• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Samba Multiple ASN.1 and MailSlot Parsing Remote Denial Of Service Vulnerabilities

Solution:
SuSE has released advisory SUSE-SA:2004:034 mainly to address the vulnerability described in BID 11196. However, in the addendum of this advisory, it is reported that fixes for the issues described in this BID are now available on the SuSE update FTP server for download. Customers are advised to see the referenced advisory for further information regarding obtaining and applying appropriate updates.

Gentoo Linux has released advisory GLSA 200409-16 dealing with these issues. They have advised that all Samba 3.x users should upgrade to the latest version:
emerge sync
emerge -pv ">=net-fs/samba-3.0.7"
emerge ">=net-fs/samba-3.0.7"
For more information, please see the referenced Gentoo advisory.

Mandrakelinux has released advisory MDKSA-2004:092 along with fixes to address these issues. Please see the referenced advisory for further information.

Trustix Linux has released advisory TSL-2004-0046 along with fixes dealing with this issue. Please see the referenced advisory for more information.

OpenPKG has released an advisory (OpenPKG-SA-2004.040) dealing with this issue. Please see the referenced advisory for more information.

The vendor has released a patch that resolves these issues.

RedHat has released an advisory (RHSA-2004:467-04) to address these issues in Red Hat Enterprise Linux. Please see the advisory in Web references for more information.

Conectiva Linux has released advisory CLA-2004:873 along with fixes to address this issue. Please see the referenced advisory for further information.

SGI has released security advisory 20041201-01-P along with a patch dealing with this issue. It should be noted that the released patch only fixes samba_irix version 3.0.7. All users running the affected application, which is not installed by default, are advised to apply the patch.


Samba Samba 3.0.2 a

• Mandrake lib64smbclient0-3.0.6-4.1.100mdk.amd64.rpm
  Mandrake Linux 10.0/AMD64
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake lib64smbclient0-devel-3.0.6-4.1.100mdk.amd64.rpm
  Mandrake Linux 10.0/AMD64
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake lib64smbclient0-static-devel-3.0.6-4.1.100mdk.amd64.rpm
  Mandrake Linux 10.0/AMD64
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake libsmbclient0-3.0.6-4.1.100mdk.i586.rpm
  Mandrake Linux 10.0
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake libsmbclient0-devel-3.0.6-4.1.100mdk.i586.rpm
  Mandrake Linux 10.0
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake libsmbclient0-static-devel-3.0.6-4.1.100mdk.i586.rpm
  Mandrake Linux 10.0
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake nss_wins-3.0.6-4.1.100mdk.amd64.rpm
  Mandrake Linux 10.0/AMD64
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake nss_wins-3.0.6-4.1.100mdk.i586.rpm
  Mandrake Linux 10.0
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake samba-client-3.0.6-4.1.100mdk.amd64.rpm
  Mandrake Linux 10.0/AMD64
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake samba-client-3.0.6-4.1.100mdk.i586.rpm
  Mandrake Linux 10.0
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake samba-common-3.0.6-4.1.100mdk.amd64.rpm
  Mandrake Linux 10.0/AMD64
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake samba-common-3.0.6-4.1.100mdk.i586.rpm
  Mandrake Linux 10.0
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake samba-doc-3.0.6-4.1.100mdk.amd64.rpm
  Mandrake Linux 10.0/AMD64
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake samba-doc-3.0.6-4.1.100mdk.i586.rpm
  Mandrake Linux 10.0
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake samba-passdb-mysql-3.0.6-4.1.100mdk.amd64.rpm
  Mandrake Linux 10.0/AMD64
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake samba-passdb-mysql-3.0.6-4.1.100mdk.i586.rpm
  Mandrake Linux 10.0
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake samba-passdb-pgsql-3.0.6-4.1.100mdk.amd64.rpm
  Mandrake Linux 10.0/AMD64
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake samba-passdb-pgsql-3.0.6-4.1.100mdk.i586.rpm
  Mandrake Linux 10.0
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake samba-passdb-xml-3.0.6-4.1.100mdk.amd64.rpm
  Mandrake Linux 10.0/AMD64
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake samba-passdb-xml-3.0.6-4.1.100mdk.i586.rpm
  Mandrake Linux 10.0
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake samba-server-3.0.6-4.1.100mdk.amd64.rpm
  Mandrake Linux 10.0/AMD64
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake samba-server-3.0.6-4.1.100mdk.i586.rpm
  Mandrake Linux 10.0
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake samba-swat-3.0.6-4.1.100mdk.amd64.rpm
  Mandrake Linux 10.0/AMD64
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake samba-swat-3.0.6-4.1.100mdk.i586.rpm
  Mandrake Linux 10.0
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake samba-winbind-3.0.6-4.1.100mdk.amd64.rpm
  Mandrake Linux 10.0/AMD64
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake samba-winbind-3.0.6-4.1.100mdk.i586.rpm
  Mandrake Linux 10.0
  http://www.mandrakesecure.net/en/ftp.php

Samba Samba 3.0.4

• Conectiva libsmbclient-devel-3.0.7-62749U10_4cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/10/RPMS/libsmbclient-devel-3.0.7-6 2749U10_4cl.i386.rpm


• Conectiva libsmbclient-devel-static-3.0.7-62749U10_4cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/10/RPMS/libsmbclient-devel-static- 3.0.7-62749U10_4cl.i386.rpm


• Conectiva libsmbclient0-3.0.7-62749U10_4cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/10/RPMS/libsmbclient0-3.0.7-62749U 10_4cl.i386.rpm


• Conectiva samba-clients-3.0.7-62749U10_4cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/10/RPMS/samba-clients-3.0.7-62749U 10_4cl.i386.rpm


• Conectiva samba-common-3.0.7-62749U10_4cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/10/RPMS/samba-common-3.0.7-62749U1 0_4cl.i386.rpm


• Conectiva samba-doc-3.0.7-62749U10_4cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/10/RPMS/samba-doc-3.0.7-62749U10_4 cl.i386.rpm


• Conectiva samba-server-3.0.7-62749U10_4cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/10/RPMS/samba-server-3.0.7-62749U1 0_4cl.i386.rpm


• Conectiva samba-swat-3.0.7-62749U10_4cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/10/RPMS/samba-swat-3.0.7-62749U10_ 4cl.i386.rpm


• Conectiva samba-testprogs-3.0.7-62749U10_4cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/10/RPMS/samba-testprogs-3.0.7-6274 9U10_4cl.i386.rpm


• Conectiva samba-vfs-3.0.7-62749U10_4cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/10/RPMS/samba-vfs-3.0.7-62749U10_4 cl.i386.rpm


• Conectiva samba-vscan-clamav-3.0.7-62749U10_4cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/10/RPMS/samba-vscan-clamav-3.0.7-6 2749U10_4cl.i386.rpm


• Conectiva samba-vscan-fprot-3.0.7-62749U10_4cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/10/RPMS/samba-vscan-fprot-3.0.7-62 749U10_4cl.i386.rpm


• Conectiva samba-vscan-fsecure-3.0.7-62749U10_4cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/10/RPMS/samba-vscan-fsecure-3.0.7- 62749U10_4cl.i386.rpm


• Conectiva samba-vscan-kaspersky-3.0.7-62749U10_4cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/10/RPMS/samba-vscan-kaspersky-3.0. 7-62749U10_4cl.i386.rpm


• Conectiva samba-vscan-mks-3.0.7-62749U10_4cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/10/RPMS/samba-vscan-mks-3.0.7-6274 9U10_4cl.i386.rpm


• Conectiva samba-vscan-oav-3.0.7-62749U10_4cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/10/RPMS/samba-vscan-oav-3.0.7-6274 9U10_4cl.i386.rpm


• Conectiva samba-vscan-sophos-3.0.7-62749U10_4cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/10/RPMS/samba-vscan-sophos-3.0.7-6 2749U10_4cl.i386.rpm


• Conectiva samba-vscan-trend-3.0.7-62749U10_4cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/10/RPMS/samba-vscan-trend-3.0.7-62 749U10_4cl.i386.rpm


• Conectiva samba-winbind-3.0.7-62749U10_4cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/10/RPMS/samba-winbind-3.0.7-62749U 10_4cl.i386.rpm


• OpenPKG samba-3.0.4-2.1.2.src.rpm
  ftp://ftp.openpkg.org/release/2.1/UPD/samba-3.0.4-2.1.2.src.rpm


• Trustix samba-3.0.7-1tr.i586.rpm
  Trustix Enterprise Server 2
  ftp://ftp.trustix.org/pub/trustix/updates/


• Trustix samba-3.0.7-1tr.i586.rpm
  Trustix Secure Linux 2.1
  ftp://ftp.trustix.org/pub/trustix/updates/


• Trustix samba-client-3.0.7-1tr.i586.rpm
  Trustix Enterprise Server 2
  ftp://ftp.trustix.org/pub/trustix/updates/


• Trustix samba-client-3.0.7-1tr.i586.rpm
  Trustix Secure Linux 2.1
  ftp://ftp.trustix.org/pub/trustix/updates/


• Trustix samba-common-3.0.7-1tr.i586.rpm
  Trustix Enterprise Server 2
  ftp://ftp.trustix.org/pub/trustix/updates/


• Trustix samba-common-3.0.7-1tr.i586.rpm
  Trustix Secure Linux 2.1
  ftp://ftp.trustix.org/pub/trustix/updates/


• Trustix samba-mysql-3.0.7-1tr.i586.rpm
  Trustix Enterprise Server 2
  ftp://ftp.trustix.org/pub/trustix/updates/


• Trustix samba-mysql-3.0.7-1tr.i586.rpm
  Trustix Secure Linux 2.1
  ftp://ftp.trustix.org/pub/trustix/updates/

Samba Samba 3.0.5

• Samba patch-3.0.5-3.0.6.diffs.gz
  http://us4.samba.org/samba/ftp/patches/security/patch-3.0.5-3.0.6.diff s.gz

Samba Samba 3.0.6

• Samba patch-3.0.5-3.0.6.diffs.gz
  http://us4.samba.org/samba/ftp/patches/security/patch-3.0.5-3.0.6.diff s.gz

SGI samba_irix 3.0.7

• SGI patch5798
  ftp://patches.sgi.com/support/free/security/patches/