Samba 2.0.8 release - SECURITY FIX

tridge at samba.org tridge at samba.org
Wed Apr 18 00:00:38 GMT 2001


I've just released Samba 2.0.8. This release fixes a significant
security vulnerability that allows local users to corrupt local
devices (such as raw disks).

For most users the Samba Team recommends Samba 2.2.0 which has just
been released. Version 2.2.0 has all the security fixes plus many new
features and other bug fixes. Version 2.0.8 is meant for very
conservative sites that want a absolutely minimal security fix rather
than a large update.

The security hole was found by Marcus Meissner
(Marcus.Meissner at caldera.de) during a routine security audit of the
Samba source code. Many thanks to Marcus and Caldera for taking the
time to audit the code. The hole involved a incorrect usage of
temporary files and can be exploited by a local user with a shell
account on the Samba server to destroy data on a local device, such as
/dev/hda. The exploit is relatively easy to perform so all sites with
untrusted local users should update immediately to either version
2.0.8 or version 2.2.0.

We do not plan on doing any more releases of Samba 2.0.x.

Cheers, Tridge




More information about the samba-technical mailing list