what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Ubuntu Security Notice 460-2

Ubuntu Security Notice 460-2
Posted May 23, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 460-2 - USN-460-1 fixed several vulnerabilities in Samba. The upstream changes for CVE-2007-2444 had an unexpected side-effect in Feisty. Shares configured with the "force group" option no longer behaved correctly.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2007-2444
SHA-256 | ca0598a357569fce6ff669d7a3d77867c42650072d28dcc5457252e477124a60
Download | Favorite | View

Ubuntu Security Notice 460-2

Change Mirror Download
=========================================================== 
Ubuntu Security Notice USN-460-2               May 22, 2007
samba regression
http://bugs.debian.org/424629
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 7.04

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 7.04:
  samba                                    3.0.24-2ubuntu1.2

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

USN-460-1 fixed several vulnerabilities in Samba.  The upstream changes 
for CVE-2007-2444 had an unexpected side-effect in Feisty.  Shares 
configured with the "force group" option no longer behaved correctly.  
This update corrects the problem.  We apologize for the inconvenience.

Original advisory details:

 Paul Griffith and Andrew Hogue discovered that Samba did not fully drop 
 root privileges while translating SIDs. A remote authenticated user 
 could issue SMB operations during a small window of opportunity and gain 
 root privileges.  (CVE-2007-2444)


Updated packages for Ubuntu 7.04:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.24-2ubuntu1.2.diff.gz
      Size/MD5:   212153 6da96c74db7d1c09e641a152f8ee45e1
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.24-2ubuntu1.2.dsc
      Size/MD5:     1491 1a52756b8bbb47f02c26fde99a9bb4ce
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.24.orig.tar.gz
      Size/MD5: 17708128 89273f67a6d8067cbbecefaa13747153

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-doc-pdf_3.0.24-2ubuntu1.2_all.deb
      Size/MD5:  6602776 f1ed1988f3c100b7fcee8cf79382111f
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-doc_3.0.24-2ubuntu1.2_all.deb
      Size/MD5:  6917070 34730228bbe70c548b9cc79076f5a90d

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libpam-smbpass_3.0.24-2ubuntu1.2_amd64.deb
      Size/MD5:   481854 ee8f1b1fbb9ddfcf17159ef2a13cd4d6
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.0.24-2ubuntu1.2_amd64.deb
      Size/MD5:   116060 ef8a65e691ac3bc3cdc217d251d98c06
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.0.24-2ubuntu1.2_amd64.deb
      Size/MD5:   868206 9ce9c5d75e3f5892bc942f9e791afbff
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/python-samba_3.0.24-2ubuntu1.2_amd64.deb
      Size/MD5:  6498044 a0daa795e35041c14e02ca111f853cb4
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.0.24-2ubuntu1.2_amd64.deb
      Size/MD5:  2691028 4895ca74acde997d07cdf39548f4d805
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-dbg_3.0.24-2ubuntu1.2_amd64.deb
      Size/MD5: 12259246 d5c64e437db85e4f5bfb4b02f0169c22
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.24-2ubuntu1.2_amd64.deb
      Size/MD5:  3757146 15dff197838e3bbee6baf66044614fc4
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.0.24-2ubuntu1.2_amd64.deb
      Size/MD5:  4515276 997576caa9efe64f1e7133b63c2209fd
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.0.24-2ubuntu1.2_amd64.deb
      Size/MD5:   479278 efb4d101652daeb2c0694e4789242d52
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/swat_3.0.24-2ubuntu1.2_amd64.deb
      Size/MD5:   903766 be129c5939f7587c589e0e8bd19c0d2f
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/winbind_3.0.24-2ubuntu1.2_amd64.deb
      Size/MD5:  2164682 9a72462741f78fcecb5231ebbc4fa728

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libpam-smbpass_3.0.24-2ubuntu1.2_i386.deb
      Size/MD5:   435404 61bed726d70a5da7b415287b65ea879e
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.0.24-2ubuntu1.2_i386.deb
      Size/MD5:   116068 b1b17947b46671789d3e65f444aa85ff
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.0.24-2ubuntu1.2_i386.deb
      Size/MD5:   793818 042c7cd1cb0d6be9c6b2b041c0462107
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/python-samba_3.0.24-2ubuntu1.2_i386.deb
      Size/MD5:  5907188 069670d6e0d21aae088efbad12e60974
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.0.24-2ubuntu1.2_i386.deb
      Size/MD5:  2437476 fe052cc018a5c926b4ece39f7fe60904
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-dbg_3.0.24-2ubuntu1.2_i386.deb
      Size/MD5: 11858394 c452ee109a0b3d939eae2936e21880e0
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.24-2ubuntu1.2_i386.deb
      Size/MD5:  3341020 3ce55f95e53074e863f3cae5ced65516
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.0.24-2ubuntu1.2_i386.deb
      Size/MD5:  4015590 e75fbb06c321388db89d606e4683c88f
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.0.24-2ubuntu1.2_i386.deb
      Size/MD5:   426918 1d88ff8f4cd252ebf84a91832ae69923
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/swat_3.0.24-2ubuntu1.2_i386.deb
      Size/MD5:   819738 fbd463381a1086b97507501587b15d06
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/winbind_3.0.24-2ubuntu1.2_i386.deb
      Size/MD5:  1924906 76636feed1ebc02974a81c8d792eaccc

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libpam-smbpass_3.0.24-2ubuntu1.2_powerpc.deb
      Size/MD5:   477712 077c3c5fb3684e84de52c0679bf95ba8
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.0.24-2ubuntu1.2_powerpc.deb
      Size/MD5:   116064 285cbcff21f77ec169ba95b3fd8f04b1
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.0.24-2ubuntu1.2_powerpc.deb
      Size/MD5:   859006 328330da8f556219f969782b73a05d55
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/python-samba_3.0.24-2ubuntu1.2_powerpc.deb
      Size/MD5:  6536378 e92bcf3417bb11e10ff10c27225b3415
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.0.24-2ubuntu1.2_powerpc.deb
      Size/MD5:  2652786 1948f2f71806f948d10e6d852f67b81d
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-dbg_3.0.24-2ubuntu1.2_powerpc.deb
      Size/MD5: 12571552 c79e1aeef927ef75004f8dea6e2809e4
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.24-2ubuntu1.2_powerpc.deb
      Size/MD5:  3726154 7d7f5bf3d8143f5ffa4e9e2a63806542
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.0.24-2ubuntu1.2_powerpc.deb
      Size/MD5:  4453980 a791426c9b3b4ac3007ef44e1c73e699
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.0.24-2ubuntu1.2_powerpc.deb
      Size/MD5:   486838 59669eb741b45c186fe16526119d782a
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/swat_3.0.24-2ubuntu1.2_powerpc.deb
      Size/MD5:   893204 8c05c4a8b66a722701e2d78187d49477
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/winbind_3.0.24-2ubuntu1.2_powerpc.deb
      Size/MD5:  2144258 83908708c55d4181859e0feb148dde67

  sparc architecture (Sun SPARC/UltraSPARC)

    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libpam-smbpass_3.0.24-2ubuntu1.2_sparc.deb
      Size/MD5:   441942 c1c155969d490f566aa0f413a343a9e1
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.0.24-2ubuntu1.2_sparc.deb
      Size/MD5:   116060 141c0d479be2682e20297979ccbc90e8
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.0.24-2ubuntu1.2_sparc.deb
      Size/MD5:   796330 ecb5923067b06e44646d5bf5f2747803
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/python-samba_3.0.24-2ubuntu1.2_sparc.deb
      Size/MD5:  5932424 9d4c506b28f34b816adb6bc0237a37b4
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.0.24-2ubuntu1.2_sparc.deb
      Size/MD5:  2407996 06f0808891b90ae328e83cc8fceb7c30
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-dbg_3.0.24-2ubuntu1.2_sparc.deb
      Size/MD5: 10878116 47d21febc3f0d1a414e1ef4564fab09e
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.24-2ubuntu1.2_sparc.deb
      Size/MD5:  3344900 258dda921d636448de7fedab29003261
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.0.24-2ubuntu1.2_sparc.deb
      Size/MD5:  3962018 fdf2ccbff62ed1dde783c4bf8c127230
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.0.24-2ubuntu1.2_sparc.deb
      Size/MD5:   435762 da146cdf227e40924842168b0b0688d3
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/swat_3.0.24-2ubuntu1.2_sparc.deb
      Size/MD5:   804986 f042b6a7afeec6c4ca1f1bc85fdb45cb
    http://security.ubuntu.com/ubuntu/pool/main/s/samba/winbind_3.0.24-2ubuntu1.2_sparc.deb
      Size/MD5:  1922850 f093eef0428fb16f2d7c1bc3f43c5cb2

Login or Register to add favorites

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close