安全研究
安全漏洞
Samba服务器call_trans2open远程缓冲区溢出漏洞
发布日期:2003-04-07
更新日期:2003-04-09
受影响系统:
Samba Samba 2.2.8不受影响系统:
Samba Samba 2.2.7
Samba Samba 2.2.6
Samba Samba 2.2.5
Samba Samba 2.2.4
Samba Samba 2.2.3
Samba Samba 2.2.2
Samba Samba 2.2.0a
Samba Samba 2.2.0
Samba Samba 2.0.10
Samba-TNG Samba-TNG 0.3.1
Samba-TNG Samba-TNG 0.3
Samba Samba 2.2.7a
- Caldera eDesktop 2.4
- Caldera eServer 2.3.1
- Conectiva Linux 8.0
- Debian Linux 3.0
- Mandrake Linux 9.0
- Mandrake Linux 8.2
- RedHat Linux 8.0
- SuSE Linux 8.1
Samba Samba 2.2.8a描述:
Samba-TNG Samba-TNG 0.3.2
BUGTRAQ ID: 7294
CVE(CAN) ID: CVE-2003-0201
Samba是一套实现SMB(Server Messages Block)协议,跨平台进行文件共享和打印共享服务的程序。Samba-TNG是一款Samba的衍生版本。
Samba程序由于对外部输入缺少正确的边界缓冲区检查,远程攻击者可以利用这个漏洞以root用户权限在系统上执行任意指令。
问题是smbd/trans2.c文件中的call_trans2open()函数调用:
StrnCpy(fname,pname,namelen); /* Line 252 of smbd/trans2.c */
StrnCpy函数使用namelen拷贝pname到fname中,如果变量namelen赋值为strlen(pname)+1,就会发生缓冲区溢出。变量'fname'是_typedef_ pstring类型,是大小为1024字节的字符,如果pname超过1024字节,就可以覆盖堆栈中的敏感地址,精心构建提交数据可能以root用户权限在系统上执行任意指令。
<*来源:Erik Parker (erik.parker@digitaldefense.net)
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=104972664226781&w=2
https://www.redhat.com/support/errata/RHSA-2003-137.html
http://www.suse.de/de/security/2003_025_samba.html
http://www.debian.org/security/2003/dsa-280
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-03:01.asc
http://www.linux-mandrake.com/en/security/2003/2003-044.php
*>
建议:
临时解决方法:
如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁:
* 修改smbd/trans2.c中的250行:
-StrnCpy(fname,pname,namelen);
+StrnCpy(fname,pname,MIN(namelen, sizeof(fname)-1));
厂商补丁:
Debian
------
Debian已经为此发布了一个安全公告(DSA-280-1)以及相应补丁:
DSA-280-1:New samba packages fix remote root exploit
链接:http://www.debian.org/security/2002/dsa-280
补丁下载:
Source archives:
http://security.debian.org/pool/updates/main/s/samba/samba_2.0.7-5.1.dsc
Size/MD5 checksum: 682 f6408cc26d6825708b42aee5804346aa
http://security.debian.org/pool/updates/main/s/samba/samba_2.0.7-5.1.diff.gz
Size/MD5 checksum: 84907 aa39196e9842b853e2ca6eccb69a67ee
http://security.debian.org/pool/updates/main/s/samba/samba_2.0.7.orig.tar.gz
Size/MD5 checksum: 4276392 b5e61ea655d476072fd0365785fea2d0
Architecture independent components:
http://security.debian.org/pool/updates/main/s/samba/samba-doc_2.0.7-5.1_all.deb
Size/MD5 checksum: 1730866 e50fbefba3bdf5abeb136484a19cae19
Alpha architecture:
http://security.debian.org/pool/updates/main/s/samba/samba_2.0.7-5.1_alpha.deb
Size/MD5 checksum: 1368434 6f5c06a774c9cdf07fe10d739221644f
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.0.7-5.1_alpha.deb
Size/MD5 checksum: 671138 07967650ed35874384c3cdf6f630f024
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.0.7-5.1_alpha.deb
Size/MD5 checksum: 751518 5ca4feb086cdd75e96a76c45ffed0761
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.0.7-5.1_alpha.deb
Size/MD5 checksum: 464608 1f59a2592e652886f33155f1b177733a
http://security.debian.org/pool/updates/main/s/samba/swat_2.0.7-5.1_alpha.deb
Size/MD5 checksum: 303764 9d2f4dc0431453363c1ec61f110ebfd5
ARM architecture:
http://security.debian.org/pool/updates/main/s/samba/samba_2.0.7-5.1_arm.deb
Size/MD5 checksum: 1128522 3385d1640b33672a960b515a24076f73
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.0.7-5.1_arm.deb
Size/MD5 checksum: 594892 3b0da8cf9d6baa38be60b20fd40d3e67
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.0.7-5.1_arm.deb
Size/MD5 checksum: 611464 2d2293eb3af68122af74fce318fe1daf
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.0.7-5.1_arm.deb
Size/MD5 checksum: 379972 810376b6f2eeb326c8b4077bab9a642d
http://security.debian.org/pool/updates/main/s/samba/swat_2.0.7-5.1_arm.deb
Size/MD5 checksum: 251962 8add539661bb6cf17feeb141179f5e5e
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/s/samba/samba_2.0.7-5.1_i386.deb
Size/MD5 checksum: 1038178 85520066846690baf161dcd1e109e3b4
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.0.7-5.1_i386.deb
Size/MD5 checksum: 570658 e7cf4ae028c0e629bf5d4ebd4e762840
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.0.7-5.1_i386.deb
Size/MD5 checksum: 560702 4b15aab22dc0b5d5d43f3094594261dc
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.0.7-5.1_i386.deb
Size/MD5 checksum: 351374 7baebac78c9f9db2d474d549193b3229
http://security.debian.org/pool/updates/main/s/samba/swat_2.0.7-5.1_i386.deb
Size/MD5 checksum: 233416 521feb878fe8c9d0d145cabc98de136f
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/s/samba/samba_2.0.7-5.1_m68k.deb
Size/MD5 checksum: 993334 465a088df279605a161bceb13d3fadc7
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.0.7-5.1_m68k.deb
Size/MD5 checksum: 557152 88a5169cabadefcf300d46dff7009535
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.0.7-5.1_m68k.deb
Size/MD5 checksum: 536528 20e0c945b6b4f26df08a878a93abb260
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.0.7-5.1_m68k.deb
Size/MD5 checksum: 339706 319d3aba8172f071040a192ee40d0fce
http://security.debian.org/pool/updates/main/s/samba/swat_2.0.7-5.1_m68k.deb
Size/MD5 checksum: 222556 dbdbac65a0bc736fbed9bcc42c3dabb1
PowerPC architecture:
http://security.debian.org/pool/updates/main/s/samba/samba_2.0.7-5.1_powerpc.deb
Size/MD5 checksum: 1124154 e4624fae9942e547c68fcdbfbb88bb7d
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.0.7-5.1_powerpc.deb
Size/MD5 checksum: 594476 7146e39be6c26d868073b608230bd340
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.0.7-5.1_powerpc.deb
Size/MD5 checksum: 610070 0e78c52db69ad9b7a52da770e3298878
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.0.7-5.1_powerpc.deb
Size/MD5 checksum: 382148 5b5cbb24a03eca3ec9b78ae13d4fa614
http://security.debian.org/pool/updates/main/s/samba/swat_2.0.7-5.1_powerpc.deb
Size/MD5 checksum: 249498 f154320039176b37409f05779d1996bb
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/s/samba/samba_2.0.7-5.1_sparc.deb
Size/MD5 checksum: 1078602 1f445aae567baec75e505f440edd0f09
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.0.7-5.1_sparc.deb
Size/MD5 checksum: 579380 b365b132c1c7e9c0d57ef7f276b5da77
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.0.7-5.1_sparc.deb
Size/MD5 checksum: 582546 fdedc1d9603d7e2cd228c1e03ae3dabd
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.0.7-5.1_sparc.deb
Size/MD5 checksum: 370142 bb7fe297be69cf6fd616c3313cff0c39
http://security.debian.org/pool/updates/main/s/samba/swat_2.0.7-5.1_sparc.deb
Size/MD5 checksum: 238022 49f30ea2b3b35b0f13555552a0b425da
Debian GNU/Linux 3.0 alias woody
- --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12.3.dsc
Size/MD5 checksum: 775 5f18ccaf2970533be3f05a90e03bac1c
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12.3.diff.gz
Size/MD5 checksum: 106803 b808c4981fed03517133e72380761d54
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a.orig.tar.gz
Size/MD5 checksum: 5460531 b6ec2f076af69331535a82b586f55254
Architecture independent components:
http://security.debian.org/pool/updates/main/s/samba/samba-doc_2.2.3a-12.3_all.deb
Size/MD5 checksum: 2446782 dcb1367dbed6335737462ce37df18f0e
Alpha architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-12.3_alpha.deb
Size/MD5 checksum: 415512 862da7713b4dca3bfe6d377e4aa06e13
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-12.3_alpha.deb
Size/MD5 checksum: 489496 6ee4181b4870d9abf54971ccda168dc0
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-12.3_alpha.deb
Size/MD5 checksum: 600300 698c64a6075cdc611d7e92ac866104e2
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12.3_alpha.deb
Size/MD5 checksum: 2955784 ce8e4d9f25d69f5cd57c4953e34232b2
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-12.3_alpha.deb
Size/MD5 checksum: 1131198 08a2e7a45eeda033f21d0a0ae30093ea
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-12.3_alpha.deb
Size/MD5 checksum: 1155864 c9f62a4fb7f466f6021d8bb9502db613
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-12.3_alpha.deb
Size/MD5 checksum: 949688 d3efd53fd097522256e435a051a4bba4
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-12.3_alpha.deb
Size/MD5 checksum: 622874 e64c3ff3f4dcd310506b5c7378f05143
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-12.3_alpha.deb
Size/MD5 checksum: 1106698 60cb1046c673b7ba41de384b18d58889
ARM architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-12.3_arm.deb
Size/MD5 checksum: 396454 ae71f59c6a323e2230c44c17510a19c9
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-12.3_arm.deb
Size/MD5 checksum: 460908 b4a443ab0ca4c5e25d02fab39e9f7a3f
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-12.3_arm.deb
Size/MD5 checksum: 546276 9b0972ad784ffa10531112d7b42c99b7
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12.3_arm.deb
Size/MD5 checksum: 2541614 3ce3f9f871e14c52adcf5e872d9b66f9
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-12.3_arm.deb
Size/MD5 checksum: 1021870 d3e8ea9d44917071bb3807b98d20226e
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-12.3_arm.deb
Size/MD5 checksum: 999836 f63976f0ae52a71e1428bf9fe5a6827c
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-12.3_arm.deb
Size/MD5 checksum: 829672 8da34b6cc2f798cf4eaecd36ab39472b
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-12.3_arm.deb
Size/MD5 checksum: 555968 15d541a4fbfaa4936db57f68389e60a8
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-12.3_arm.deb
Size/MD5 checksum: 972656 0245c16628b1658579604d224611301a
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-12.3_i386.deb
Size/MD5 checksum: 388716 def75c4c1ac9652e2b90e2c532f4d91d
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-12.3_i386.deb
Size/MD5 checksum: 446168 207e54dcb64f4571bc906f12915ff769
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-12.3_i386.deb
Size/MD5 checksum: 499904 9a4a99d2ec176e6658b8423afd6c36fb
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12.3_i386.deb
Size/MD5 checksum: 2417166 d7daf3069c37042246f785bdc4f1f1d2
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-12.3_i386.deb
Size/MD5 checksum: 993192 1a36ef5c7b682d913d22bb933d890793
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-12.3_i386.deb
Size/MD5 checksum: 953988 aa9589efcb9639a18eefb85ad90554ca
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-12.3_i386.deb
Size/MD5 checksum: 793370 e63c92036a14f97a818616160bf9515d
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-12.3_i386.deb
Size/MD5 checksum: 535250 3b59877e7dad074359de5f19cee2d232
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-12.3_i386.deb
Size/MD5 checksum: 930276 dde5de2cd79abfd755a18fbd9865fea6
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-12.3_ia64.deb
Size/MD5 checksum: 461536 cf1007e0970001b3a887e83bf408af08
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-12.3_ia64.deb
Size/MD5 checksum: 553512 4c8b850d7a5776a7ab3a721c14590bfe
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-12.3_ia64.deb
Size/MD5 checksum: 624646 56c7540a62d8656d4ad748f95ed677ab
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12.3_ia64.deb
Size/MD5 checksum: 3487454 cca0cf61084f2f07fa5a3d8a85779c6a
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-12.3_ia64.deb
Size/MD5 checksum: 1248512 09adb76b38880d948e640785d4aba567
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-12.3_ia64.deb
Size/MD5 checksum: 1328336 cc07481fc6183fdd49dcf690cc17f152
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-12.3_ia64.deb
Size/MD5 checksum: 1097560 22d7386e0ed7dd948894a675f1eeeba0
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-12.3_ia64.deb
Size/MD5 checksum: 695398 d91868d09454f5ace16fb21c2da77cb1
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-12.3_ia64.deb
Size/MD5 checksum: 1281590 c85088eef0251b2ec7edd9c674e01416
HP Precision architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-12.3_hppa.deb
Size/MD5 checksum: 419526 67549607985688357b5f0aa04f772d59
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-12.3_hppa.deb
Size/MD5 checksum: 490978 abf85bf4809055f4e5028adbf0bc7861
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-12.3_hppa.deb
Size/MD5 checksum: 589300 3c00c6f7d463e5a07b3ad705571032c0
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12.3_hppa.deb
Size/MD5 checksum: 2790944 effbb28a8a371f4b7e4c6daa6a4b154a
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-12.3_hppa.deb
Size/MD5 checksum: 1081472 6299c3d5ef0f818b7add887231e60514
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-12.3_hppa.deb
Size/MD5 checksum: 1084856 4258dc8788c77245e16cdd45c82c519b
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-12.3_hppa.deb
Size/MD5 checksum: 901188 798f59b997c44c5bd9a65fcd371cefb2
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-12.3_hppa.deb
Size/MD5 checksum: 589834 1beb8a642c243e2d3987d8174b6b340c
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-12.3_hppa.deb
Size/MD5 checksum: 1059896 974fc99ef83bb748020ed85f389adf01
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-12.3_m68k.deb
Size/MD5 checksum: 398682 06649e27833403c3aaee9aad0de6055a
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-12.3_m68k.deb
Size/MD5 checksum: 459746 2f257cb435d5fcc465479c1304e89b5b
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-12.3_m68k.deb
Size/MD5 checksum: 504490 7b8b40f30a0f27a9965b9dc854d7d7bf
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12.3_m68k.deb
Size/MD5 checksum: 2348348 38f1474352de2c8420a1318ffd90c881
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-12.3_m68k.deb
Size/MD5 checksum: 982042 3508ea27e0457bfd9e82ae977484afd2
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-12.3_m68k.deb
Size/MD5 checksum: 936094 6fa65f2da63203eb4d725f6bc6412c78
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-12.3_m68k.deb
Size/MD5 checksum: 788360 8371023ad8b559a976ce29f7c14adcbe
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-12.3_m68k.deb
Size/MD5 checksum: 520538 dee758fb663f53e9d01458a5efc1c4b4
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-12.3_m68k.deb
Size/MD5 checksum: 930322 eb540332ed7efee3824c21d050694ca9
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-12.3_mips.deb
Size/MD5 checksum: 395970 11378fccfa21260c172dc3ed771bb588
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-12.3_mips.deb
Size/MD5 checksum: 459246 2964e105a7897fc03241a5ddc2a20cd5
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-12.3_mips.deb
Size/MD5 checksum: 569414 1f3ae201bd6c44787a02acedb678e959
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12.3_mips.deb
Size/MD5 checksum: 2803456 e41552d6237ad1a8203f75db8de2d190
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-12.3_mips.deb
Size/MD5 checksum: 1078162 be478307ce843b352554b4b5915d2a9a
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-12.3_mips.deb
Size/MD5 checksum: 1088196 2620391ebf0094c807b50f3708ae5579
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-12.3_mips.deb
Size/MD5 checksum: 910338 cf8f24f0ea50e4b07a8da3807e6433a6
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-12.3_mips.deb
Size/MD5 checksum: 580990 f9991bc39fe41d142e8fa6821d7090c0
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-12.3_mips.deb
Size/MD5 checksum: 1027648 36bd2a30465be6127fe28cd746db591c
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-12.3_mipsel.deb
Size/MD5 checksum: 392066 1f1fc176814ecfac29d118615cd4c690
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-12.3_mipsel.deb
Size/MD5 checksum: 453818 cbd527e54f64f8bf6485ab2e7ae9721c
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-12.3_mipsel.deb
Size/MD5 checksum: 562342 290660f12cd2a820214ca2b6d7d54d6d
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12.3_mipsel.deb
Size/MD5 checksum: 2763772 53a5d57ad99bdc08d50c393bb5e30679
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-12.3_mipsel.deb
Size/MD5 checksum: 1071330 43424fb484d5381c7cdf7917183aa7c7
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-12.3_mipsel.deb
Size/MD5 checksum: 1075646 5ad7462a285e314f68a44c1f3155e2ec
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-12.3_mipsel.deb
Size/MD5 checksum: 896916 61bf72b0399398412ea8f82cdeb517e4
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-12.3_mipsel.deb
Size/MD5 checksum: 576524 f4ff502bae712790d235c5f3b3e9bee3
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-12.3_mipsel.deb
Size/MD5 checksum: 1014918 1acbe4bcd445f17f0d0df4528160ace2
PowerPC architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-12.3_powerpc.deb
Size/MD5 checksum: 408762 2fa369def7bf476fadf3c136d73a3bd7
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-12.3_powerpc.deb
Size/MD5 checksum: 475560 1cd986363eadb6221900f1ae0fe94104
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-12.3_powerpc.deb
Size/MD5 checksum: 546158 f93289c7c8c9381da30e60a5be3f40bd
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12.3_powerpc.deb
Size/MD5 checksum: 2607358 7ae6e0c9287aa9aef9fca61d4b347ec7
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-12.3_powerpc.deb
Size/MD5 checksum: 1036524 0e553c939f893a9bf24b63c1e05e46b0
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-12.3_powerpc.deb
Size/MD5 checksum: 1021388 6e1de1c5b5947bd3e498630404a5712d
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-12.3_powerpc.deb
Size/MD5 checksum: 852442 83d892e1bd5c4ed6ded4e7c6c99630e3
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-12.3_powerpc.deb
Size/MD5 checksum: 560792 3a2edfa3f7a29ae86aac05c8bdb0b661
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-12.3_powerpc.deb
Size/MD5 checksum: 1001500 b28395237215975f06c33d3a33caf335
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-12.3_s390.deb
Size/MD5 checksum: 403100 189cc86ff7c0373b2b6f3d4019c82f72
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-12.3_s390.deb
Size/MD5 checksum: 469880 af1090a9fee244698b81e851a96a32cc
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-12.3_s390.deb
Size/MD5 checksum: 526568 2b5c06aa9a546f640d1e51d00c36106c
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12.3_s390.deb
Size/MD5 checksum: 2496044 55ebbb9f0339321407cd17dafbc34e0c
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-12.3_s390.deb
Size/MD5 checksum: 1008118 eee73ed996e38d458cee3ff5726d5ddc
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-12.3_s390.deb
Size/MD5 checksum: 982612 36a912cfc36985d6eead29a3d89bd977
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-12.3_s390.deb
Size/MD5 checksum: 833164 9316cdaedae78db18bf1e3f34bc33043
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-12.3_s390.deb
Size/MD5 checksum: 537680 ee10de8902cb934b6212ae26ded0c0fe
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-12.3_s390.deb
Size/MD5 checksum: 965572 087085dd920d7892c10fad8aa40d87da
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-12.3_sparc.deb
Size/MD5 checksum: 400426 4376bbb2fd1782f74b8eff7ebf5c5086
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-12.3_sparc.deb
Size/MD5 checksum: 461788 d50f412ebc41e7c51950b0eb802d172d
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-12.3_sparc.deb
Size/MD5 checksum: 523772 a79be5ba322bc99cba3729e37fbd10a5
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12.3_sparc.deb
Size/MD5 checksum: 2513442 618ee08a8d7861843b9eb2fdc9323dd4
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-12.3_sparc.deb
Size/MD5 checksum: 1011208 8daa6dd4cb23bdc858b1dcac5999d4d5
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-12.3_sparc.deb
Size/MD5 checksum: 985286 7401b3ad8912cd2411dc7a7e095a3138
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-12.3_sparc.deb
Size/MD5 checksum: 829416 e32755b90d34b8680e78caeafa391e8c
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-12.3_sparc.deb
Size/MD5 checksum: 543558 964733f00b0a217b350233d31e59e2c9
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-12.3_sparc.deb
Size/MD5 checksum: 964332 64c20c73245d6df4944cd3ad5ae7469d
补丁安装方法:
1. 手工安装补丁包:
首先,使用下面的命令来下载补丁软件:
# wget url (url是补丁下载链接地址)
然后,使用下面的命令来安装补丁:
# dpkg -i file.deb (file是相应的补丁名)
2. 使用apt-get自动安装补丁包:
首先,使用下面的命令更新内部数据库:
# apt-get update
然后,使用下面的命令安装更新软件包:
# apt-get upgrade
FreeBSD
-------
FreeBSD已经为此发布了一个安全公告(FreeBSD-SN-03:01)以及相应补丁:
FreeBSD-SN-03:01:security issue in samba ports
链接:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-03:01.asc
补丁下载:
[FreeBSD 4.x, i386]
ftp://ftp2.FreeBSD.org/pub/FreeBSD/security-officer/ports/i386/packages-4-stable/samba-2.2.8_2.tgz
ftp://ftp2.FreeBSD.org/pub/FreeBSD/security-officer/ports/i386/packages-4-stable/samba-2.2.8_2.tgz.asc
[FreeBSD 5.x]
ftp://ftp2.FreeBSD.org/pub/FreeBSD/security-officer/ports/i386/packages-5-current/samba-2.2.8_2.tbz
ftp://ftp2.FreeBSD.org/pub/FreeBSD/security-officer/ports/i386/packages-5-current/samba-2.2.8_2.tbz.asc
MandrakeSoft
------------
MandrakeSoft已经为此发布了一个安全公告(MDKSA-2003:044)以及相应补丁:
MDKSA-2003:044:Updated samba packages fix remote root vulnerability
链接:http://www.linux-mandrake.com/en/security/2003/2003-044.php
补丁下载:
Updated Packages:
Corporate Server 2.1:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/RPMS/nss_wins-2.2.7a-9.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/RPMS/samba-client-2.2.7a-9.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/RPMS/samba-common-2.2.7a-9.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/RPMS/samba-doc-2.2.7a-9.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/RPMS/samba-server-2.2.7a-9.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/RPMS/samba-swat-2.2.7a-9.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/RPMS/samba-winbind-2.2.7a-9.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/SRPMS/samba-2.2.7a-9.2mdk.src.rpm
Mandrake Linux 8.2:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.2/RPMS/nss_wins-2.2.7a-9.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.2/RPMS/samba-client-2.2.7a-9.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.2/RPMS/samba-common-2.2.7a-9.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.2/RPMS/samba-doc-2.2.7a-9.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.2/RPMS/samba-server-2.2.7a-9.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.2/RPMS/samba-swat-2.2.7a-9.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.2/RPMS/samba-winbind-2.2.7a-9.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.2/SRPMS/samba-2.2.7a-9.2mdk.src.rpm
Mandrake Linux 8.2/PPC:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/8.2/RPMS/nss_wins-2.2.7a-9.2mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/8.2/RPMS/samba-client-2.2.7a-9.2mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/8.2/RPMS/samba-common-2.2.7a-9.2mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/8.2/RPMS/samba-doc-2.2.7a-9.2mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/8.2/RPMS/samba-server-2.2.7a-9.2mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/8.2/RPMS/samba-swat-2.2.7a-9.2mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/8.2/RPMS/samba-winbind-2.2.7a-9.2mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/8.2/SRPMS/samba-2.2.7a-9.2mdk.src.rpm
Mandrake Linux 9.0:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/nss_wins-2.2.7a-9.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/samba-client-2.2.7a-9.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/samba-common-2.2.7a-9.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/samba-doc-2.2.7a-9.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/samba-server-2.2.7a-9.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/samba-swat-2.2.7a-9.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/samba-winbind-2.2.7a-9.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/SRPMS/samba-2.2.7a-9.2mdk.src.rpm
Mandrake Linux 9.1:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.1/RPMS/nss_wins-2.2.7a-9.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.1/RPMS/samba-client-2.2.7a-9.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.1/RPMS/samba-common-2.2.7a-9.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.1/RPMS/samba-doc-2.2.7a-9.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.1/RPMS/samba-server-2.2.7a-9.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.1/RPMS/samba-swat-2.2.7a-9.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.1/RPMS/samba-winbind-2.2.7a-9.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.1/SRPMS/samba-2.2.7a-9.2mdk.src.rpm
Mandrake Linux 9.1/PPC:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/9.1/RPMS/nss_wins-2.2.7a-9.2mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/9.1/RPMS/samba-client-2.2.7a-9.2mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/9.1/RPMS/samba-common-2.2.7a-9.2mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/9.1/RPMS/samba-doc-2.2.7a-9.2mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/9.1/RPMS/samba-server-2.2.7a-9.2mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/9.1/RPMS/samba-swat-2.2.7a-9.2mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/9.1/RPMS/samba-winbind-2.2.7a-9.2mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/9.1/SRPMS/samba-2.2.7a-9.2mdk.src.rpm
Multi Network Firewall 8.2:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/mnf8.2/RPMS/samba-client-2.2.7a-9.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/mnf8.2/RPMS/samba-common-2.2.7a-9.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/mnf8.2/SRPMS/samba-2.2.7a-9.2mdk.src.rpm
上述升级软件还可以在下列地址中的任意一个镜像ftp服务器上下载:
http://www.mandrakesecure.net/en/ftp.php
RedHat
------
http://www.debian.org/security/2003/dsa-280
S.u.S.E.
--------
S.u.S.E.已经为此发布了一个安全公告(SuSE-SA:2003:025)以及相应补丁:
SuSE-SA:2003:025:samba
补丁下载:
Intel i386 Platform:
SuSE-8.2:
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/samba-2.2.7a-72.i586.rpm
40d47bed1d286f77d61503d93b48e276
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/samba-client-2.2.7a-72.i586.rpm
e6da6fc3da94548d8460f43193a493c9
patch rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/samba-2.2.7a-72.i586.patch.rpm
3105a12895ca956b4ab29c15dbfdc1d2
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/samba-client-2.2.7a-72.i586.patch.rpm
d0418a25a2ea67c9577e23597a4c272d
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/samba-2.2.7a-72.src.rpm
3e8dc087f8574f3d1259e020d6c005a6
SuSE-8.1:
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/samba-2.2.5-178.i586.rpm
684d7a7fff1f397736e3298d5a8c583d
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/samba-client-2.2.5-178.i586.rpm
7d9d9da83c5b8e6f049a5eb9a36d05e2
patch rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/samba-2.2.5-178.i586.patch.rpm
905b3c3c4803457738aed00892d854bb
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/samba-client-2.2.5-178.i586.patch.rpm
130d01b588d36576e1fbbce573a9bc86
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/samba-2.2.5-178.src.rpm
71b90b54594f9e392cd5dcd5d750496a
SuSE-8.0:
ftp://ftp.suse.com/pub/suse/i386/update/8.0/n2/samba-2.2.3a-172.i386.rpm
a9ab49893027c3acd665e59ccecb6231
ftp://ftp.suse.com/pub/suse/i386/update/8.0/n1/samba-client-2.2.3a-172.i386.rpm
4920d2f7edbf66b8196133469d32fd24
patch rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.0/n2/samba-2.2.3a-172.i386.patch.rpm
bbde3c06e09d37def8f035161b8c932d
ftp://ftp.suse.com/pub/suse/i386/update/8.0/n1/samba-client-2.2.3a-172.i386.patch.rpm
70228df7686f1494fc44cbaa838720bf
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/samba-2.2.3a-172.src.rpm
eb8d2a7e6b8f43d19388f28afa1b9812
SuSE-7.3:
ftp://ftp.suse.com/pub/suse/i386/update/7.3/n2/samba-2.2.1a-220.i386.rpm
965b260e660224d61c16ffb78a47fdfa
ftp://ftp.suse.com/pub/suse/i386/update/7.3/n1/samba-client-2.2.1a-220.i386.rpm
bf20ce9c220f9a939aa43e2445a2142e
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/7.3/zq1/samba-2.2.1a-220.src.rpm
bac7ada7dc2e3b5e238211fb181f4e32
SuSE-7.2:
ftp://ftp.suse.com/pub/suse/i386/update/7.2/n2/samba-2.2.0a-52.i386.rpm
210da4fa4e1d601e78236d93e6abf5ac
ftp://ftp.suse.com/pub/suse/i386/update/7.2/n1/smbclnt-2.2.0a-52.i386.rpm
be819b970c2238a6d3c89e9f7f6dcb5f
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/7.2/zq1/samba-2.2.0a-52.src.rpm
b04e7eec150c1ba519605b522e1da25b
SuSE-7.1:
ftp://ftp.suse.com/pub/suse/i386/update/7.1/n2/samba-2.0.10-32.i386.rpm
de27cbd77c32d2d29e77a518ca09c60d
ftp://ftp.suse.com/pub/suse/i386/update/7.1/n1/smbclnt-2.0.10-32.i386.rpm
b020a46952c87b61d66cbc38c340155e
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/7.1/zq1/samba-2.0.10-32.src.rpm
45e6245a2fe47c430104671f41dc1a80
Sparc Platform:
SuSE-7.3:
ftp://ftp.suse.com/pub/suse/sparc/update/7.3/n2/samba-2.2.1a-76.sparc.rpm
2fa50186e7ff2ecb2f8ddebf2355efe4
ftp://ftp.suse.com/pub/suse/sparc/update/7.3/n1/samba-client-2.2.1a-76.sparc.rpm
057d67ddd8fc56a82fe592dcb4928e7e
source rpm(s):
ftp://ftp.suse.com/pub/suse/sparc/update/7.3/zq1/samba-2.2.1a-76.src.rpm
7bcdd1c7a782f311292ca5214422fdc5
AXP Alpha Platform:
SuSE-7.1:
ftp://ftp.suse.com/pub/suse/axp/update/7.1/n2/samba-2.0.10-23.alpha.rpm
6f88500a14ac86a6692788331b7aa626
ftp://ftp.suse.com/pub/suse/axp/update/7.1/n1/smbclnt-2.0.10-23.alpha.rpm
a4444318b224b42137f017c0840ecd0f
source rpm(s):
ftp://ftp.suse.com/pub/suse/axp/update/7.1/zq1/samba-2.0.10-23.src.rpm
5c15b09bc46cb550a320575bc833daf5
PPC Power PC Platform:
SuSE-7.3:
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/n2/samba-2.2.1a-150.ppc.rpm
5018c3418c8706a29e8f036eb006922f
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/n1/samba-client-2.2.1a-150.ppc.rpm
bd02b033055f87b5f4325e1a6bd4dca7
source rpm(s):
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/zq1/samba-2.2.1a-150.src.rpm
88c8a521103ae268843b951c0ca36669
SuSE-7.1:
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/n2/samba-2.0.10-24.ppc.rpm
f78fe93753c2e230ab4c870bffe5a7f2
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/n1/smbclnt-2.0.10-24.ppc.rpm
17def1f1b5a3514252187a9a0b250bf9
source rpm(s):
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/zq1/samba-2.0.10-24.src.rpm
926faf6542829ac64325965f18d1ba82
Samba
-----
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载升级到2.2.8a版本:
http://www.samba.org/
Samba-TNG
---------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载升级到0.3.2版本:
http://www.samba-tng.org
浏览次数:8873
严重程度:11(网友投票)
绿盟科技给您安全的保障