SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (File Transfer/Sharing)  >   Samba Vendors:   Samba.org
(Mandrake Issues Fix) Samba Input Validation Error in ms_fnmatch() Lets Remote Authenticated Users Deny Service
SecurityTracker Alert ID:  1012186
SecurityTracker URL:  http://securitytracker.com/id/1012186
CVE Reference:   CVE-2004-0930   (Links to External Site)
Date:  Nov 11 2004
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 3.0 through 3.0.7
Description:   An input vulnerability was reported in Samba. A remote authenticated user may be able to cause denial of service conditions.

The vendor reported that there is a flaw in the matching of filenames containing wildcard characters. A remote user can cause the target smbd process to consume excessive CPU resources and, in some cases, cause the system to stop responding.

The vendor credits iDEFENSE with reporting this flaw.

iDEFENSE reported that the flaw resides in the ms_fnmatch() function and can be triggered by sending a command that contains multiple asterik characters, such as the following command:

dir ***********************************************z

Impact:   A remote authenticated user can cause excessive CPU consumption on the target system, potentially causing the system to become unresponsive.
Solution:   Mandrake has released a fix.

Mandrakelinux 10.0:
fc96ab5a509d3fd77944cf9080a68cad 10.0/RPMS/libsmbclient0-3.0.6-4.2.100mdk.i586.rpm
6b92b174be93974e71094aaf67ced8bf 10.0/RPMS/libsmbclient0-devel-3.0.6-4.2.100mdk.i586.rpm
89ea0ab1e038d987ff0fd5190770a45f 10.0/RPMS/libsmbclient0-static-devel-3.0.6-4.2.100mdk.i586.rpm
f13d2f12b1c9920adaa52c441247c431 10.0/RPMS/nss_wins-3.0.6-4.2.100mdk.i586.rpm
4613741eb2d437e2da558d5a00efad03 10.0/RPMS/samba-client-3.0.6-4.2.100mdk.i586.rpm
ee45967d391ef34cd05d3850aded75cc 10.0/RPMS/samba-common-3.0.6-4.2.100mdk.i586.rpm
f20ea8797f68102e385904bd24f223bf 10.0/RPMS/samba-doc-3.0.6-4.2.100mdk.i586.rpm
2343c1794ee0395c581032929f48eb77 10.0/RPMS/samba-passdb-mysql-3.0.6-4.2.100mdk.i586.rpm
a135e6491aeb15a6be81f074380569f3 10.0/RPMS/samba-passdb-pgsql-3.0.6-4.2.100mdk.i586.rpm
edb423501f04386ccb3bba65981befb7 10.0/RPMS/samba-passdb-xml-3.0.6-4.2.100mdk.i586.rpm
b124d7513d6866a34dbcf824e836e06d 10.0/RPMS/samba-server-3.0.6-4.2.100mdk.i586.rpm
b0ba7b581630923046317aec12c432eb 10.0/RPMS/samba-swat-3.0.6-4.2.100mdk.i586.rpm
33a7a755e9902ff64f463a27ae15a169 10.0/RPMS/samba-winbind-3.0.6-4.2.100mdk.i586.rpm
8ffe9c6f1210684a55d161edb7c72d3c 10.0/SRPMS/samba-3.0.6-4.2.100mdk.src.rpm

Mandrakelinux 10.0/AMD64:
471814a0ee4cd943f6d45f29ab5db775 amd64/10.0/RPMS/lib64smbclient0-3.0.6-4.2.100mdk.amd64.rpm
178326e1eb840ab593dec9cbb6fffd03 amd64/10.0/RPMS/lib64smbclient0-devel-3.0.6-4.2.100mdk.amd64.rpm
462500a11b09e25fc0140afaaddc9da1 amd64/10.0/RPMS/lib64smbclient0-static-devel-3.0.6-4.2.100mdk.amd64.rpm
3c0255a04de4fdbc051853e4a0fd582c amd64/10.0/RPMS/nss_wins-3.0.6-4.2.100mdk.amd64.rpm
eda008304e790311dcaac046758fe93f amd64/10.0/RPMS/samba-client-3.0.6-4.2.100mdk.amd64.rpm
b4a4cad770890d83b14c86ad021046ed amd64/10.0/RPMS/samba-common-3.0.6-4.2.100mdk.amd64.rpm
9a43ce1e10252c9ac5dd5b24b17909eb amd64/10.0/RPMS/samba-doc-3.0.6-4.2.100mdk.amd64.rpm
05021e3110a8f20ffd3d927303892e92 amd64/10.0/RPMS/samba-passdb-mysql-3.0.6-4.2.100mdk.amd64.rpm
9870805d66d91862e453352c08ded88c amd64/10.0/RPMS/samba-passdb-pgsql-3.0.6-4.2.100mdk.amd64.rpm
2a96ca3e2b72aad7534c3eca637e53ff amd64/10.0/RPMS/samba-passdb-xml-3.0.6-4.2.100mdk.amd64.rpm
5dfcd5ba57582d36531b7f48e6ad64f3 amd64/10.0/RPMS/samba-server-3.0.6-4.2.100mdk.amd64.rpm
6fe165ee376cf21638f7f0d5dd73c8da amd64/10.0/RPMS/samba-swat-3.0.6-4.2.100mdk.amd64.rpm
168a4c2a4026be306a15bbf689ec8494 amd64/10.0/RPMS/samba-winbind-3.0.6-4.2.100mdk.amd64.rpm
8ffe9c6f1210684a55d161edb7c72d3c amd64/10.0/SRPMS/samba-3.0.6-4.2.100mdk.src.rpm

Mandrakelinux 10.1:
252f42f17da3acd366b5b2e43de2ac1c 10.1/RPMS/libsmbclient0-3.0.7-2.1.101mdk.i586.rpm
9977b3a58446f496887d0afb7ff89d55 10.1/RPMS/libsmbclient0-devel-3.0.7-2.1.101mdk.i586.rpm
b8db76302389301e7250538eaa5840a9 10.1/RPMS/libsmbclient0-static-devel-3.0.7-2.1.101mdk.i586.rpm
1c93ebc746d12e2165623b0c155ee2c7 10.1/RPMS/nss_wins-3.0.7-2.1.101mdk.i586.rpm
e057eb4a81a562eed72cdc26603d9809 10.1/RPMS/samba-client-3.0.7-2.1.101mdk.i586.rpm
c85ecce8d3b0b3992ea137cbb1332ec6 10.1/RPMS/samba-common-3.0.7-2.1.101mdk.i586.rpm
06775da91feeec4d306ff5450a5d1f94 10.1/RPMS/samba-doc-3.0.7-2.1.101mdk.i586.rpm
4556886aa48f5019029664f106d10ee0 10.1/RPMS/samba-passdb-mysql-3.0.7-2.1.101mdk.i586.rpm
629e406c3a603ba16d9ee84a1b335b22 10.1/RPMS/samba-passdb-pgsql-3.0.7-2.1.101mdk.i586.rpm
5d56f944f6d6de27412d040398fe1cc8 10.1/RPMS/samba-passdb-xml-3.0.7-2.1.101mdk.i586.rpm
ba16fff1d2eb9a7656ff894933a608fd 10.1/RPMS/samba-server-3.0.7-2.1.101mdk.i586.rpm
00e1439e77dab509297d7731a742fd7e 10.1/RPMS/samba-swat-3.0.7-2.1.101mdk.i586.rpm
f84b9b4b33dbc5bf6c2f0988db483397 10.1/RPMS/samba-vscan-clamav-3.0.7-2.1.101mdk.i586.rpm
896444e099a2f76921bb759a444bca7d 10.1/RPMS/samba-vscan-icap-3.0.7-2.1.101mdk.i586.rpm
ff6edefa89b6ffae6ade0c9d29bc5c0f 10.1/RPMS/samba-winbind-3.0.7-2.1.101mdk.i586.rpm
6af4ba75f6dceeb9f59593f7eb6eadba 10.1/SRPMS/samba-3.0.7-2.1.101mdk.src.rpm

Mandrakelinux 10.1/X86_64:
d4bd53b5357a048df4df87a28a35605f x86_64/10.1/RPMS/lib64smbclient0-3.0.7-2.1.101mdk.x86_64.rpm
25bd817806f9b87b2eecf422871276eb x86_64/10.1/RPMS/lib64smbclient0-devel-3.0.7-2.1.101mdk.x86_64.rpm
0f30be16cf3b6b91119d818cebc015a0 x86_64/10.1/RPMS/lib64smbclient0-static-devel-3.0.7-2.1.101mdk.x86_64.rpm
e0af7cbd659288278c83f11681ea23f6 x86_64/10.1/RPMS/nss_wins-3.0.7-2.1.101mdk.x86_64.rpm
8598ae6169bf34f8f94280e86e3e7158 x86_64/10.1/RPMS/samba-client-3.0.7-2.1.101mdk.x86_64.rpm
21583612543254f59f1497f31ebdd452 x86_64/10.1/RPMS/samba-common-3.0.7-2.1.101mdk.x86_64.rpm
ef742a2f8e90f6b28199b7d7f401d360 x86_64/10.1/RPMS/samba-doc-3.0.7-2.1.101mdk.x86_64.rpm
3e075b3a310f7b2734b31e475d1ed38a x86_64/10.1/RPMS/samba-passdb-mysql-3.0.7-2.1.101mdk.x86_64.rpm
3157d958ac5dfa1d9d6e0414cd6ba4c2 x86_64/10.1/RPMS/samba-passdb-pgsql-3.0.7-2.1.101mdk.x86_64.rpm
29ca763736331a93876f43a80ba38508 x86_64/10.1/RPMS/samba-passdb-xml-3.0.7-2.1.101mdk.x86_64.rpm
8eb60d9846b1fc279c7a93c9fee1076c x86_64/10.1/RPMS/samba-server-3.0.7-2.1.101mdk.x86_64.rpm
d8bf4040f0821c196108dd19f3b64035 x86_64/10.1/RPMS/samba-swat-3.0.7-2.1.101mdk.x86_64.rpm
a4912224c8872ab97e3afb2ca93caa6e x86_64/10.1/RPMS/samba-vscan-clamav-3.0.7-2.1.101mdk.x86_64.rpm
1e93b617f178801979e3a7240437ac92 x86_64/10.1/RPMS/samba-vscan-icap-3.0.7-2.1.101mdk.x86_64.rpm
6b76d20975f5f8d6a1c4f39cd58becca x86_64/10.1/RPMS/samba-winbind-3.0.7-2.1.101mdk.x86_64.rpm
6af4ba75f6dceeb9f59593f7eb6eadba x86_64/10.1/SRPMS/samba-3.0.7-2.1.101mdk.src.rpm

Vendor URL:  www.samba.org/ (Links to External Site)
Cause:   Input validation error, State error
Underlying OS:  Linux (Mandriva/Mandrake)
Underlying OS Comments:  10.0, 10.1

Message History:   This archive entry is a follow-up to the message listed below.
Nov 8 2004 Samba Input Validation Error in ms_fnmatch() Lets Remote Authenticated Users Deny Service



 Source Message Contents

Subject:  [Security Announce] MDKSA-2004:131 - Updated samba packages fix


This is a multi-part message in MIME format...

------------=_1100135359-1263-3798

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                 Mandrakelinux Security Update Advisory
 _______________________________________________________________________

 Package name:           samba
 Advisory ID:            MDKSA-2004:131
 Date:                   November 10th, 2004

 Affected versions:	 10.0, 10.1
 ______________________________________________________________________

 Problem Description:

 Karol Wiesek discovered a bug in the input validation routines in
 Samba 3.x used to match filename strings containing wildcard
 characters.  This bug may allow a user to consume more than normal
 amounts of CPU cycles which would impact the performance and response
 of the server.  In some cases it could also cause the server to become
 entirely unresponsive.
 
 The updated packages are patched to prevent this problem with patches
 from the Samba team.  This vulnerability is fixed in samba 3.0.8.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0930
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.0:
 fc96ab5a509d3fd77944cf9080a68cad  10.0/RPMS/libsmbclient0-3.0.6-4.2.100mdk.i586.rpm
 6b92b174be93974e71094aaf67ced8bf  10.0/RPMS/libsmbclient0-devel-3.0.6-4.2.100mdk.i586.rpm
 89ea0ab1e038d987ff0fd5190770a45f  10.0/RPMS/libsmbclient0-static-devel-3.0.6-4.2.100mdk.i586.rpm
 f13d2f12b1c9920adaa52c441247c431  10.0/RPMS/nss_wins-3.0.6-4.2.100mdk.i586.rpm
 4613741eb2d437e2da558d5a00efad03  10.0/RPMS/samba-client-3.0.6-4.2.100mdk.i586.rpm
 ee45967d391ef34cd05d3850aded75cc  10.0/RPMS/samba-common-3.0.6-4.2.100mdk.i586.rpm
 f20ea8797f68102e385904bd24f223bf  10.0/RPMS/samba-doc-3.0.6-4.2.100mdk.i586.rpm
 2343c1794ee0395c581032929f48eb77  10.0/RPMS/samba-passdb-mysql-3.0.6-4.2.100mdk.i586.rpm
 a135e6491aeb15a6be81f074380569f3  10.0/RPMS/samba-passdb-pgsql-3.0.6-4.2.100mdk.i586.rpm
 edb423501f04386ccb3bba65981befb7  10.0/RPMS/samba-passdb-xml-3.0.6-4.2.100mdk.i586.rpm
 b124d7513d6866a34dbcf824e836e06d  10.0/RPMS/samba-server-3.0.6-4.2.100mdk.i586.rpm
 b0ba7b581630923046317aec12c432eb  10.0/RPMS/samba-swat-3.0.6-4.2.100mdk.i586.rpm
 33a7a755e9902ff64f463a27ae15a169  10.0/RPMS/samba-winbind-3.0.6-4.2.100mdk.i586.rpm
 8ffe9c6f1210684a55d161edb7c72d3c  10.0/SRPMS/samba-3.0.6-4.2.100mdk.src.rpm

 Mandrakelinux 10.0/AMD64:
 471814a0ee4cd943f6d45f29ab5db775  amd64/10.0/RPMS/lib64smbclient0-3.0.6-4.2.100mdk.amd64.rpm
 178326e1eb840ab593dec9cbb6fffd03  amd64/10.0/RPMS/lib64smbclient0-devel-3.0.6-4.2.100mdk.amd64.rpm
 462500a11b09e25fc0140afaaddc9da1  amd64/10.0/RPMS/lib64smbclient0-static-devel-3.0.6-4.2.100mdk.amd64.rpm
 3c0255a04de4fdbc051853e4a0fd582c  amd64/10.0/RPMS/nss_wins-3.0.6-4.2.100mdk.amd64.rpm
 eda008304e790311dcaac046758fe93f  amd64/10.0/RPMS/samba-client-3.0.6-4.2.100mdk.amd64.rpm
 b4a4cad770890d83b14c86ad021046ed  amd64/10.0/RPMS/samba-common-3.0.6-4.2.100mdk.amd64.rpm
 9a43ce1e10252c9ac5dd5b24b17909eb  amd64/10.0/RPMS/samba-doc-3.0.6-4.2.100mdk.amd64.rpm
 05021e3110a8f20ffd3d927303892e92  amd64/10.0/RPMS/samba-passdb-mysql-3.0.6-4.2.100mdk.amd64.rpm
 9870805d66d91862e453352c08ded88c  amd64/10.0/RPMS/samba-passdb-pgsql-3.0.6-4.2.100mdk.amd64.rpm
 2a96ca3e2b72aad7534c3eca637e53ff  amd64/10.0/RPMS/samba-passdb-xml-3.0.6-4.2.100mdk.amd64.rpm
 5dfcd5ba57582d36531b7f48e6ad64f3  amd64/10.0/RPMS/samba-server-3.0.6-4.2.100mdk.amd64.rpm
 6fe165ee376cf21638f7f0d5dd73c8da  amd64/10.0/RPMS/samba-swat-3.0.6-4.2.100mdk.amd64.rpm
 168a4c2a4026be306a15bbf689ec8494  amd64/10.0/RPMS/samba-winbind-3.0.6-4.2.100mdk.amd64.rpm
 8ffe9c6f1210684a55d161edb7c72d3c  amd64/10.0/SRPMS/samba-3.0.6-4.2.100mdk.src.rpm

 Mandrakelinux 10.1:
 252f42f17da3acd366b5b2e43de2ac1c  10.1/RPMS/libsmbclient0-3.0.7-2.1.101mdk.i586.rpm
 9977b3a58446f496887d0afb7ff89d55  10.1/RPMS/libsmbclient0-devel-3.0.7-2.1.101mdk.i586.rpm
 b8db76302389301e7250538eaa5840a9  10.1/RPMS/libsmbclient0-static-devel-3.0.7-2.1.101mdk.i586.rpm
 1c93ebc746d12e2165623b0c155ee2c7  10.1/RPMS/nss_wins-3.0.7-2.1.101mdk.i586.rpm
 e057eb4a81a562eed72cdc26603d9809  10.1/RPMS/samba-client-3.0.7-2.1.101mdk.i586.rpm
 c85ecce8d3b0b3992ea137cbb1332ec6  10.1/RPMS/samba-common-3.0.7-2.1.101mdk.i586.rpm
 06775da91feeec4d306ff5450a5d1f94  10.1/RPMS/samba-doc-3.0.7-2.1.101mdk.i586.rpm
 4556886aa48f5019029664f106d10ee0  10.1/RPMS/samba-passdb-mysql-3.0.7-2.1.101mdk.i586.rpm
 629e406c3a603ba16d9ee84a1b335b22  10.1/RPMS/samba-passdb-pgsql-3.0.7-2.1.101mdk.i586.rpm
 5d56f944f6d6de27412d040398fe1cc8  10.1/RPMS/samba-passdb-xml-3.0.7-2.1.101mdk.i586.rpm
 ba16fff1d2eb9a7656ff894933a608fd  10.1/RPMS/samba-server-3.0.7-2.1.101mdk.i586.rpm
 00e1439e77dab509297d7731a742fd7e  10.1/RPMS/samba-swat-3.0.7-2.1.101mdk.i586.rpm
 f84b9b4b33dbc5bf6c2f0988db483397  10.1/RPMS/samba-vscan-clamav-3.0.7-2.1.101mdk.i586.rpm
 896444e099a2f76921bb759a444bca7d  10.1/RPMS/samba-vscan-icap-3.0.7-2.1.101mdk.i586.rpm
 ff6edefa89b6ffae6ade0c9d29bc5c0f  10.1/RPMS/samba-winbind-3.0.7-2.1.101mdk.i586.rpm
 6af4ba75f6dceeb9f59593f7eb6eadba  10.1/SRPMS/samba-3.0.7-2.1.101mdk.src.rpm

 Mandrakelinux 10.1/X86_64:
 d4bd53b5357a048df4df87a28a35605f  x86_64/10.1/RPMS/lib64smbclient0-3.0.7-2.1.101mdk.x86_64.rpm
 25bd817806f9b87b2eecf422871276eb  x86_64/10.1/RPMS/lib64smbclient0-devel-3.0.7-2.1.101mdk.x86_64.rpm
 0f30be16cf3b6b91119d818cebc015a0  x86_64/10.1/RPMS/lib64smbclient0-static-devel-3.0.7-2.1.101mdk.x86_64.rpm
 e0af7cbd659288278c83f11681ea23f6  x86_64/10.1/RPMS/nss_wins-3.0.7-2.1.101mdk.x86_64.rpm
 8598ae6169bf34f8f94280e86e3e7158  x86_64/10.1/RPMS/samba-client-3.0.7-2.1.101mdk.x86_64.rpm
 21583612543254f59f1497f31ebdd452  x86_64/10.1/RPMS/samba-common-3.0.7-2.1.101mdk.x86_64.rpm
 ef742a2f8e90f6b28199b7d7f401d360  x86_64/10.1/RPMS/samba-doc-3.0.7-2.1.101mdk.x86_64.rpm
 3e075b3a310f7b2734b31e475d1ed38a  x86_64/10.1/RPMS/samba-passdb-mysql-3.0.7-2.1.101mdk.x86_64.rpm
 3157d958ac5dfa1d9d6e0414cd6ba4c2  x86_64/10.1/RPMS/samba-passdb-pgsql-3.0.7-2.1.101mdk.x86_64.rpm
 29ca763736331a93876f43a80ba38508  x86_64/10.1/RPMS/samba-passdb-xml-3.0.7-2.1.101mdk.x86_64.rpm
 8eb60d9846b1fc279c7a93c9fee1076c  x86_64/10.1/RPMS/samba-server-3.0.7-2.1.101mdk.x86_64.rpm
 d8bf4040f0821c196108dd19f3b64035  x86_64/10.1/RPMS/samba-swat-3.0.7-2.1.101mdk.x86_64.rpm
 a4912224c8872ab97e3afb2ca93caa6e  x86_64/10.1/RPMS/samba-vscan-clamav-3.0.7-2.1.101mdk.x86_64.rpm
 1e93b617f178801979e3a7240437ac92  x86_64/10.1/RPMS/samba-vscan-icap-3.0.7-2.1.101mdk.x86_64.rpm
 6b76d20975f5f8d6a1c4f39cd58becca  x86_64/10.1/RPMS/samba-winbind-3.0.7-2.1.101mdk.x86_64.rpm
 6af4ba75f6dceeb9f59593f7eb6eadba  x86_64/10.1/SRPMS/samba-3.0.7-2.1.101mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandrakesoft for security.  You can obtain
 the GPG public key of the Mandrakelinux Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandrakelinux at:

  http://www.mandrakesoft.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_linux-mandrake.com

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Linux Mandrake Security Team
  <security linux-mandrake.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQFBkre5mqjQ0CJFipgRAvsMAJ9vXHa3Ycai29cSPdlFzNfJJ/533ACfd/HZ
ne9mF4TcnnSa/5VZwrhG1Bw=
=TWvI
-----END PGP SIGNATURE-----


------------=_1100135359-1263-3798
Content-Type: text/plain; name="message.footer"
Content-Disposition: inline; filename="message.footer"
Content-Transfer-Encoding: 8bit

____________________________________________________
Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com
Join the Club : http://www.mandrakeclub.com
____________________________________________________

------------=_1100135359-1263-3798--

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC