svn commit: samba-web r402 - in trunk/security: .
jerry at samba.org
jerry at samba.org
Mon Nov 8 20:55:55 GMT 2004
Author: jerry
Date: 2004-11-08 20:55:55 +0000 (Mon, 08 Nov 2004)
New Revision: 402
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba-web&rev=402
Log:
adding more old security announcements
Added:
trunk/security/CAN-2004-0082.html
trunk/security/CAN-2004-0600.html
trunk/security/CAN-2004-0686.html
Changeset:
Added: trunk/security/CAN-2004-0082.html
===================================================================
--- trunk/security/CAN-2004-0082.html 2004-11-08 19:24:12 UTC (rev 401)
+++ trunk/security/CAN-2004-0082.html 2004-11-08 20:55:55 UTC (rev 402)
@@ -0,0 +1,58 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+
+<head>
+<title>Samba - Security Announcement Archive</title>
+</head>
+
+<body>
+
+ <H2>CAN-2004-0082: mksmbpasswd shell script may create accounts with easily guessable passwords, Samba 3.0.0 - 3.0.1</H2>
+
+<p>
+<pre>
+Subject: mksmbpasswd shell script may create accounts
+ with easily guessable passwords
+CVE #: CAN-2004-0082
+Affected
+Versions: Samba 3.0.0 - 3.0.1
+
+
+Description
+-----------
+
+It has been confirmed that previous versions of Samba 3.0 are
+susceptible to a password initialization bug that could grant an
+attacker unauthorized access to a user account created by the
+mksmbpasswd.sh shell script.
+
+Samba administrators not wishing to upgrade to the current
+version should download the 3.0.2 release, build the pdbedit
+tool, and run
+
+ root# pdbedit-3.0.2 --force-initialized-passwords
+
+This will disable all accounts not possessing a valid password
+(e.g. the password field has been set a string of X's).
+
+Samba servers running 3.0.2 are not vulnerable to this bug
+regardless of whether or not pdbedit has been used to sanitize
+the passdb backend.
+
+
+Credits
+--------
+
+This defect was located by Samba developers during a routine
+code audit.
+
+
+--
+Our Code, Our Bugs, Our Responsibility.
+
+ -- The Samba Team
+</pre>
+
+</body>
+</html>
Added: trunk/security/CAN-2004-0600.html
===================================================================
--- trunk/security/CAN-2004-0600.html 2004-11-08 19:24:12 UTC (rev 401)
+++ trunk/security/CAN-2004-0600.html 2004-11-08 20:55:55 UTC (rev 402)
@@ -0,0 +1,56 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+
+<head>
+<title>Samba - Security Announcement Archive</title>
+</head>
+
+<body>
+
+ <H2>CAN-2004-0600: Potential Buffer Overrun in SWAT, Samba 3.0.2 - 3.0.4</H2>
+
+<p>
+<pre>
+Subject: Potential Buffer Overrun in SWAT
+CVE #: CAN-2004-0600
+Affected
+Versions: Samba 3.0.2 - 3.0.4
+
+
+Description
+-----------
+
+The internal routine used by the Samba Web Administration
+Tool (SWAT v3.0.2 and later) to decode the base64 data
+during HTTP basic authentication is subject to a buffer
+overrun caused by an invalid base64 character. It is
+recommended that all Samba v3.0.2 or later installations
+running SWAT either (a) upgrade to v3.0.5, or (b) disable
+the swat administration service as a temporary workaround.
+
+This same code is used internally to decode the
+sambaMungedDial attribute value when using the ldapsam
+passdb backend. While we do not believe that the base64
+decoding routines used by the ldapsam passdb backend can
+be exploited, sites using an LDAP directory service with
+Samba are strongly encouraged to verify that the DIT only
+allows write access to sambaSamAccount attributes by a
+sufficiently authorized user.
+
+
+Credits
+--------
+
+The Samba Team would like to heartily thank Evgeny Demidov
+for analyzing and reporting this bug.
+
+
+--
+Our Code, Our Bugs, Our Responsibility.
+
+ -- The Samba Team
+</pre>
+
+</body>
+</html>
Added: trunk/security/CAN-2004-0686.html
===================================================================
--- trunk/security/CAN-2004-0686.html 2004-11-08 19:24:12 UTC (rev 401)
+++ trunk/security/CAN-2004-0686.html 2004-11-08 20:55:55 UTC (rev 402)
@@ -0,0 +1,60 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+
+<head>
+<title>Samba - Security Announcement Archive</title>
+</head>
+
+<body>
+
+ <H2>CAN-2004-0686: Potential Buffer Overrun in Samba 3.0.x <= 3.0.4</H2>
+
+<p>
+<pre>
+Subject: Potential Buffer Overrun in smbd
+CVE #: CAN-2004-0686
+Affected
+Versions: Samba 3.0.x <= 3.0.4
+
+
+Description
+-----------
+
+A buffer overrun has been located in the code used to support
+the 'mangling method = hash' smb.conf option. Please be aware
+that the default setting for this parameter is 'mangling method
+= hash2' and therefore not vulnerable.
+
+Affected Samba 3 installations can avoid this possible security
+bug by using the default hash2 mangling method. Server
+installations requiring the hash mangling method are encouraged
+to upgrade to Samba 3.0.5.
+
+
+Protecting Unpatched Servers
+----------------------------
+
+The Samba Team always encourages users to run the latest stable
+release as a defense of against attacks. However, under certain
+circumstances it may not be possible to immediately upgrade
+important installations. In such cases, administrators should
+read the "Server Security" documentation found at
+http://www.samba.org/samba/docs/server_security.html.
+
+
+Credits
+--------
+
+This defect was located by Samba developers during a routine
+code audit.
+
+
+--
+Our Code, Our Bugs, Our Responsibility.
+
+ -- The Samba Team
+</pre>
+
+</body>
+</html>
More information about the samba-cvs
mailing list