

http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-12_sparc.deb

http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-12_sparc.deb

http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-12_sparc.deb

http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-12_sparc.deb

http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-12_sparc.deb

http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-12_sparc.deb

MD5-kontrollsummor för dessa filer finns i originalbulletinen.

Denna sida finns även på följande språk:

dansk Deutsch English español français Italiano 日本語 (Nihongo) Português suomi 中文(简) 中文(HK) 中文(繁)

Så ställer du in standardspråkval för dokument