English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.50696
Category:Mandrake Local Security Checks
Title:Mandrake Security Advisory MDKSA-2003:032 (samba)
Summary:NOSUMMARY
Description:Description:

The remote host is missing an update to samba
announced via advisory MDKSA-2003:032.

The SuSE security team, during an audit of the Samba source code, found
a flaw in the main smbd code which could allow an external attacker to
remotely and anonymously gain root privilege on a system running the
Samba server. This flaw exists in all version of Samba 2.x up to and
including 2.2.7a. The Samba team announced 2.2.8 today, however these
updated packages include a patch that corrects this problem.

MandrakeSoft urges all users to upgrade immediately. If you are unable
to apply the updated packages (perhaps due to unavailability on your
preferred mirror), the following steps can be taken to protect an
unpatched system:

The hosts allow and hosts deny options in the smb.conf file can
be used to allow access to your Samba server by only selected hosts
for
example:

hosts allow = 127.0.0.1 192.168.2.0/24 192.168.3.0/24
hosts deny = 0.0.0.0/0

This will disallow all connections from machines that are not the
localhost or in the 192.168.2 and 192.168.3 private networks.
Alternatively, you can tell Samba to listen to only specific network
interfaces by using the interfaces and bind interfaces only
options:

interfaces = eth1 lo
bind interfaces only = yes

Obviously, use the internal interface for your network and not an
external interface connected to the internet. You may also choose to
firewall off some UDP and TCP ports in addition to the previously
mentioned suggestions by blocking external access to ports 137 and 138
(UDP) and ports 139 and 445 (TCP).

These steps should only be used as a temporary preventative measure
and all users should upgrade as quickly as possible.

Thanks to Sebastian Krahmer and the SuSE security team for performing
the audit, Jeremy Allison for providing the fix, and Andrew Tridgell
for providing advice on how to protect an unpatched Samba system.

Affected versions: 8.0, 8.1, 8.2, 9.0, Corporate Server 2.1,
Multi Network Firewall 8.2


Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2003:032
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0085
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0086
http://www.samba.org/samba/whatsnew/samba-2.2.8.html

Risk factor : Critical

CVSS Score:
10.0

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2003-0085
http://www.securityfocus.com/archive/1/316165/30/25370/threaded
BugTraq ID: 7106
http://www.securityfocus.com/bid/7106
Bugtraq: 20030317 GLSA: samba (200303-11) (Google Search)
http://marc.info/?l=bugtraq&m=104792646416629&w=2
Bugtraq: 20030317 Security Bugfix for Samba - Samba 2.2.8 Released (Google Search)
http://marc.info/?l=bugtraq&m=104792723017768&w=2
Bugtraq: 20030318 [OpenPKG-SA-2003.021] OpenPKG Security Advisory (samba) (Google Search)
http://marc.info/?l=bugtraq&m=104801012929374&w=2
Bugtraq: 20030325 Fwd: APPLE-SA-2003-03-24 Samba, OpenSSL (Google Search)
Bugtraq: 20030401 Immunix Secured OS 7+ samba update (Google Search)
http://www.securityfocus.com/archive/1/317145/30/25220/threaded
CERT/CC vulnerability note: VU#298233
http://www.kb.cert.org/vuls/id/298233
Debian Security Information: DSA-262 (Google Search)
http://www.debian.org/security/2003/dsa-262
http://www.gentoo.org/security/en/glsa/glsa-200303-11.xml
Immunix Linux Advisory: IMNX-2003-7+-003-01
http://www.mandriva.com/security/advisories?name=MDKSA-2003:032
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A552
http://www.redhat.com/support/errata/RHSA-2003-095.html
http://www.redhat.com/support/errata/RHSA-2003-096.html
http://secunia.com/advisories/8299
http://secunia.com/advisories/8303
SGI Security Advisory: 20030302-01-I
ftp://patches.sgi.com/support/free/security/advisories/20030302-01-I
SuSE Security Announcement: SuSE-SA:2003:016 (Google Search)
http://www.novell.com/linux/security/advisories/2003_016_samba.html
Common Vulnerability Exposure (CVE) ID: CVE-2003-0086
BugTraq ID: 7107
http://www.securityfocus.com/bid/7107
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A554
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.