[Full-Disclosure] Re: [RHSA-2003:261-01] Updated pam_smb packages fix remote buffer overflow.
From: Michael Berganski (bergansk_at_eosdata.gsfc.nasa.gov)
Date: 08/26/03
- Previous message: Abe Usher: "[Full-Disclosure] towards a taxonomy of Information Assurance (IA)"
- In reply to: bugzilla_at_redhat.com: "[Full-Disclosure] [RHSA-2003:261-01] Updated pam_smb packages fix remote buffer overflow."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: bugzilla@redhat.com Date: Tue, 26 Aug 2003 08:39:13 -0400
The pam_smb packages is not in the upgarde directory
ftp://updates.redhat.com/9/en/os/i386/
bugzilla@redhat.com wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> - ---------------------------------------------------------------------
> Red Hat Security Advisory
>
> Synopsis: Updated pam_smb packages fix remote buffer overflow.
> Advisory ID: RHSA-2003:261-01
> Issue date: 2003-08-26
> Updated on: 2003-08-26
> Product: Red Hat Linux
> Keywords:
> Cross references:
> Obsoletes:
> CVE Names: CAN-2003-0686
> - ---------------------------------------------------------------------
>
> 1. Topic:
>
> Updated pam_smb packages are now available which fix a security
> vulnerability (buffer overflow).
>
> 2. Relevant releases/architectures:
>
> Red Hat Linux 7.2 - i386, ia64
> Red Hat Linux 7.3 - i386
> Red Hat Linux 8.0 - i386
> Red Hat Linux 9 - i386
>
> 3. Problem description:
>
> The pam_smb module is a pluggable authentication module (PAM) used to
> authenticate users using an external Server Message Block (SMB) server.
>
> A buffer overflow vulnerability has been found that affects unpatched
> versions of pam_smb up to and including 1.1.6.
>
> On systems that use pam_smb and are configured to authenticate a
> remotely accessible service, an attacker can exploit this bug and
> remotely execute arbitrary code. The Common Vulnerabilities and Exposures
> project (cve.mitre.org) has assigned the name CAN-2003-0686 to this issue.
>
> Red Hat Linux versions 7.2, 7.3, 8.0, and 9 ship with versions of pam_smb
> that are vulnerable to this issue, however pam_smb is not enabled by default.
>
> Users of pam_smb are advised to upgrade to these erratum packages, which
> contain a patch to version 1.1.6 to correct this issue.
>
> Red Hat would like to thank Dave Airlie of the Samba team for notifying us
> of this issue.
>
> 4. Solution:
>
> Before applying this update, make sure all previously released errata
> relevant to your system have been applied.
>
> To update all RPMs for your particular architecture, run:
>
> rpm -Fvh [filenames]
>
> where [filenames] is a list of the RPMs you wish to upgrade. Only those
> RPMs which are currently installed will be updated. Those RPMs which are
> not installed but included in the list will not be updated. Note that you
> can also use wildcards (*.rpm) if your current directory *only* contains the
> desired RPMs.
>
> Please note that this update is also available via Red Hat Network. Many
> people find this an easier way to apply updates. To use Red Hat Network,
> launch the Red Hat Update Agent with the following command:
>
> up2date
>
> This will start an interactive process that will result in the appropriate
> RPMs being upgraded on your system.
>
> 5. RPMs required:
>
> Red Hat Linux 7.2:
>
> SRPMS:
> ftp://updates.redhat.com/7.2/en/os/SRPMS/pam_smb-1.1.6-9.7.src.rpm
>
> i386:
> ftp://updates.redhat.com/7.2/en/os/i386/pam_smb-1.1.6-9.7.i386.rpm
>
> ia64:
> ftp://updates.redhat.com/7.2/en/os/ia64/pam_smb-1.1.6-9.7.ia64.rpm
>
> Red Hat Linux 7.3:
>
> SRPMS:
> ftp://updates.redhat.com/7.3/en/os/SRPMS/pam_smb-1.1.6-9.7.src.rpm
>
> i386:
> ftp://updates.redhat.com/7.3/en/os/i386/pam_smb-1.1.6-9.7.i386.rpm
>
> Red Hat Linux 8.0:
>
> SRPMS:
> ftp://updates.redhat.com/8.0/en/os/SRPMS/pam_smb-1.1.6-9.8.src.rpm
>
> i386:
> ftp://updates.redhat.com/8.0/en/os/i386/pam_smb-1.1.6-9.8.i386.rpm
>
> Red Hat Linux 9:
>
> SRPMS:
> ftp://updates.redhat.com/9/en/os/SRPMS/pam_smb-1.1.6-9.9.src.rpm
>
> i386:
> ftp://updates.redhat.com/9/en/os/i386/pam_smb-1.1.6-9.9.i386.rpm
>
> 6. Verification:
>
> MD5 sum Package Name
> - --------------------------------------------------------------------------
> fd60d4b954d24b50901f5d8034246619 7.2/en/os/SRPMS/pam_smb-1.1.6-9.7.src.rpm
> 98f57da32415dec75f43bbe57165cc62 7.2/en/os/i386/pam_smb-1.1.6-9.7.i386.rpm
> 5e0ecb7ec7e24de6efc32ad8f439d0ff 7.2/en/os/ia64/pam_smb-1.1.6-9.7.ia64.rpm
> fd60d4b954d24b50901f5d8034246619 7.3/en/os/SRPMS/pam_smb-1.1.6-9.7.src.rpm
> 98f57da32415dec75f43bbe57165cc62 7.3/en/os/i386/pam_smb-1.1.6-9.7.i386.rpm
> 2e399b4016dac855bc3e01056c23a244 8.0/en/os/SRPMS/pam_smb-1.1.6-9.8.src.rpm
> 8cb3feb19dd74abfb582546235ee9718 8.0/en/os/i386/pam_smb-1.1.6-9.8.i386.rpm
> 5e31c7774d44716e4bc14f5d11eb54db 9/en/os/SRPMS/pam_smb-1.1.6-9.9.src.rpm
> 11b99a275c316e57a3fdb68ab63c90f4 9/en/os/i386/pam_smb-1.1.6-9.9.i386.rpm
>
> These packages are GPG signed by Red Hat for security. Our key is
> available from https://www.redhat.com/security/keys.html
>
> You can verify each package with the following command:
>
> rpm --checksig -v <filename>
>
> If you only wish to verify that each package has not been corrupted or
> tampered with, examine only the md5sum with the following command:
>
> md5sum <filename>
>
> 7. References:
>
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0686
>
> 8. Contact:
>
> The Red Hat security contact is <secalert@redhat.com>. More contact
> details at https://www.redhat.com/solutions/security/news/contact.html
>
> Copyright 2003 Red Hat, Inc.
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.0.7 (GNU/Linux)
>
> iD8DBQE/S1GlXlSAg2UNWIIRAhA1AKCwFpItixgKVX6IaAcv0lf1d7HOrwCfUfX6
> +jzALWi6v6ykRHXavDVx4JI=
> =VaAR
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> Redhat-watch-list mailing list
> To unsubscribe, visit: https://www.redhat.com/mailman/listinfo/redhat-watch-list
-- -----------------------------------------------------------------+ Michael R. Berganski Science Systems Applications, Inc (SSAI) NASA's Goddard Space Flight Center Code 902/Distributed Active Archive Center PHONE: (301) 614-5281 Bldg32, Rm.N126-A FAX: (301) 614-5304 Greenbelt, MD 20771-0001 Email: bergansk@daac.gsfc.nasa.gov -----------------------------------------------------------------+ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
- Previous message: Abe Usher: "[Full-Disclosure] towards a taxonomy of Information Assurance (IA)"
- In reply to: bugzilla_at_redhat.com: "[Full-Disclosure] [RHSA-2003:261-01] Updated pam_smb packages fix remote buffer overflow."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
