rPSA-2007-0098-1 samba samba-swat

To: security-announce@xxxxxxxxxxxxxxx, update-announce@xxxxxxxxxxxxxxx
Subject: rPSA-2007-0098-1 samba samba-swat
From: rPath Update Announcements <announce-noreply@xxxxxxxxx>
Date: Tue, 15 May 2007 00:21:52 -0400
Cc: full-disclosure@xxxxxxxxxxxxxxxxx, bugtraq@xxxxxxxxxxxxxxxxx, lwn@xxxxxxx
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
User-agent: nail 11.22 3/20/05

rPath Security Advisory: 2007-0098-1
Published: 2007-05-15
Products: rPath Linux 1
Rating: Severe
Exposure Level Classification:
    Remote Root Non-deterministic Unauthorized Access
Updated Versions:
    samba=/conary.rpath.com@rpl:devel//1/3.0.25-0.1-1
    samba-swat=/conary.rpath.com@rpl:devel//1/3.0.25-0.1-1

References:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2444
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2446
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2447
    https://issues.rpath.com/browse/RPL-1366

Description:
    Previous versions of the samba package are vulnerable to multiple
    attacks in which remote attackers may be able to run arbitrary
    code as the root user on samba servers.

Copyright 2007 rPath, Inc.
This file is distributed under the terms of the MIT License.
A copy is available at http://www.rpath.com/permanent/mit-license.html

Prev by Date: [USN-459-1] pptpd vulnerability
Next by Date: GS07-01 Full-Width and Half-Width Unicode Encoding IDS/IPS/WAF Bypass Vulnerability
Previous by thread: [USN-459-1] pptpd vulnerability
Next by thread: GS07-01 Full-Width and Half-Width Unicode Encoding IDS/IPS/WAF Bypass Vulnerability
Index(es):
- Date
- Thread