Red Hat Product Errata RHSA-2007:1117 - Security Advisory

Issued:: 2007-12-10
Updated:: 2007-12-10

RHSA-2007:1117 - Security Advisory

Overview
Updated Packages

Synopsis

Critical: samba security update

Type/Severity

Security Advisory: Critical

Topic

Updated samba packages that fix a security issue are now available for Red
Hat Enterprise Linux 4.5 Extended Update Support.

This update has been rated as having critical security impact by the Red
Hat Security Response Team.

Description

Samba is a suite of programs used by machines to share files, printers, and
other information.

A stack buffer overflow flaw was found in the way Samba authenticates
remote users. A remote unauthenticated user could trigger this flaw to
cause the Samba server to crash, or execute arbitrary code with the
permissions of the Samba server. (CVE-2007-6015)

Red Hat would like to thank Alin Rad Pop of Secunia Research for
responsibly disclosing this issue.

Users of Samba are advised to upgrade to these updated packages, which
contain a backported patch to resolve this issue.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Affected Products

Red Hat Enterprise Linux Server - Extended Update Support 4.5 x86_64
Red Hat Enterprise Linux Server - Extended Update Support 4.5 ia64
Red Hat Enterprise Linux Server - Extended Update Support 4.5 i386
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.5 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.5 s390
Red Hat Enterprise Linux for Power, big endian - Extended Update Support 4.5 ppc

Fixes

BZ - 396401 - CVE-2007-6015 samba: send_mailslot() buffer overflow

CVEs

CVE-2007-6015

References

http://www.redhat.com/security/updates/classification/#critical

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - Extended Update Support 4.5

SRPM
samba-3.0.10-2.el4_5.2.src.rpm	SHA-256: d440914c43015e2b9ffefc5033bf9c7ec20785aa39544df117f13903a19460a9
x86_64
samba-3.0.10-2.el4_5.2.x86_64.rpm	SHA-256: f3be9f01f5655b11b603bf0ade37de7496953af846a79467c54d6975db71e929
samba-3.0.10-2.el4_5.2.x86_64.rpm	SHA-256: f3be9f01f5655b11b603bf0ade37de7496953af846a79467c54d6975db71e929
samba-client-3.0.10-2.el4_5.2.x86_64.rpm	SHA-256: 75e565b6571c851ae01c2a98fc0ebd0cb9d680ff48a19f0502b95d38214bc306
samba-client-3.0.10-2.el4_5.2.x86_64.rpm	SHA-256: 75e565b6571c851ae01c2a98fc0ebd0cb9d680ff48a19f0502b95d38214bc306
samba-common-3.0.10-2.el4_5.2.i386.rpm	SHA-256: 716605880a0f8e3a6f14d6c67db9cdf0ed0ddbca181475314dcab7915e3985c4
samba-common-3.0.10-2.el4_5.2.i386.rpm	SHA-256: 716605880a0f8e3a6f14d6c67db9cdf0ed0ddbca181475314dcab7915e3985c4
samba-common-3.0.10-2.el4_5.2.x86_64.rpm	SHA-256: 9b58c10895e73e9a3e27d1b1a6c87cbd3df639a0df3188ee332760f6ef51aa6f
samba-common-3.0.10-2.el4_5.2.x86_64.rpm	SHA-256: 9b58c10895e73e9a3e27d1b1a6c87cbd3df639a0df3188ee332760f6ef51aa6f
samba-swat-3.0.10-2.el4_5.2.x86_64.rpm	SHA-256: fe77ad0df06a5f6b66c65e9d33ee76da4b7757fe3d0ed0afc5cf53334a5a63a2
samba-swat-3.0.10-2.el4_5.2.x86_64.rpm	SHA-256: fe77ad0df06a5f6b66c65e9d33ee76da4b7757fe3d0ed0afc5cf53334a5a63a2
ia64
samba-3.0.10-2.el4_5.2.ia64.rpm	SHA-256: 03ead4a0b12ce54e623bdd30b431d74b5938a0c8ce5d0afb7df58d37861ed10a
samba-3.0.10-2.el4_5.2.ia64.rpm	SHA-256: 03ead4a0b12ce54e623bdd30b431d74b5938a0c8ce5d0afb7df58d37861ed10a
samba-client-3.0.10-2.el4_5.2.ia64.rpm	SHA-256: 3499077c0b408a04aa927021a6465e86af6ecd22043bb9022c2656467ba8a57f
samba-client-3.0.10-2.el4_5.2.ia64.rpm	SHA-256: 3499077c0b408a04aa927021a6465e86af6ecd22043bb9022c2656467ba8a57f
samba-common-3.0.10-2.el4_5.2.i386.rpm	SHA-256: 716605880a0f8e3a6f14d6c67db9cdf0ed0ddbca181475314dcab7915e3985c4
samba-common-3.0.10-2.el4_5.2.i386.rpm	SHA-256: 716605880a0f8e3a6f14d6c67db9cdf0ed0ddbca181475314dcab7915e3985c4
samba-common-3.0.10-2.el4_5.2.ia64.rpm	SHA-256: 506842380bfc73986368a1a364113267e6f4b52c14458bcca879635290ef2a4f
samba-common-3.0.10-2.el4_5.2.ia64.rpm	SHA-256: 506842380bfc73986368a1a364113267e6f4b52c14458bcca879635290ef2a4f
samba-swat-3.0.10-2.el4_5.2.ia64.rpm	SHA-256: c08d3fee984325c800d972d472b460cc4842829ac0aa4527a011cafa2e1919f0
samba-swat-3.0.10-2.el4_5.2.ia64.rpm	SHA-256: c08d3fee984325c800d972d472b460cc4842829ac0aa4527a011cafa2e1919f0
i386
samba-3.0.10-2.el4_5.2.i386.rpm	SHA-256: 59145f56c30b3e82d02986d7941c509e3d2265c860ac5af4a57c542e0cdee079
samba-3.0.10-2.el4_5.2.i386.rpm	SHA-256: 59145f56c30b3e82d02986d7941c509e3d2265c860ac5af4a57c542e0cdee079
samba-client-3.0.10-2.el4_5.2.i386.rpm	SHA-256: 81bf6c71aac153cce71e89518fbf1d7b5dc343e0e9f82de86fe11705ea64fa4f
samba-client-3.0.10-2.el4_5.2.i386.rpm	SHA-256: 81bf6c71aac153cce71e89518fbf1d7b5dc343e0e9f82de86fe11705ea64fa4f
samba-common-3.0.10-2.el4_5.2.i386.rpm	SHA-256: 716605880a0f8e3a6f14d6c67db9cdf0ed0ddbca181475314dcab7915e3985c4
samba-common-3.0.10-2.el4_5.2.i386.rpm	SHA-256: 716605880a0f8e3a6f14d6c67db9cdf0ed0ddbca181475314dcab7915e3985c4
samba-swat-3.0.10-2.el4_5.2.i386.rpm	SHA-256: d51e3fc7620c069dab2a9fe6109cf9b3a94e1561cf9de2b8702146578c7d44bc
samba-swat-3.0.10-2.el4_5.2.i386.rpm	SHA-256: d51e3fc7620c069dab2a9fe6109cf9b3a94e1561cf9de2b8702146578c7d44bc

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.5

SRPM
samba-3.0.10-2.el4_5.2.src.rpm	SHA-256: d440914c43015e2b9ffefc5033bf9c7ec20785aa39544df117f13903a19460a9
s390x
samba-3.0.10-2.el4_5.2.s390x.rpm	SHA-256: 2fa205c071e8e00e60fab3b6d5481acfc1053ffb5c8deda5e7cc33aa8f685154
samba-client-3.0.10-2.el4_5.2.s390x.rpm	SHA-256: b032db03c552649d309ddd8494e20db6e71f5c904c9363ef5f8e482ff9ee1f7a
samba-common-3.0.10-2.el4_5.2.s390.rpm	SHA-256: 3743a9d7b7831a8ad5d45c1ec62e0b9a70763a0767ff352d12935806ad70e794
samba-common-3.0.10-2.el4_5.2.s390x.rpm	SHA-256: 755fb677646dbf4ae7feab19d0a4f4158ec9978eb676563bfdaf5bfb89e86a07
samba-swat-3.0.10-2.el4_5.2.s390x.rpm	SHA-256: 4aaa024b21bfaaf29f972efe56b41b03afcae30933d1a540b185333656704d3b
s390
samba-3.0.10-2.el4_5.2.s390.rpm	SHA-256: 7ee8f7d589c8ba25c13e6a95bf79193f6c1e159ea3a0605abdaeb74bcf7e6bad
samba-client-3.0.10-2.el4_5.2.s390.rpm	SHA-256: aa4678db93005fc6edd6450c587b19331df1ae402ac02e06011342d4a388f002
samba-common-3.0.10-2.el4_5.2.s390.rpm	SHA-256: 3743a9d7b7831a8ad5d45c1ec62e0b9a70763a0767ff352d12935806ad70e794
samba-swat-3.0.10-2.el4_5.2.s390.rpm	SHA-256: 6db0dcd529da53d75795b94cdc41292563c61bb98a5f008326062788009f7f93

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 4.5

SRPM
samba-3.0.10-2.el4_5.2.src.rpm	SHA-256: d440914c43015e2b9ffefc5033bf9c7ec20785aa39544df117f13903a19460a9
ppc
samba-3.0.10-2.el4_5.2.ppc.rpm	SHA-256: 81f821ecc6cc811e8d17e5fb81849ef3a0043d854e0d2fef73a2a2545f36cfd2
samba-client-3.0.10-2.el4_5.2.ppc.rpm	SHA-256: e6b47d58a59836934e28dfa74a4949fb02ed7790c6fd90737b3038581c15ed8d
samba-common-3.0.10-2.el4_5.2.ppc.rpm	SHA-256: b7776bf33f1344491e46a56729a2eba41146671313ec71d2debc6aad7e5d1454
samba-common-3.0.10-2.el4_5.2.ppc64.rpm	SHA-256: deb75a46be0a52a40a0eaedd10b995dd781e543279fcb78325ec6806b8463ab8
samba-swat-3.0.10-2.el4_5.2.ppc.rpm	SHA-256: 32ef1952978a2aa32b61c9cfbdb81cc92ac959ac7c955e00c76b553fc3341a76

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

JBoss Development and Management

JBoss Integration and Automation

Mobile

Services

Tools

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories