• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Pam_SMB Remote Buffer Overflow Vulnerability

Solution:
Sun have released fixes to address this vulnerability in Sun Linux 5.0.7. Users who are affected by this issue are advised to apply relevant fixes as soon as possible. Please see Sun reference (Sun Linux Support - Sun Linux Patches (Sun)) for further details regarding obtaining and applying appropriate fixes.

Red Hat has released a security advisory (RHSA-2003-262) to address this issue for enterprise customers. Further information regarding obtaining and applying fixes can be found in the referenced advisory.

Red Hat has released a security advisory (RHSA-2003:261-01) to address this issue. Customers who are affected by this issue are advised to apply the relevant fixes as soon as possible. Fixes are linked below. Further information regarding applying fixes can be found in the referenced advisory.

Debian has released an advisory (DSA 374-1) that addresses this issue. Please see the attached advisory for details on obtaining and applying fixes.

Turbolinux has released an advisory (TLSA-2003-50) that addresses this issue. Please see the attached advisory for details on obtaining and applying fixes.

Gentoo Linux has released a security advisory (200309-01) to address this issue. Users who are affected by this issue are advised to do the following:

emerge sync
emerge pam_smb
emerge clean

SuSE has released an advisory (SuSE-SA:2003:036) that addresses this issue. Please see the attached advisory for details on obtaining and applying fixes.

Conectiva has released an advisory (CLSA-2003:733) that addresses this issue. Please see references for details on obtaining and applying fixes.

Conectiva has released an advisory (CLSA-2003:734) containing updated packages that addresses this issue. Please see references for details on obtaining and applying fixes.

SGI has released an advisory (20031002-01-U) pertaining to their ProPack Linux distribution. The advisory has been released in response to a number of RHSA advisories, and includes a patch (Patch 10027) containing updated RPM packages relating to 22 different BIDS.

Patch 10027 can be obtained via the following link:
http://support.sgi.com/

For information regarding how to obtain individual RPM packages included in Patch 10027, please see the attached advisory.

pam_smb have released a stable upgrade to address this issue:


RedHat pam_smb-1.1.6-2.ia64.rpm

• Red Hat pam_smb-1.1.6-9.7.ia64.rpm
  ftp://updates.redhat.com/7.2/en/os/ia64/pam_smb-1.1.6-9.7.ia64.rpm

RedHat pam_smb-1.1.6-5.i386.rpm

• Red Hat pam_smb-1.1.6-9.8.i386.rpm
  ftp://updates.redhat.com/8.0/en/os/i386/pam_smb-1.1.6-9.8.i386.rpm

RedHat pam_smb-1.1.6-2.i386.rpm

• Red Hat pam_smb-1.1.6-9.7.i386.rpm
  ftp://updates.redhat.com/7.2/en/os/i386/pam_smb-1.1.6-9.7.i386.rpm

RedHat pam_smb-1.1.6-2.i386.rpm

• Red Hat pam_smb-1.1.6-9.7.i386.rpm
  ftp://updates.redhat.com/7.3/en/os/i386/pam_smb-1.1.6-9.7.i386.rpm

RedHat pam_smb-1.1.6-7.i386.rpm

• Red Hat pam_smb-1.1.6-9.9.i386.rpm
  ftp://updates.redhat.com/9/en/os/i386/pam_smb-1.1.6-9.9.i386.rpm

pam_smb pam_smb 1.1

• pam_smb pam_smb-1.1.7.tar.gz
  http://pamsmb.sourceforge.net/v1/pam_smb-1.1.7.tar.gz

pam_smb pam_smb 1.1.1

• pam_smb pam_smb-1.1.7.tar.gz
  http://pamsmb.sourceforge.net/v1/pam_smb-1.1.7.tar.gz

pam_smb pam_smb 1.1.2

• pam_smb pam_smb-1.1.7.tar.gz
  http://pamsmb.sourceforge.net/v1/pam_smb-1.1.7.tar.gz

pam_smb pam_smb 1.1.3

• pam_smb pam_smb-1.1.7.tar.gz
  http://pamsmb.sourceforge.net/v1/pam_smb-1.1.7.tar.gz

pam_smb pam_smb 1.1.4

• pam_smb pam_smb-1.1.7.tar.gz
  http://pamsmb.sourceforge.net/v1/pam_smb-1.1.7.tar.gz

pam_smb pam_smb 1.1.5

• pam_smb pam_smb-1.1.7.tar.gz
  http://pamsmb.sourceforge.net/v1/pam_smb-1.1.7.tar.gz


• TurboLinux pam_smb-1.1.7-1.i386.rpm
  Upgrade for Turbolinux 6 Workstation.
  ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/6. 0/ja/updates/RPMS/pam_smb-1.1.7-1.i386.rpm


• TurboLinux pam_smb-1.1.7-1.i386.rpm
  Upgrade for Turbolinux 6.1 Server.
  ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.1/ja/ updates/RPMS/pam_smb-1.1.7-1.i386.rpm

pam_smb pam_smb 1.1.6

• Conectiva pam_smb-1.1.6-500.i586.rpm
  Upgrade for Conectiva Linux version CLEE 1.0.
  ftp://ul.conectiva.com.br/updates/1.0/RPMS.core/pam_smb-1.1.6-500.i586 .rpm


• Conectiva pam_smb-1.1.6-5728U90_1cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/9/RPMS/pam_smb-1.1.6-5728U90_1cl.i 386.rpm


• Conectiva pam_smb-1.1.6-5U70_1cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/7.0/RPMS/pam_smb-1.1.6-5U70_1cl.i3 86.rpm


• Conectiva pam_smb-1.1.6-5U80_1cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/8/RPMS/pam_smb-1.1.6-5U80_1cl.i386 .rpm


• Debian libpam-smb_1.1.6-1.1woody1_alpha.deb
  Debian GNU/Linux 3.0 alias woody.
  http://security.debian.org/pool/updates/main/libp/libpam-smb/libpam-sm b_1.1.6-1.1woody1_alpha.deb


• Debian libpam-smb_1.1.6-1.1woody1_arm.deb
  Debian GNU/Linux 3.0 alias woody.
  http://security.debian.org/pool/updates/main/libp/libpam-smb/libpam-sm b_1.1.6-1.1woody1_arm.deb


• Debian libpam-smb_1.1.6-1.1woody1_hppa.deb
  Debian GNU/Linux 3.0 alias woody.
  http://security.debian.org/pool/updates/main/libp/libpam-smb/libpam-sm b_1.1.6-1.1woody1_hppa.deb


• Debian libpam-smb_1.1.6-1.1woody1_i386.deb
  Debian GNU/Linux 3.0 alias woody.
  http://security.debian.org/pool/updates/main/libp/libpam-smb/libpam-sm b_1.1.6-1.1woody1_i386.deb


• Debian libpam-smb_1.1.6-1.1woody1_ia64.deb
  Debian GNU/Linux 3.0 alias woody.
  http://security.debian.org/pool/updates/main/libp/libpam-smb/libpam-sm b_1.1.6-1.1woody1_ia64.deb


• Debian libpam-smb_1.1.6-1.1woody1_m68k.deb
  Debian GNU/Linux 3.0 alias woody.
  http://security.debian.org/pool/updates/main/libp/libpam-smb/libpam-sm b_1.1.6-1.1woody1_m68k.deb


• Debian libpam-smb_1.1.6-1.1woody1_mips.deb
  Debian GNU/Linux 3.0 alias woody.
  http://security.debian.org/pool/updates/main/libp/libpam-smb/libpam-sm b_1.1.6-1.1woody1_mips.deb


• Debian libpam-smb_1.1.6-1.1woody1_mipsel.deb
  Debian GNU/Linux 3.0 alias woody.
  http://security.debian.org/pool/updates/main/libp/libpam-smb/libpam-sm b_1.1.6-1.1woody1_mipsel.deb


• Debian libpam-smb_1.1.6-1.1woody1_powerpc.deb
  Debian GNU/Linux 3.0 alias woody.
  http://security.debian.org/pool/updates/main/libp/libpam-smb/libpam-sm b_1.1.6-1.1woody1_powerpc.deb


• Debian libpam-smb_1.1.6-1.1woody1_s390.deb
  Debian GNU/Linux 3.0 alias woody.
  http://security.debian.org/pool/updates/main/libp/libpam-smb/libpam-sm b_1.1.6-1.1woody1_s390.deb


• Debian libpam-smb_1.1.6-1.1woody1_sparc.deb
  Debian GNU/Linux 3.0 alias woody.
  http://security.debian.org/pool/updates/main/libp/libpam-smb/libpam-sm b_1.1.6-1.1woody1_sparc.deb


• pam_smb pam_smb-1.1.7.tar.gz
  http://pamsmb.sourceforge.net/v1/pam_smb-1.1.7.tar.gz


• SuSE pam_smb-1.1.6-500.i386.patch.rpm
  Patch for SuSE-8.0.
  ftp://ftp.suse.com/pub/suse/i386/update/8.0/n4/pam_smb-1.1.6-500.i386. patch.rpm


• SuSE pam_smb-1.1.6-500.i586.patch.rpm
  Patch for SuSE-8.1.
  ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/pam_smb-1.1.6-500 .i586.patch.rpm


• SuSE pam_smb-1.1.6-501.i586.patch.rpm
  Patch for SuSE-8.2.
  ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/pam_smb-1.1.6-501 .i586.patch.rpm


• SuSE pam_smb-1.1.6-147.sparc.rpm
  Upgrade for SuSE-7.3 Sparc.
  ftp://ftp.suse.com/pub/suse/sparc/update/7.3/n2/pam_smb-1.1.6-147.spar c.rpm


• SuSE pam_smb-1.1.6-328.ppc.rpm
  Upgrade for SuSE-7.3 Power PC.
  ftp://ftp.suse.com/pub/suse/ppc/update/7.3/n2/pam_smb-1.1.6-328.ppc.rp m


• SuSE pam_smb-1.1.6-500.i386.rpm
  Upgrade for SuSE-7.2.
  ftp://ftp.suse.com/pub/suse/i386/update/7.2/n2/pam_smb-1.1.6-500.i386. rpm


• SuSE pam_smb-1.1.6-500.i386.rpm
  Upgrade for SuSE-8.0.
  ftp://ftp.suse.com/pub/suse/i386/update/8.0/n4/pam_smb-1.1.6-500.i386. rpm


• SuSE pam_smb-1.1.6-500.i586.rpm
  Upgrade for SuSE-8.1.
  ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/pam_smb-1.1.6-500 .i586.rpm


• SuSE pam_smb-1.1.6-501.i386.rpm
  Upgrade for SuSE-7.3.
  ftp://ftp.suse.com/pub/suse/i386/update/7.3/n2/pam_smb-1.1.6-501.i386. rpm


• SuSE pam_smb-1.1.6-501.i586.rpm
  Upgrade for SuSE-8.2.
  ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/pam_smb-1.1.6-501 .i586.rpm


• TurboLinux pam_smb-1.1.7-1.i386.rpm
  Upgrade for Turbolinux 6 Server.
  ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/AdvancedServer /6/ja/updates/RPMS/pam_smb-1.1.7-1.i386.rpm


• TurboLinux pam_smb-1.1.7-1.i386.rpm
  Upgrade for Turbolinux 6.5 Server.
  ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.5/upd ates/RPMS/pam_smb-1.1.7-1.i386.rpm


• TurboLinux pam_smb-1.1.7-1.i586.rpm
  Upgrade for Turbolinux 7 Server.
  ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updat es/RPMS/pam_smb-1.1.7-1.i586.rpm


• TurboLinux pam_smb-1.1.7-1.i586.rpm
  Upgrade for Turbolinux 8 Server.
  ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updat es/RPMS/pam_smb-1.1.7-1.i586.rpm


• TurboLinux pam_smb-1.1.7-1.i586.rpm
  Upgrade for Turbolinux 7 Workstation.
  ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/ updates/RPMS/pam_smb-1.1.7-1.i586.rpm


• TurboLinux pam_smb-1.1.7-1.i586.rpm
  Upgrade for Turbolinux 8 Workstation.
  ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/ updates/RPMS/pam_smb-1.1.7-1.i586.rpm

Sun Linux 5.0.7

• Sun pam_smb-1.1.6-9.7.i386.rpm
  ftp://ftp.cobalt.sun.com/pub/products/sunlinux/5.0/en/updates/i386/RPM S/pam_smb-1.1.6-9.7.i386.rpm