Linux Kernel Samba Share Local Privilege Elevation Vulnerability

Solution:
Gentoo have released an advisory (GLSA 200404-21) and have made an updated eBuild available to address this issue. Gentoo have recommended that users run the following commands to merge the fixed eBuild:
# emerge sync
# emerge -pv ">=net-fs/samba-3.0.2a-r2"
# emerge ">=net-fs/samba-3.0.2a-r2"

Those using Samba's password database also need to run the following command:
# pdbedit --force-initialized-passwords

Debian has released an advisory (DSA 463-1) and fixes to address this issue. See the referenced advisory for links to fixed packages.

Mandrake has released an advisory MDKSA-2004:035 and fixes to address this issue. See the referenced advisory for links to fixed packages.

TurboLinux has released advisory TLSA-2004-25 to address this issue. Please see the attached advisory for details on obtaining and applying fixes.


Samba Samba 2.2.3 a

Samba Samba 2.2.3 a

Samba Samba 2.2.7 a

Samba Samba 2.2.8 a


 

Privacy Statement
Copyright 2010, SecurityFocus