exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Ubuntu Security Notice 702-1

Ubuntu Security Notice 702-1
Posted Jan 6, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-702-1 - Gunter Hockel discovered that Samba with registry shares enabled did not properly validate share names. An authenticated user could gain access to the root filesystem by using an older version of smbclient and specifying an empty string as a share name. This is only an issue if registry shares are enabled on the server by setting "registry shares = yes", "include = registry", or "config backend = registry", which is not the default.

tags | advisory, root, registry
systems | linux, ubuntu
advisories | CVE-2009-0022
SHA-256 | 1f54398ec952d4b39f2110cd81591e592bacac95220038e4c096a6ab8d8ae1ba

Ubuntu Security Notice 702-1

Change Mirror Download
===========================================================
Ubuntu Security Notice USN-702-1 January 05, 2009
samba vulnerability
CVE-2009-0022
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 8.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 8.10:
samba 2:3.2.3-1ubuntu3.4

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

Gunter Höckel discovered that Samba with registry shares enabled did not
properly validate share names. An authenticated user could gain access to the
root filesystem by using an older version of smbclient and specifying an
empty string as a share name. This is only an issue if registry shares are
enabled on the server by setting "registry shares = yes", "include = registry",
or "config backend = registry", which is not the default.


Updated packages for Ubuntu 8.10:

Source archives:

https://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.2.3-1ubuntu3.4.diff.gz
Size/MD5: 228722 0f792a410505a9918479562ef16ccef4
https://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.2.3-1ubuntu3.4.dsc
Size/MD5: 1902 0bda9c946d4f940383ca31bb7ad3e3e8
https://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.2.3.orig.tar.gz
Size/MD5: 23704996 c1630a57ac0ec24bc364c6d11c93ec35

Architecture independent packages:

https://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-doc-pdf_3.2.3-1ubuntu3.4_all.deb
Size/MD5: 6261402 cdfa982dd0b9c04511734aba9cb98f43
https://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-doc_3.2.3-1ubuntu3.4_all.deb
Size/MD5: 7954776 d12c0694fa65e5f7162d5322f6765822

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

https://security.ubuntu.com/ubuntu/pool/main/s/samba/libpam-smbpass_3.2.3-1ubuntu3.4_amd64.deb
Size/MD5: 638726 cc8150b5214fb77d9dfc019b2526cb7c
https://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.2.3-1ubuntu3.4_amd64.deb
Size/MD5: 1968610 adbbd514e01210d81004f1b9e674701e
https://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.2.3-1ubuntu3.4_amd64.deb
Size/MD5: 1370212 3192295c2170f5342235edcfd5a2044a
https://security.ubuntu.com/ubuntu/pool/main/s/samba/libwbclient0_3.2.3-1ubuntu3.4_amd64.deb
Size/MD5: 89088 fd98b8c2d156a43597d81cb3c05ab3de
https://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.2.3-1ubuntu3.4_amd64.deb
Size/MD5: 3815552 f36fd7dc29e504467a9e0c08f675dc48
https://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-dbg_3.2.3-1ubuntu3.4_amd64.deb
Size/MD5: 1993446 547e40f9cbc9e94908b9c21b54cf7c1f
https://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-tools_3.2.3-1ubuntu3.4_amd64.deb
Size/MD5: 5802386 e3e7c712a2784007497213bb0cf2d3d1
https://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.2.3-1ubuntu3.4_amd64.deb
Size/MD5: 4908532 9188ed5c2e93fcfcc93ffb57aa33a4eb
https://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.2.3-1ubuntu3.4_amd64.deb
Size/MD5: 7173498 6098ce448371e6cb7ba8a7d1acc82f39
https://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.2.3-1ubuntu3.4_amd64.deb
Size/MD5: 1529412 99c94bc3bc8b4ca40b70844062cb0158
https://security.ubuntu.com/ubuntu/pool/main/s/samba/swat_3.2.3-1ubuntu3.4_amd64.deb
Size/MD5: 1112728 6e7be6d81d4bb9645fe7049ad1098e24
https://security.ubuntu.com/ubuntu/pool/main/s/samba/winbind_3.2.3-1ubuntu3.4_amd64.deb
Size/MD5: 3349950 4865e691932849cb5d554b27dc8203c6

i386 architecture (x86 compatible Intel/AMD):

https://security.ubuntu.com/ubuntu/pool/main/s/samba/libpam-smbpass_3.2.3-1ubuntu3.4_i386.deb
Size/MD5: 574078 2547fa4ec3a2704e7600cfc1682e2678
https://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.2.3-1ubuntu3.4_i386.deb
Size/MD5: 1844540 d766893ef3b88eefe3a5ff236d37a083
https://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.2.3-1ubuntu3.4_i386.deb
Size/MD5: 1217736 fb4a6dcac85271bb5abd3102e246e908
https://security.ubuntu.com/ubuntu/pool/main/s/samba/libwbclient0_3.2.3-1ubuntu3.4_i386.deb
Size/MD5: 87620 145a90245f66ae82c94611c9a5ef90c6
https://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.2.3-1ubuntu3.4_i386.deb
Size/MD5: 3459480 f83b000101753604b107b969cbafaf38
https://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-dbg_3.2.3-1ubuntu3.4_i386.deb
Size/MD5: 2077500 e4d3bba7c3992d54a002a3de960da088
https://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-tools_3.2.3-1ubuntu3.4_i386.deb
Size/MD5: 5161386 2f816bd0759b5395312b0260b2b1a830
https://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.2.3-1ubuntu3.4_i386.deb
Size/MD5: 4368978 e94a0a0065575763eb688719be55bb55
https://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.2.3-1ubuntu3.4_i386.deb
Size/MD5: 6402838 50306da79199442d648c653563d818e8
https://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.2.3-1ubuntu3.4_i386.deb
Size/MD5: 1375964 bb03430c3f6d5f0b6a0ce5582fc4d355
https://security.ubuntu.com/ubuntu/pool/main/s/samba/swat_3.2.3-1ubuntu3.4_i386.deb
Size/MD5: 1006606 f296946e86f49c6fb12b6a6fc74e5006
https://security.ubuntu.com/ubuntu/pool/main/s/samba/winbind_3.2.3-1ubuntu3.4_i386.deb
Size/MD5: 2975328 c9581db640df6618b35bf0386817185e

lpia architecture (Low Power Intel Architecture):

https://ports.ubuntu.com/pool/main/s/samba/libpam-smbpass_3.2.3-1ubuntu3.4_lpia.deb
Size/MD5: 553748 4158873bb22c417e2817099582adef0c
https://ports.ubuntu.com/pool/main/s/samba/libsmbclient-dev_3.2.3-1ubuntu3.4_lpia.deb
Size/MD5: 1769190 f6dea760e2013d0902aea9bb366a7117
https://ports.ubuntu.com/pool/main/s/samba/libsmbclient_3.2.3-1ubuntu3.4_lpia.deb
Size/MD5: 1160952 11776d3e92c48211b61d9aad4a83092a
https://ports.ubuntu.com/pool/main/s/samba/libwbclient0_3.2.3-1ubuntu3.4_lpia.deb
Size/MD5: 87062 ac2ead655b9e860e180778bdc3b601d8
https://ports.ubuntu.com/pool/main/s/samba/samba-common_3.2.3-1ubuntu3.4_lpia.deb
Size/MD5: 3328740 fc6f54cab0701fc9c2f9f40712a322aa
https://ports.ubuntu.com/pool/main/s/samba/samba-dbg_3.2.3-1ubuntu3.4_lpia.deb
Size/MD5: 2069796 5a757bef21769a0f99d571a9b16f0f41
https://ports.ubuntu.com/pool/main/s/samba/samba-tools_3.2.3-1ubuntu3.4_lpia.deb
Size/MD5: 4950004 4e7fd36bae326ccc396c16c023ad6789
https://ports.ubuntu.com/pool/main/s/samba/samba_3.2.3-1ubuntu3.4_lpia.deb
Size/MD5: 4197392 34b7b42b2c5ab302afc86abca35cf459
https://ports.ubuntu.com/pool/main/s/samba/smbclient_3.2.3-1ubuntu3.4_lpia.deb
Size/MD5: 6136884 b3f071c6be8fb4b0ae36b9a4f342328c
https://ports.ubuntu.com/pool/main/s/samba/smbfs_3.2.3-1ubuntu3.4_lpia.deb
Size/MD5: 1317220 a2c2ba9a7251b9e66b7541012493a91d
https://ports.ubuntu.com/pool/main/s/samba/swat_3.2.3-1ubuntu3.4_lpia.deb
Size/MD5: 968410 72ced84400e6d8739710fcde6f4bafea
https://ports.ubuntu.com/pool/main/s/samba/winbind_3.2.3-1ubuntu3.4_lpia.deb
Size/MD5: 2855910 d92babc2dda651f130f15e16d887853c

powerpc architecture (Apple Macintosh G3/G4/G5):

https://ports.ubuntu.com/pool/main/s/samba/libpam-smbpass_3.2.3-1ubuntu3.4_powerpc.deb
Size/MD5: 606564 344aced9680f82f2144be4845d4f91a3
https://ports.ubuntu.com/pool/main/s/samba/libsmbclient-dev_3.2.3-1ubuntu3.4_powerpc.deb
Size/MD5: 1730412 8068336341c057b8d95be0601c204e3c
https://ports.ubuntu.com/pool/main/s/samba/libsmbclient_3.2.3-1ubuntu3.4_powerpc.deb
Size/MD5: 1255134 86970b95de4ed88deb2d0497bc532fd6
https://ports.ubuntu.com/pool/main/s/samba/libwbclient0_3.2.3-1ubuntu3.4_powerpc.deb
Size/MD5: 89038 cc4c8f2c4da9b4e8df3608c4a12547fb
https://ports.ubuntu.com/pool/main/s/samba/samba-common_3.2.3-1ubuntu3.4_powerpc.deb
Size/MD5: 3600282 9cd6002671370f4ae3d8a26ff72fb60f
https://ports.ubuntu.com/pool/main/s/samba/samba-dbg_3.2.3-1ubuntu3.4_powerpc.deb
Size/MD5: 2058546 1aecd0379eecc99b41fc6ce2a69309c7
https://ports.ubuntu.com/pool/main/s/samba/samba-tools_3.2.3-1ubuntu3.4_powerpc.deb
Size/MD5: 5474936 044102518d3695912332b4eae9527b4b
https://ports.ubuntu.com/pool/main/s/samba/samba_3.2.3-1ubuntu3.4_powerpc.deb
Size/MD5: 4640066 96726a3b481e8e220d9e1ab27cd31a2f
https://ports.ubuntu.com/pool/main/s/samba/smbclient_3.2.3-1ubuntu3.4_powerpc.deb
Size/MD5: 6653622 f778f74e99accb34e8f385c5804b3d1e
https://ports.ubuntu.com/pool/main/s/samba/smbfs_3.2.3-1ubuntu3.4_powerpc.deb
Size/MD5: 1417512 7a4323d2fe779cb63c7f1ad7387b1b83
https://ports.ubuntu.com/pool/main/s/samba/swat_3.2.3-1ubuntu3.4_powerpc.deb
Size/MD5: 1046216 75bd47fd42c6ae14db5573e8b176137e
https://ports.ubuntu.com/pool/main/s/samba/winbind_3.2.3-1ubuntu3.4_powerpc.deb
Size/MD5: 3123092 d2664b3080094bb24b530513c6359003

sparc architecture (Sun SPARC/UltraSPARC):

https://ports.ubuntu.com/pool/main/s/samba/libpam-smbpass_3.2.3-1ubuntu3.4_sparc.deb
Size/MD5: 592718 5debe4b94931b2c88f8fa475f5f77bc4
https://ports.ubuntu.com/pool/main/s/samba/libsmbclient-dev_3.2.3-1ubuntu3.4_sparc.deb
Size/MD5: 2008260 f498681d446a2ad9fc9f524fd077b4ae
https://ports.ubuntu.com/pool/main/s/samba/libsmbclient_3.2.3-1ubuntu3.4_sparc.deb
Size/MD5: 1216100 c01b1c22f857ed00cef34c6c8be07fb9
https://ports.ubuntu.com/pool/main/s/samba/libwbclient0_3.2.3-1ubuntu3.4_sparc.deb
Size/MD5: 87638 08d33dc1f635ce0a7937c944a8009d49
https://ports.ubuntu.com/pool/main/s/samba/samba-common_3.2.3-1ubuntu3.4_sparc.deb
Size/MD5: 3501506 eb3aedcad68acbaa6624173801aebe91
https://ports.ubuntu.com/pool/main/s/samba/samba-dbg_3.2.3-1ubuntu3.4_sparc.deb
Size/MD5: 2007758 a3dfca08a50155f594c51ca801a258ad
https://ports.ubuntu.com/pool/main/s/samba/samba-tools_3.2.3-1ubuntu3.4_sparc.deb
Size/MD5: 5327954 1e480e57d3de6bfcce1a179d23a6d817
https://ports.ubuntu.com/pool/main/s/samba/samba_3.2.3-1ubuntu3.4_sparc.deb
Size/MD5: 4502118 ba2c5b5240d8de234da5e5e006924da4
https://ports.ubuntu.com/pool/main/s/samba/smbclient_3.2.3-1ubuntu3.4_sparc.deb
Size/MD5: 6448130 13a2ae5a41f1d7d026f109986927813b
https://ports.ubuntu.com/pool/main/s/samba/smbfs_3.2.3-1ubuntu3.4_sparc.deb
Size/MD5: 1371138 05fc1469ba4f74621b93b47a3205b1cb
https://ports.ubuntu.com/pool/main/s/samba/swat_3.2.3-1ubuntu3.4_sparc.deb
Size/MD5: 1019768 bf17ef67379f1b0c0ef76d74ffe3cd66
https://ports.ubuntu.com/pool/main/s/samba/winbind_3.2.3-1ubuntu3.4_sparc.deb
Size/MD5: 3029050 88018f0ef574839c0d956e62b5f873d6


Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close