NT Authentication PAM Modules Buffer Overflow Vulnerability
BID:1666
Info
NT Authentication PAM Modules Buffer Overflow Vulnerability
| Bugtraq ID: | 1666 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2000-0843 |
| Remote: | Yes |
| Local: | Yes |
| Published: | Sep 11 2000 12:00AM |
| Updated: | Jul 11 2009 02:56AM |
| Credit: | This vulnerability was first reported in an advisory posted to Bugtraq on September 11, 2000 by Secure Reality Pty Ltd. |
| Vulnerable: |
Samba pam_smb 1.1.5 Samba pam_ntdom 0.23 |
| Not Vulnerable: |
Samba pam_smb 1.1.6 Samba pam_ntdom 0.24 |
Solution / Fix
NT Authentication PAM Modules Buffer Overflow Vulnerability
Solution:
This vulnerability has been fixed in the latest releases of both pam_smb and pam_ntdom.
Conectiva has released updated RPMs.
SuSE has released updated RPMs:
i386 Intel Platform:
SuSE-7.0
ftp://ftp.suse.com/pub/suse/i386/update/7.0/n1/pam_smb-1.1.6-0.i386.rpm
b5f7c7d92f9f023446a6ca3e73689aee
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.0/zq1/pam_smb-1.1.6-0.src.rpm
f56fa744add8ccdc9777f28475106148
SuSE-6.4
ftp://ftp.suse.com/pub/suse/i386/update/6.4/n1/pam_smb-1.1.6-0.i386.rpm
736c2fe5460724461b96d60b057bd4ab
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.4/zq1/pam_smb-1.1.6-0.src.rpm
fcfa4609d7d62c6fb0e1f03652dcaf56
SuSE-6.3
ftp://ftp.suse.com/pub/suse/i386/update/6.3/n1/pam_smb-1.1.6-0.i386.rpm
d5559e6f3474adcc041f7f8156cde15d
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.3/zq1/pam_smb-1.1.6-0.src.rpm
4fecea0bdf9db5c97d20e0c1e6153663
SuSE-6.2
ftp://ftp.suse.com/pub/suse/i386/update/6.2/n1/pam_smb-1.1.6-0.i386.rpm
73258171e7837d2995b39ebeeb3a87ff
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.2/zq1/pam_smb-1.1.6-0.src.rpm
f8f6f03f3c15f2f3c38f30bd97164919
Sparc Platform:
SuSE-7.0
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/n1/pam_smb-1.1.6-0.sparc.rpm
9514dd4d6b54208468f0b5aca6ac51e4
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/zq1/pam_smb-1.1.6-0.src.rpm
22e8dc3e1b51a0f73e7451edd32dc824
AXP Alpha Platform:
SuSE-6.4
ftp://ftp.suse.com/pub/suse/axp/update/6.4/n1/pam_smb-1.1.6-0.alpha.rpm
58547d46f0d19a73f6df6dd60693379f
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.4/zq1/pam_smb-1.1.6-0.src.rpm
5a14499e61e22607efd6f5a6700bf9f8
SuSE-6.3
ftp://ftp.suse.com/pub/suse/axp/update/6.3/n1/pam_smb-1.1.6-0.alpha.rpm
b507bcffe74723c5e950af141e17dce5
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.3/zq1/pam_smb-1.1.6-0.src.rpm
f9e692675604c2e1fad3567b394e12d6
PPC Power PC Platform:
SuSE-6.4
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/n1/pam_smb-1.1.6-0.ppc.rpm
4a098a9308e93f207fa908f6febd7800
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/zq1/pam_smb-1.1.6-0.src.rpm
7e13f60d71ecbda1fc4e3b3765a5ec35
Debian packages (from the Debian advisory):
Debian GNU/Linux 2.2 alias potato
- ------------------------------------
Potato was released for the alpha, arm, i386, m68k, powerpc and sparc
architectures. At this moment packages for m68k are not yet
available. As soon as they are ready we will put them online and
list them on the security pages at http://security.debian.org/.
Source archives:
http://security.debian.org/dists/stable/updates/main/source/libpam-smb_1.1.6-1.diff.gz
MD5 checksum: 6105db037fe3503c04cba3e08150c448
http://security.debian.org/dists/stable/updates/main/source/libpam-smb_1.1.6-1.dsc
MD5 checksum: c83845843024a062c692c2c0d5887485
http://security.debian.org/dists/stable/updates/main/source/libpam-smb_1.1.6.orig.tar.gz
MD5 checksum: 7d18363b7ab932f852f670b4aeed1283
Alpha architecture:
http://security.debian.org/dists/stable/updates/main/binary-alpha/libpam-smb_1.1.6-1_alpha.deb
MD5 checksum: bc93244ff451f7c14e194d538eacef04
ARM architecture:
http://security.debian.org/dists/stable/updates/main/binary-arm/libpam-smb_1.1.6-1_arm.deb
MD5 checksum: f2ae975ab2916376466d7a23bbc4dc66
Intel ia32 architecture:
http://security.debian.org/dists/stable/updates/main/binary-i386/libpam-smb_1.1.6-1_i386.deb
MD5 checksum: c4e884fd29c7e726b85d636a8f22688c
PowerPC architecture:
http://security.debian.org/dists/stable/updates/main/binary-powerpc/libpam-smb_1.1.6-1_powerpc.deb
MD5 checksum: cd4731e20045da27eac56a64b5feab63
Sun Sparc architecture:
http://security.debian.org/dists/stable/updates/main/binary-sparc/libpam-smb_1.1.6-1_sparc.deb
MD5 checksum: 71759e4ae9bfd4d1cc3788869084f10f
Samba pam_ntdom 0.23
Samba pam_smb 1.1.5
Solution:
This vulnerability has been fixed in the latest releases of both pam_smb and pam_ntdom.
Conectiva has released updated RPMs.
SuSE has released updated RPMs:
i386 Intel Platform:
SuSE-7.0
ftp://ftp.suse.com/pub/suse/i386/update/7.0/n1/pam_smb-1.1.6-0.i386.rpm
b5f7c7d92f9f023446a6ca3e73689aee
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.0/zq1/pam_smb-1.1.6-0.src.rpm
f56fa744add8ccdc9777f28475106148
SuSE-6.4
ftp://ftp.suse.com/pub/suse/i386/update/6.4/n1/pam_smb-1.1.6-0.i386.rpm
736c2fe5460724461b96d60b057bd4ab
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.4/zq1/pam_smb-1.1.6-0.src.rpm
fcfa4609d7d62c6fb0e1f03652dcaf56
SuSE-6.3
ftp://ftp.suse.com/pub/suse/i386/update/6.3/n1/pam_smb-1.1.6-0.i386.rpm
d5559e6f3474adcc041f7f8156cde15d
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.3/zq1/pam_smb-1.1.6-0.src.rpm
4fecea0bdf9db5c97d20e0c1e6153663
SuSE-6.2
ftp://ftp.suse.com/pub/suse/i386/update/6.2/n1/pam_smb-1.1.6-0.i386.rpm
73258171e7837d2995b39ebeeb3a87ff
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.2/zq1/pam_smb-1.1.6-0.src.rpm
f8f6f03f3c15f2f3c38f30bd97164919
Sparc Platform:
SuSE-7.0
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/n1/pam_smb-1.1.6-0.sparc.rpm
9514dd4d6b54208468f0b5aca6ac51e4
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/zq1/pam_smb-1.1.6-0.src.rpm
22e8dc3e1b51a0f73e7451edd32dc824
AXP Alpha Platform:
SuSE-6.4
ftp://ftp.suse.com/pub/suse/axp/update/6.4/n1/pam_smb-1.1.6-0.alpha.rpm
58547d46f0d19a73f6df6dd60693379f
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.4/zq1/pam_smb-1.1.6-0.src.rpm
5a14499e61e22607efd6f5a6700bf9f8
SuSE-6.3
ftp://ftp.suse.com/pub/suse/axp/update/6.3/n1/pam_smb-1.1.6-0.alpha.rpm
b507bcffe74723c5e950af141e17dce5
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.3/zq1/pam_smb-1.1.6-0.src.rpm
f9e692675604c2e1fad3567b394e12d6
PPC Power PC Platform:
SuSE-6.4
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/n1/pam_smb-1.1.6-0.ppc.rpm
4a098a9308e93f207fa908f6febd7800
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/zq1/pam_smb-1.1.6-0.src.rpm
7e13f60d71ecbda1fc4e3b3765a5ec35
Debian packages (from the Debian advisory):
Debian GNU/Linux 2.2 alias potato
- ------------------------------------
Potato was released for the alpha, arm, i386, m68k, powerpc and sparc
architectures. At this moment packages for m68k are not yet
available. As soon as they are ready we will put them online and
list them on the security pages at http://security.debian.org/.
Source archives:
http://security.debian.org/dists/stable/updates/main/source/libpam-smb_1.1.6-1.diff.gz
MD5 checksum: 6105db037fe3503c04cba3e08150c448
http://security.debian.org/dists/stable/updates/main/source/libpam-smb_1.1.6-1.dsc
MD5 checksum: c83845843024a062c692c2c0d5887485
http://security.debian.org/dists/stable/updates/main/source/libpam-smb_1.1.6.orig.tar.gz
MD5 checksum: 7d18363b7ab932f852f670b4aeed1283
Alpha architecture:
http://security.debian.org/dists/stable/updates/main/binary-alpha/libpam-smb_1.1.6-1_alpha.deb
MD5 checksum: bc93244ff451f7c14e194d538eacef04
ARM architecture:
http://security.debian.org/dists/stable/updates/main/binary-arm/libpam-smb_1.1.6-1_arm.deb
MD5 checksum: f2ae975ab2916376466d7a23bbc4dc66
Intel ia32 architecture:
http://security.debian.org/dists/stable/updates/main/binary-i386/libpam-smb_1.1.6-1_i386.deb
MD5 checksum: c4e884fd29c7e726b85d636a8f22688c
PowerPC architecture:
http://security.debian.org/dists/stable/updates/main/binary-powerpc/libpam-smb_1.1.6-1_powerpc.deb
MD5 checksum: cd4731e20045da27eac56a64b5feab63
Sun Sparc architecture:
http://security.debian.org/dists/stable/updates/main/binary-sparc/libpam-smb_1.1.6-1_sparc.deb
MD5 checksum: 71759e4ae9bfd4d1cc3788869084f10f
Samba pam_ntdom 0.23
-
Luke Kenneth Casson Leighton pam_ntdom.tar.gz
http://cb1.com/~lkcl/pam-ntdom/pam_ntdom.tar.gz
Samba pam_smb 1.1.5
-
Conectiva pam_smb-1.1.6-1cl (i386)
ftp://atualizacoes.conectiva.com.br/5.1/i386/pam_smb-1.1.6-1cl.i386.rp m -
Conectiva pam_smb-1.1.6-1cl (source)
ftp://atualizacoes.conectiva.com.br/5.1/SRPMS/pam_smb-1.1.6-1cl.src.rp m -
Samba pam_smb-1.1.6.tar.gz
ftp://ftp.samba.org/pub/samba/pam_smb/pam_smb-1.1.6.tar.gz