USN-29-1: samba vulnerability
Posted on: 11/18/2004 02:45 PM

A samba security update is available for Ubuntu Linux 4.10

Ubuntu Security Notice USN-29-1 November 18, 2004
samba vulnerability

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)

The following packages are affected:


The problem can be corrected by upgrading the affected package to version 3.0.7-1ubuntu6.2. In general, a standard system upgrade is sufficient to effect the necessary changes.

Details follow:

During an audit of the Samba 3.x code base Stefan Esser discovered a Unicode file name buffer overflow within the handling of TRANSACT2_QFILEPATHINFO replies. A malicious samba user with write access to a share could exploit this by creating specially crafted path names (files with very long names containing Unicode characters) that would overflow an internal buffer and could lead to remote execution of arbitrary code with the privileges of the samba server.

Since the samba server usually (by default) runs as root, this flaw can lead to privilege escalation and unbounded system compromise.

Source archives:
Size/MD5: 287793 5fe703b1046fd5243fa69b6fa6d07294
Size/MD5: 937 eab645e2ffeb3ffeda2938989f483c48
Size/MD5: 15012667 5906341429e64214909865a4be92e4ab

Architecture independent packages:
Size/MD5: 11604214 141fc27096df90fb5f26b7166a3c9d6c

amd64 architecture (Athlon64, Opteron, EM64T Xeon)
Size/MD5: 370230 99101e2e61e368dc01179cb7dc2c0133
Size/MD5: 761668 e741cc9ab62203deb7280c7433f69706
Size/MD5: 574786 89ae7e66ce905ace97188609e440bde5
Size/MD5: 5013524 52f73085749169d113930486f59cbfaf
Size/MD5: 2089114 f1e43445204746bf37edf2ec41e4295b
Size/MD5: 2664486 eb3e05dcc644fb38bc73b0b9d8e0881a
Size/MD5: 2708734 184bf98f0408a4697850aa6919ebe4ef
Size/MD5: 360962 7efd7e60f4932c7274a9dca4c6bfff7c
Size/MD5: 4026780 ddce360a66fd3e0caf65fccb007b0d18
Size/MD5: 1526042 f828ee46913e27507bab3886d82435c3

i386 architecture (x86 compatible Intel/AMD)
Size/MD5: 326852 c9629245ccda89fb9b1dda883879d54b
Size/MD5: 686568 e42aa1a2af130297903b93f9e3e8ca2c
Size/MD5: 509556 7d8076adf8c3eaac60b09ff27bacd911
Size/MD5: 4414116 c04dabf99c10f32a3e9b799e52eda22b
Size/MD5: 1835048 ce3604ef73e2d5fb4e7914cdd9050d8f
Size/MD5: 2297606 b7e572d19fd4049bf320afdc77c3a6c9
Size/MD5: 2300214 5383d4fee5aa87876ac5051593955873
Size/MD5: 308746 1b624b3e4f6e19c3282bd5ac6696d646
Size/MD5: 3938366 46e2ae30a1e9dd7dbbdca463bcb9dd1f
Size/MD5: 1298980 bf1f086f3baacf18e1def88b2de59c37

powerpc architecture (Apple Macintosh G3/G4/G5)
Size/MD5: 356040 4a139f0d03c2c58101009b020f5cd86f
Size/MD5: 705486 c79dca16882996739bc326c4e49eef0d
Size/MD5: 565886 021b551094f41419085bd536f3478719
Size/MD5: 4809436 df7c43f27708fd1f0b714a42e62d11c9
Size/MD5: 2044050 2fe8c9c72849c23f4352be940897bc92
Size/MD5: 2619354 74a5ae3af513b9ebd4b3fe99f7ac4271
Size/MD5: 2655304 9ac5438f2b4514df4c3e8adde4f6aec6
Size/MD5: 353196 16b68de329667642f9520e81fff7ecee
Size/MD5: 4015742 68b4ddb082fa1756c18d7b244e5a0a5f
Size/MD5: 1481436 53bd882613f2853683f39d48843cf4fc

Printed from Linux Compatible (