[ MDKSA-2006:120 ] - Updated samba packages fix DoS vulnerability
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDKSA-2006:120
http://www.mandriva.com/security/
_______________________________________________________________________
Package : samba
Date : July 10, 2006
Affected: 10.2, 2006.0, Corporate 3.0
_______________________________________________________________________
Problem Description:
A vulnerability in samba 3.0.x was discovered where an attacker could
cause a single smbd process to bloat, exhausting memory on the system.
This bug is caused by continually increasing the size of an array which
maintains state information about the number of active share
connections.
Updated packages have been patched to correct this issue.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3403
http://www.samba.org/samba/security/CAN-2006-3403.html
_______________________________________________________________________
Updated Packages:
Mandriva Linux 10.2:
3eb4f4fe83862cc464bec94f345b1205
10.2/RPMS/libsmbclient0-3.0.13-2.1.102mdk.i586.rpm
20257c42dc31bfa2c7528e7033485aeb
10.2/RPMS/libsmbclient0-devel-3.0.13-2.1.102mdk.i586.rpm
4abbb93b864aec424b863085e4cd17fe
10.2/RPMS/libsmbclient0-static-devel-3.0.13-2.1.102mdk.i586.rpm
54c14b19aeda54fb096766938dcd7ba0
10.2/RPMS/mount-cifs-3.0.13-2.1.102mdk.i586.rpm
6a718136f97f343c1673e9e82aa6685c 10.2/RPMS/nss_wins-3.0.13-2.1.102mdk.i586.rpm
e0f0ca5db168dbec2ee78c47b04d4dfe
10.2/RPMS/samba-client-3.0.13-2.1.102mdk.i586.rpm
aca4da8c53f090b9e41bd95690d95a27
10.2/RPMS/samba-common-3.0.13-2.1.102mdk.i586.rpm
80c6725741baa3386e8d15a552a2e5aa
10.2/RPMS/samba-doc-3.0.13-2.1.102mdk.i586.rpm
ef137687ddad3bee055d6d3870e74db8
10.2/RPMS/samba-passdb-mysql-3.0.13-2.1.102mdk.i586.rpm
226357f0e98fa1c3b8abe17a23d1f715
10.2/RPMS/samba-passdb-pgsql-3.0.13-2.1.102mdk.i586.rpm
80a8107ea3f020bc930ecde070aefb61
10.2/RPMS/samba-passdb-xml-3.0.13-2.1.102mdk.i586.rpm
e2d6e9fa08e770f08171d75dd1079d5a
10.2/RPMS/samba-server-3.0.13-2.1.102mdk.i586.rpm
62043615a61aa9424cee64634f6f8d95
10.2/RPMS/samba-smbldap-tools-3.0.13-2.1.102mdk.i586.rpm
b76512984b8268a6c1d6474dd623c405
10.2/RPMS/samba-swat-3.0.13-2.1.102mdk.i586.rpm
21f24f6b6d4ba6ebdaf259c9ad2ff894
10.2/RPMS/samba-vscan-clamav-3.0.13-2.1.102mdk.i586.rpm
268ecfc08e5cd02ec69b2c3df9a79e3c
10.2/RPMS/samba-vscan-icap-3.0.13-2.1.102mdk.i586.rpm
469c6f7ac18bb3f3e963b15d6ddb218b
10.2/RPMS/samba-winbind-3.0.13-2.1.102mdk.i586.rpm
3cfae3f4e389c05b161fc03447fe8ea1 10.2/SRPMS/samba-3.0.13-2.1.102mdk.src.rpm
Mandriva Linux 10.2/X86_64:
1cabdda84ee642347b89b39f9b20647f
x86_64/10.2/RPMS/lib64smbclient0-3.0.13-2.1.102mdk.x86_64.rpm
ac3ed439d87acb15e3c2e29c43a6c15c
x86_64/10.2/RPMS/lib64smbclient0-devel-3.0.13-2.1.102mdk.x86_64.rpm
62220c9ea9b521ae9255351f9d2e9a72
x86_64/10.2/RPMS/lib64smbclient0-static-devel-3.0.13-2.1.102mdk.x86_64.rpm
3eb4f4fe83862cc464bec94f345b1205
x86_64/10.2/RPMS/libsmbclient0-3.0.13-2.1.102mdk.i586.rpm
20257c42dc31bfa2c7528e7033485aeb
x86_64/10.2/RPMS/libsmbclient0-devel-3.0.13-2.1.102mdk.i586.rpm
4abbb93b864aec424b863085e4cd17fe
x86_64/10.2/RPMS/libsmbclient0-static-devel-3.0.13-2.1.102mdk.i586.rpm
e3ee798596a4c1a3986046100967082d
x86_64/10.2/RPMS/mount-cifs-3.0.13-2.1.102mdk.x86_64.rpm
f7cc4e909f28d48b265c11be4ea910d7
x86_64/10.2/RPMS/nss_wins-3.0.13-2.1.102mdk.x86_64.rpm
4740a0c21ac308c552611a5ee347c72a
x86_64/10.2/RPMS/samba-client-3.0.13-2.1.102mdk.x86_64.rpm
6115c746181eaeb5c0d1d507c116a6db
x86_64/10.2/RPMS/samba-common-3.0.13-2.1.102mdk.x86_64.rpm
ff054b178cff6c783fc730ca9c6ada5f
x86_64/10.2/RPMS/samba-doc-3.0.13-2.1.102mdk.x86_64.rpm
c6e65bf57165bdc7f438e92ec9bd7823
x86_64/10.2/RPMS/samba-passdb-mysql-3.0.13-2.1.102mdk.x86_64.rpm
abf978ba0e1a53d0bc7c9938787d57f5
x86_64/10.2/RPMS/samba-passdb-pgsql-3.0.13-2.1.102mdk.x86_64.rpm
8d3dcc5cfd15c7401bd0c1835b2ede77
x86_64/10.2/RPMS/samba-passdb-xml-3.0.13-2.1.102mdk.x86_64.rpm
47c818ab47d1a18e3fe2bdc44d7c3916
x86_64/10.2/RPMS/samba-server-3.0.13-2.1.102mdk.x86_64.rpm
0d64c5d745416788db5c1e879f04ae03
x86_64/10.2/RPMS/samba-smbldap-tools-3.0.13-2.1.102mdk.x86_64.rpm
fb96a98a1ec0fa08001e0ecb155bb243
x86_64/10.2/RPMS/samba-swat-3.0.13-2.1.102mdk.x86_64.rpm
06d7c44374d9ba8cde7077da3d6908c7
x86_64/10.2/RPMS/samba-vscan-clamav-3.0.13-2.1.102mdk.x86_64.rpm
d7349d986a8b2b602c2c74d405571c27
x86_64/10.2/RPMS/samba-vscan-icap-3.0.13-2.1.102mdk.x86_64.rpm
a7b8792e6ee53529f84dbb2c42431396
x86_64/10.2/RPMS/samba-winbind-3.0.13-2.1.102mdk.x86_64.rpm
3cfae3f4e389c05b161fc03447fe8ea1
x86_64/10.2/SRPMS/samba-3.0.13-2.1.102mdk.src.rpm
Mandriva Linux 2006.0:
b639e531c8aa76a45bb4fd7fc0c9d08f
2006.0/RPMS/libsmbclient0-3.0.20-3.1.20060mdk.i586.rpm
21d7c1bcdae8ba923815557a265aed8c
2006.0/RPMS/libsmbclient0-devel-3.0.20-3.1.20060mdk.i586.rpm
2922f2ad71b836793477e9774962ab81
2006.0/RPMS/libsmbclient0-static-devel-3.0.20-3.1.20060mdk.i586.rpm
b1950669d6c9988067d98f80d3ed9f05
2006.0/RPMS/mount-cifs-3.0.20-3.1.20060mdk.i586.rpm
ad230ddd398f550ec0c5b56b8a0c7af9
2006.0/RPMS/nss_wins-3.0.20-3.1.20060mdk.i586.rpm
f74482cc4bba045eecd6302878e5cd98
2006.0/RPMS/samba-client-3.0.20-3.1.20060mdk.i586.rpm
1988d3cb187321c59f0ffd583089cdf2
2006.0/RPMS/samba-common-3.0.20-3.1.20060mdk.i586.rpm
7c3130bec18d3ca0d75b8acf724871ac
2006.0/RPMS/samba-doc-3.0.20-3.1.20060mdk.i586.rpm
73402f8d15a49c079c1c374a1a3926b7
2006.0/RPMS/samba-passdb-mysql-3.0.20-3.1.20060mdk.i586.rpm
fe7d3ceac2df5a79853759b4b9eb8f21
2006.0/RPMS/samba-passdb-pgsql-3.0.20-3.1.20060mdk.i586.rpm
cc4cb9b9eda79cc7d2ebbbe1eca8d098
2006.0/RPMS/samba-passdb-xml-3.0.20-3.1.20060mdk.i586.rpm
00602cff731083e2477f3a78ae69c9e4
2006.0/RPMS/samba-server-3.0.20-3.1.20060mdk.i586.rpm
58337068762956f952cd8dde7dbed638
2006.0/RPMS/samba-smbldap-tools-3.0.20-3.1.20060mdk.i586.rpm
39aadf73c4aff1c9e90cf5a9bd883ce0
2006.0/RPMS/samba-swat-3.0.20-3.1.20060mdk.i586.rpm
b4055e2c5247be3762da9baa912c69f8
2006.0/RPMS/samba-vscan-clamav-3.0.20-3.1.20060mdk.i586.rpm
bf5619e50e6603faf8c6b62f823a7c3b
2006.0/RPMS/samba-vscan-icap-3.0.20-3.1.20060mdk.i586.rpm
b823e686c69c157bf640209611700e74
2006.0/RPMS/samba-winbind-3.0.20-3.1.20060mdk.i586.rpm
f573ef27d6ae8fce9cd2451371d00f2c
2006.0/SRPMS/samba-3.0.20-3.1.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64:
b8246df3c55f97343bc04dfe77733fc5
x86_64/2006.0/RPMS/lib64smbclient0-3.0.20-3.1.20060mdk.x86_64.rpm
d0c721a3523d3718e1e78ade2665b728
x86_64/2006.0/RPMS/lib64smbclient0-devel-3.0.20-3.1.20060mdk.x86_64.rpm
9c9852254610c810932013dd19917de8
x86_64/2006.0/RPMS/lib64smbclient0-static-devel-3.0.20-3.1.20060mdk.x86_64.rpm
b639e531c8aa76a45bb4fd7fc0c9d08f
x86_64/2006.0/RPMS/libsmbclient0-3.0.20-3.1.20060mdk.i586.rpm
21d7c1bcdae8ba923815557a265aed8c
x86_64/2006.0/RPMS/libsmbclient0-devel-3.0.20-3.1.20060mdk.i586.rpm
2922f2ad71b836793477e9774962ab81
x86_64/2006.0/RPMS/libsmbclient0-static-devel-3.0.20-3.1.20060mdk.i586.rpm
7b1644dda9a0e0fc61e2553a16c3227f
x86_64/2006.0/RPMS/mount-cifs-3.0.20-3.1.20060mdk.x86_64.rpm
d05b51b91f6956ce210254b8140e1dff
x86_64/2006.0/RPMS/nss_wins-3.0.20-3.1.20060mdk.x86_64.rpm
f6a100b3426487ecaf1402d0f13fe2c6
x86_64/2006.0/RPMS/samba-client-3.0.20-3.1.20060mdk.x86_64.rpm
b924d9378647d7854b9a1fe7d4cbcacb
x86_64/2006.0/RPMS/samba-common-3.0.20-3.1.20060mdk.x86_64.rpm
70fe3749aa34cf856a238854c4a8ffba
x86_64/2006.0/RPMS/samba-doc-3.0.20-3.1.20060mdk.x86_64.rpm
e41a7d5cd9ec6113d9cdfa6e5f6824db
x86_64/2006.0/RPMS/samba-passdb-mysql-3.0.20-3.1.20060mdk.x86_64.rpm
112d3d019065f29c8ccab1bed7e24ff9
x86_64/2006.0/RPMS/samba-passdb-pgsql-3.0.20-3.1.20060mdk.x86_64.rpm
d25dd65d363d8412df0907c36af667bb
x86_64/2006.0/RPMS/samba-passdb-xml-3.0.20-3.1.20060mdk.x86_64.rpm
f00babb6d600c46d81315ef2ea05c253
x86_64/2006.0/RPMS/samba-server-3.0.20-3.1.20060mdk.x86_64.rpm
e371858956f729e8b1d8020b4b929d10
x86_64/2006.0/RPMS/samba-smbldap-tools-3.0.20-3.1.20060mdk.x86_64.rpm
456d9ed7f29dc686b8803888058dbdd8
x86_64/2006.0/RPMS/samba-swat-3.0.20-3.1.20060mdk.x86_64.rpm
cc428a83917f6bee4381ac29673c338e
x86_64/2006.0/RPMS/samba-vscan-clamav-3.0.20-3.1.20060mdk.x86_64.rpm
9f4f4c7e4ad64b3c38fcb9644e6ca217
x86_64/2006.0/RPMS/samba-vscan-icap-3.0.20-3.1.20060mdk.x86_64.rpm
2dab89ab81536b0b32af36468271e192
x86_64/2006.0/RPMS/samba-winbind-3.0.20-3.1.20060mdk.x86_64.rpm
f573ef27d6ae8fce9cd2451371d00f2c
x86_64/2006.0/SRPMS/samba-3.0.20-3.1.20060mdk.src.rpm
Corporate 3.0:
4490da65fef66f064a59282b7da68621
corporate/3.0/RPMS/libsmbclient0-3.0.14a-6.2.C30mdk.i586.rpm
5d2f6de8c701a826f214600c8dde0528
corporate/3.0/RPMS/libsmbclient0-devel-3.0.14a-6.2.C30mdk.i586.rpm
d06d370c2816e6eaf15d97a5c7560519
corporate/3.0/RPMS/libsmbclient0-static-devel-3.0.14a-6.2.C30mdk.i586.rpm
3f4512e20d14ffd6c49ad6574913770c
corporate/3.0/RPMS/mount-cifs-3.0.14a-6.2.C30mdk.i586.rpm
7b6264fbeb301b7c73a5ae7c74ddacfc
corporate/3.0/RPMS/nss_wins-3.0.14a-6.2.C30mdk.i586.rpm
3e372468edf4ba40c6e16c6e6744ea0e
corporate/3.0/RPMS/samba-client-3.0.14a-6.2.C30mdk.i586.rpm
423f53ba9b7d75ba0adde3c9279bd934
corporate/3.0/RPMS/samba-common-3.0.14a-6.2.C30mdk.i586.rpm
f109661cbadfe418f435dbc099a15c53
corporate/3.0/RPMS/samba-doc-3.0.14a-6.2.C30mdk.i586.rpm
3f0f332b7d2b4ad8f94c51c90d65506d
corporate/3.0/RPMS/samba-passdb-xml-3.0.14a-6.2.C30mdk.i586.rpm
2e3737a856981e6e2b773aadca191415
corporate/3.0/RPMS/samba-server-3.0.14a-6.2.C30mdk.i586.rpm
29cc6e056bad1c89e7290ca70b8f0de5
corporate/3.0/RPMS/samba-smbldap-tools-3.0.14a-6.2.C30mdk.i586.rpm
96546053ae0ef2f00c2dc8580dc2c0c9
corporate/3.0/RPMS/samba-swat-3.0.14a-6.2.C30mdk.i586.rpm
0c0fd8f911403b7f7ae188ee788ad507
corporate/3.0/RPMS/samba-vscan-antivir-3.0.14a-6.2.C30mdk.i586.rpm
6840658b50e1b7d0f7f268289b204893
corporate/3.0/RPMS/samba-vscan-clamav-3.0.14a-6.2.C30mdk.i586.rpm
f31679aaf15c51d8264a8b3a4066190e
corporate/3.0/RPMS/samba-vscan-icap-3.0.14a-6.2.C30mdk.i586.rpm
ec4717b55261f70dec4d2c8955c385f1
corporate/3.0/RPMS/samba-winbind-3.0.14a-6.2.C30mdk.i586.rpm
da1c9c209543730d10e83f9a9f5ebfcf
corporate/3.0/SRPMS/samba-3.0.14a-6.2.C30mdk.src.rpm
Corporate 3.0/X86_64:
1416831d844bf7b87db3c70d60100022
x86_64/corporate/3.0/RPMS/lib64smbclient0-3.0.14a-6.2.C30mdk.x86_64.rpm
98417e53a7fbf9edc798581fb5d3edb3
x86_64/corporate/3.0/RPMS/lib64smbclient0-devel-3.0.14a-6.2.C30mdk.x86_64.rpm
5299fbefd6638bc1dbd7724dd2e728e6
x86_64/corporate/3.0/RPMS/lib64smbclient0-static-devel-3.0.14a-6.2.C30mdk.x86_64.rpm
ac8436d779dd384229594009426bd559
x86_64/corporate/3.0/RPMS/mount-cifs-3.0.14a-6.2.C30mdk.x86_64.rpm
fec20e25461d3c5fef537496df93c94c
x86_64/corporate/3.0/RPMS/nss_wins-3.0.14a-6.2.C30mdk.x86_64.rpm
8eea99ec757c429e4bed9258a59e7507
x86_64/corporate/3.0/RPMS/samba-client-3.0.14a-6.2.C30mdk.x86_64.rpm
bac614217b2432ebb4d1ba9608caf26a
x86_64/corporate/3.0/RPMS/samba-common-3.0.14a-6.2.C30mdk.x86_64.rpm
388f186ee4360a4a57c558cb9cec1696
x86_64/corporate/3.0/RPMS/samba-doc-3.0.14a-6.2.C30mdk.x86_64.rpm
20e69617864bcd21ba5e2f82bf2d83b0
x86_64/corporate/3.0/RPMS/samba-passdb-xml-3.0.14a-6.2.C30mdk.x86_64.rpm
30791f102847b0aeca488aebad4e07a4
x86_64/corporate/3.0/RPMS/samba-server-3.0.14a-6.2.C30mdk.x86_64.rpm
15f39f30be615b23ca2afb5a4be4bf8d
x86_64/corporate/3.0/RPMS/samba-smbldap-tools-3.0.14a-6.2.C30mdk.x86_64.rpm
35cfe4ebc5ebe39af764577356e3fddc
x86_64/corporate/3.0/RPMS/samba-swat-3.0.14a-6.2.C30mdk.x86_64.rpm
1e46268670190e240fa2f73281b1bdf0
x86_64/corporate/3.0/RPMS/samba-vscan-antivir-3.0.14a-6.2.C30mdk.x86_64.rpm
98f42b0625686a84939876938f046593
x86_64/corporate/3.0/RPMS/samba-vscan-clamav-3.0.14a-6.2.C30mdk.x86_64.rpm
9b5c6b52c20699f58d9085e3a46fc877
x86_64/corporate/3.0/RPMS/samba-vscan-icap-3.0.14a-6.2.C30mdk.x86_64.rpm
d9471fcbc2b1a0b76ca5a4623b54807e
x86_64/corporate/3.0/RPMS/samba-winbind-3.0.14a-6.2.C30mdk.x86_64.rpm
da1c9c209543730d10e83f9a9f5ebfcf
x86_64/corporate/3.0/SRPMS/samba-3.0.14a-6.2.C30mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFEszpqmqjQ0CJFipgRAjDnAJ0S7bC4FZeeAjD0Jl66B71c7N6BugCeKstA
UPkBaJB/rUE03L5PqfzR8kw=
=SITV
-----END PGP SIGNATURE-----