IMPORTANT: Security bugfix for Samba - all versions.

IMPORTANT: Security bugfix for Samba - all versions.

Post by Jeremy Allis » Sat, 27 Sep 1997 04:00:00



                IMPORTANT: Security bugfix for Samba
                ------------------------------------

A security hole in all versions of Samba has been recently
discovered. The security hole allows unauthorized remote users to
obtain root access on the Samba server.

An exploit for this security hole has been posted to the internet so
system administrators should assume that this hole is being actively
exploited.

The exploit for the security hole is very architecture specific and
has been only demonstrated to work for Samba servers running on Intel
based platforms. The exploit posted to the internet is specific to
Intel Linux servers. It would be very difficult to produce an exploit
for other architectures but it may be possible.

A new release of Samba has now been made that fixes the security
hole. The new release is version 1.9.17p2 and is available from
ftp://samba.anu.edu.au/pub/samba/samba-1.9.17p2.tar.gz

This release also adds a routine which logs a message if anyone
attempts to take advantage of the security hole. The message (in the
Samba log files) will look like this:

        ERROR: Invalid password length 999
        you're machine may be under attack by a user exploiting an old bug
        Attack was from IP=aaa.bbb.ccc.ddd

where aaa.bbb.ccc.ddd is the IP address of the machine performing the attack.

Please report any attacks to the appropriate authority.

        The Samba Team

 
 
 

1. IMPORTANT: Security bugfix for Samba - all versions.

                IMPORTANT: Security bugfix for Samba
                ------------------------------------

A security hole in all versions of Samba has been recently
discovered. The security hole allows unauthorized remote users to
obtain root access on the Samba server.

An exploit for this security hole has been posted to the internet so
system administrators should assume that this hole is being actively
exploited.

The exploit for the security hole is very architecture specific and
has been only demonstrated to work for Samba servers running on Intel
based platforms. The exploit posted to the internet is specific to
Intel Linux servers. It would be very difficult to produce an exploit
for other architectures but it may be possible.

A new release of Samba has now been made that fixes the security
hole. The new release is version 1.9.17p2 and is available from
ftp://samba.anu.edu.au/pub/samba/samba-1.9.17p2.tar.gz

This release also adds a routine which logs a message if anyone
attempts to take advantage of the security hole. The message (in the
Samba log files) will look like this:

        ERROR: Invalid password length 999
        your machine may be under attack by a user exploiting an old bug
        Attack was from IP=aaa.bbb.ccc.ddd

where aaa.bbb.ccc.ddd is the IP address of the machine performing the attack.

Please report any attacks to the appropriate authority.

        The Samba Team

2. ports problem for pine4

3. important sdbm (ndbm clone) bugfix

4. whatever happened to kickaha?

5. important PPC bugfix for 2.4.19-pre

6. Sed, Awk, or both?

7. tob 0.04 -- Tape oriented backup, with important bugfix

8. FIND command

9. krb_err.c bugfix and snake Makefile bugfix

10. Request for 2.4.20 to be a non-trivial-bugfixes-only version

11. : RAWDISK.SYS bugfixed version 1.1

12. test SYN cookies (was Re: SYN cookies security bugfix?)

13. computer-security/security-patches FAQ (HTML version)