Red Hat 9062 Published by

Updated samba packages are available for Red Hat Enterprise Linux 3

----------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Updated samba packages fix vulnerabilities
Advisory ID: RHSA-2004:259-01
Issue date: 2004-07-22
Updated on: 2004-07-22
Product: Red Hat Enterprise Linux
Keywords: smb
CVE Names: CAN-2004-0600 CAN-2004-0686
----------------------------------------------------------------------

1. Summary:

Updated samba packages that fix buffer overflows, as well as other various bugs, are now available.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64



3. Problem description:

Samba provides file and printer sharing services to SMB/CIFS clients.

Evgeny Demidov discovered a flaw in the internal routine used by the Samba Web Administration Tool (SWAT) in Samba versions 3.0.2 through 3.0.4. When decoding base-64 data during HTTP basic authentication, an invalid base-64 character could cause a buffer overflow. If the SWAT administration service is enabled, this flaw could allow an attacker to execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0600 to this issue.

Additionally, the Samba team discovered a buffer overflow in the code used to support the 'mangling method = hash' smb.conf option. Please be aware that the default setting for this parameter is 'mangling method = hash2' and therefore not vulnerable. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0686 to this issue.

This release includes the updated upstream version 3.0.4 together with backported security patches to correct these issues as well as a number of post-3.0.4 bug fixes from the Samba subversion repository.

The most important bug fix allows Samba users to change their passwords if Microsoft patch KB 828741 (a critical update) had been applied.

All users of Samba should upgrade to these updated packages, which resolve these issues.

4. Solution:

Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system:

http://www.redhat.com/docs/manuals/enterprise/

5. Bug IDs fixed (http://bugzilla.redhat.com/ for more info):

114436 - samba consumes all memory then hangs z390 vmachine.
122749 - Samba is unable to read international characters in filenames
122527 - Need 'printing = cups' and 'cups options = raw'
102715 - samba spec needs epoch in versioned dependecies
121356 - spec file should install libsmbclient.so with executable permissions
119211 - smb.conf(5) manual page bug if you do not use UTF-8 based locale
117181 - local variable used before set
116560 - Missing BuildRequires: krb5-devel
125714 - NTBackup cannot access samba shares
123271 - Users get error message when changing passwords after applying KB828741
126296 - Requesting updated packages to 3.0.4

6. RPMs required:

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/samba-3.0.4-6.3E.src.rpm
44c2d603483eb9fcc8fa87bae65d6439 samba-3.0.4-6.3E.src.rpm

i386:
0caefe0c45f4b00ffb4c3e5703e7d4f8 samba-3.0.4-6.3E.i386.rpm
7567cae317313de3b0f8bfe3a6ce7f5b samba-client-3.0.4-6.3E.i386.rpm
368abe8b4c210cd35745bc753677f749 samba-common-3.0.4-6.3E.i386.rpm
59d0ac4df0b0fdf77c1344c7c528ecf1 samba-swat-3.0.4-6.3E.i386.rpm

ia64:
8821a2b70be8c4674ffc470a75b9c8da samba-3.0.4-6.3E.ia64.rpm
9b3fe88a1caa50667ac8f2786b36f158 samba-client-3.0.4-6.3E.ia64.rpm
f650cdcb87404cfc209ab0a34e68e767 samba-common-3.0.4-6.3E.ia64.rpm
a99a0d4dec075149d59da31b41014595 samba-swat-3.0.4-6.3E.ia64.rpm

ppc:
4a076b948d5588f52e27fe0f83c254db samba-3.0.4-6.3E.ppc.rpm
a2a4bdb973dd38374206ee76c1f23455 samba-3.0.4-6.3E.ppc64.rpm
41e77181eb945e45cb147788e8a50387 samba-client-3.0.4-6.3E.ppc.rpm
e3b14ae6410b5191c3dcbff7634f617f samba-common-3.0.4-6.3E.ppc.rpm
207a03e8fc38257ef0f81c87e628eb7a samba-swat-3.0.4-6.3E.ppc.rpm

s390:
984fa3cd0ca31eb764a8a73733d3d13e samba-3.0.4-6.3E.s390.rpm
d42b3cef9cf281c6cc0cf76f29335e42 samba-client-3.0.4-6.3E.s390.rpm
d8acc69df724d7fc8d4cf259d06b2236 samba-common-3.0.4-6.3E.s390.rpm
4c0444ceba9395d22fb8c6de6833fc76 samba-swat-3.0.4-6.3E.s390.rpm

s390x:
aa5a1ab3c6ad612086774d94108f09d5 samba-3.0.4-6.3E.s390x.rpm
984fa3cd0ca31eb764a8a73733d3d13e samba-3.0.4-6.3E.s390.rpm
a0d0319d4248bee79e4d9253947518da samba-client-3.0.4-6.3E.s390x.rpm
623b63e0e5bcb187c4cc3b8e03e263e2 samba-common-3.0.4-6.3E.s390x.rpm
29f036def3a798e117d549c63d510800 samba-swat-3.0.4-6.3E.s390x.rpm

x86_64:
1397c3732a4a45940be9e61b42707f76 samba-3.0.4-6.3E.x86_64.rpm
0caefe0c45f4b00ffb4c3e5703e7d4f8 samba-3.0.4-6.3E.i386.rpm
55ac2fc0c18887a94e0fec184e06c25e samba-client-3.0.4-6.3E.x86_64.rpm
07939e1376609d71e6da03b28f568f3f samba-common-3.0.4-6.3E.x86_64.rpm
16538cc81a03dffc6b2bf595b77fdc02 samba-swat-3.0.4-6.3E.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/samba-3.0.4-6.3E.src.rpm
44c2d603483eb9fcc8fa87bae65d6439 samba-3.0.4-6.3E.src.rpm

i386:
0caefe0c45f4b00ffb4c3e5703e7d4f8 samba-3.0.4-6.3E.i386.rpm
7567cae317313de3b0f8bfe3a6ce7f5b samba-client-3.0.4-6.3E.i386.rpm
368abe8b4c210cd35745bc753677f749 samba-common-3.0.4-6.3E.i386.rpm
59d0ac4df0b0fdf77c1344c7c528ecf1 samba-swat-3.0.4-6.3E.i386.rpm

x86_64:
1397c3732a4a45940be9e61b42707f76 samba-3.0.4-6.3E.x86_64.rpm
0caefe0c45f4b00ffb4c3e5703e7d4f8 samba-3.0.4-6.3E.i386.rpm
55ac2fc0c18887a94e0fec184e06c25e samba-client-3.0.4-6.3E.x86_64.rpm
07939e1376609d71e6da03b28f568f3f samba-common-3.0.4-6.3E.x86_64.rpm
16538cc81a03dffc6b2bf595b77fdc02 samba-swat-3.0.4-6.3E.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/samba-3.0.4-6.3E.src.rpm
44c2d603483eb9fcc8fa87bae65d6439 samba-3.0.4-6.3E.src.rpm

i386:
0caefe0c45f4b00ffb4c3e5703e7d4f8 samba-3.0.4-6.3E.i386.rpm
7567cae317313de3b0f8bfe3a6ce7f5b samba-client-3.0.4-6.3E.i386.rpm
368abe8b4c210cd35745bc753677f749 samba-common-3.0.4-6.3E.i386.rpm
59d0ac4df0b0fdf77c1344c7c528ecf1 samba-swat-3.0.4-6.3E.i386.rpm

ia64:
8821a2b70be8c4674ffc470a75b9c8da samba-3.0.4-6.3E.ia64.rpm
9b3fe88a1caa50667ac8f2786b36f158 samba-client-3.0.4-6.3E.ia64.rpm
f650cdcb87404cfc209ab0a34e68e767 samba-common-3.0.4-6.3E.ia64.rpm
a99a0d4dec075149d59da31b41014595 samba-swat-3.0.4-6.3E.ia64.rpm

x86_64:
1397c3732a4a45940be9e61b42707f76 samba-3.0.4-6.3E.x86_64.rpm
0caefe0c45f4b00ffb4c3e5703e7d4f8 samba-3.0.4-6.3E.i386.rpm
55ac2fc0c18887a94e0fec184e06c25e samba-client-3.0.4-6.3E.x86_64.rpm
07939e1376609d71e6da03b28f568f3f samba-common-3.0.4-6.3E.x86_64.rpm
16538cc81a03dffc6b2bf595b77fdc02 samba-swat-3.0.4-6.3E.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/samba-3.0.4-6.3E.src.rpm
44c2d603483eb9fcc8fa87bae65d6439 samba-3.0.4-6.3E.src.rpm

i386:
0caefe0c45f4b00ffb4c3e5703e7d4f8 samba-3.0.4-6.3E.i386.rpm
7567cae317313de3b0f8bfe3a6ce7f5b samba-client-3.0.4-6.3E.i386.rpm
368abe8b4c210cd35745bc753677f749 samba-common-3.0.4-6.3E.i386.rpm
59d0ac4df0b0fdf77c1344c7c528ecf1 samba-swat-3.0.4-6.3E.i386.rpm

ia64:
8821a2b70be8c4674ffc470a75b9c8da samba-3.0.4-6.3E.ia64.rpm
9b3fe88a1caa50667ac8f2786b36f158 samba-client-3.0.4-6.3E.ia64.rpm
f650cdcb87404cfc209ab0a34e68e767 samba-common-3.0.4-6.3E.ia64.rpm
a99a0d4dec075149d59da31b41014595 samba-swat-3.0.4-6.3E.ia64.rpm

x86_64:
1397c3732a4a45940be9e61b42707f76 samba-3.0.4-6.3E.x86_64.rpm
0caefe0c45f4b00ffb4c3e5703e7d4f8 samba-3.0.4-6.3E.i386.rpm
55ac2fc0c18887a94e0fec184e06c25e samba-client-3.0.4-6.3E.x86_64.rpm
07939e1376609d71e6da03b28f568f3f samba-common-3.0.4-6.3E.x86_64.rpm
16538cc81a03dffc6b2bf595b77fdc02 samba-swat-3.0.4-6.3E.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key.html#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0600
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0686

8. Contact:

The Red Hat security contact is secalert@redhat.com. More contact details at https://www.redhat.com/security/team/contact.html

Copyright 2004 Red Hat, Inc.