SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (File Transfer/Sharing)  >   Samba Vendors:   Samba.org
(Fedora Issues Fix for FC3) Samba Input Validation Error in ms_fnmatch() Lets Remote Authenticated Users Deny Service
SecurityTracker Alert ID:  1012358
SecurityTracker URL:  http://securitytracker.com/id/1012358
CVE Reference:   CVE-2004-0930   (Links to External Site)
Date:  Nov 30 2004
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 3.0 through 3.0.7
Description:   An input vulnerability was reported in Samba. A remote authenticated user may be able to cause denial of service conditions.

The vendor reported that there is a flaw in the matching of filenames containing wildcard characters. A remote user can cause the target smbd process to consume excessive CPU resources and, in some cases, cause the system to stop responding.

The vendor credits iDEFENSE with reporting this flaw.

iDEFENSE reported that the flaw resides in the ms_fnmatch() function and can be triggered by sending a command that contains multiple asterik characters, such as the following command:

dir ***********************************************z

Impact:   A remote authenticated user can cause excessive CPU consumption on the target system, potentially causing the system to become unresponsive.
Solution:   Fedora has released a fix, available at:

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

d254ddf57e6fd0ebeb0e0dc8aa2a5ac2 SRPMS/samba-3.0.9-1.fc3.src.rpm
fd6e5d1bd9d1ca5f023396884b795389 x86_64/samba-3.0.9-1.fc3.x86_64.rpm
18a20384b1aaed6c72b1894a986644a9 x86_64/samba-client-3.0.9-1.fc3.x86_64.rpm
c7f95e47ffb456b08a7e8a146a7f5ff4 x86_64/samba-common-3.0.9-1.fc3.x86_64.rpm
c30dd1bed208b5ff60ce2a953b56b32f x86_64/samba-swat-3.0.9-1.fc3.x86_64.rpm
f245d6faff2da4736fa292629abfc378 x86_64/debug/samba-debuginfo-3.0.9-1.fc3.x86_64.rpm
6389442760fcf4f69e7085d62292fd32 x86_64/samba-common-3.0.9-1.fc3.i386.rpm
bd54457ee99bcbfb5e36d194363c959c i386/samba-3.0.9-1.fc3.i386.rpm
300e28632cdc1712dfb39ecf405e2049 i386/samba-client-3.0.9-1.fc3.i386.rpm
6389442760fcf4f69e7085d62292fd32 i386/samba-common-3.0.9-1.fc3.i386.rpm
cb09ddf548381c1e4b3fbf6c86212e7b i386/samba-swat-3.0.9-1.fc3.i386.rpm
b948a78e6376f3620be26ac9161fe95e i386/debug/samba-debuginfo-3.0.9-1.fc3.i386.rpm

Vendor URL:  www.samba.org/ (Links to External Site)
Cause:   Input validation error, State error
Underlying OS:  Linux (Red Hat Fedora)
Underlying OS Comments:  FC3

Message History:   This archive entry is a follow-up to the message listed below.
Nov 8 2004 Samba Input Validation Error in ms_fnmatch() Lets Remote Authenticated Users Deny Service



 Source Message Contents

Subject:  [SECURITY] Fedora Core 3 Update: samba-3.0.9-1.fc3



---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2004-460
2004-11-29
---------------------------------------------------------------------

Product     : Fedora Core 3
Name        : samba
Version     : 3.0.9                      
Release     : 1.fc3                  
Summary     : The Samba SMB server.
Description :
Samba is the protocol by which a lot of PC-related machines share
files, printers, and other information (such as lists of available
files and printers). The Windows NT, OS/2, and Linux operating systems
support this natively, and add-on packages can enable the same thing
for DOS, Windows, VMS, UNIX of all kinds, MVS, and more. This package
provides an SMB server that can be used to provide network services to
SMB (sometimes called "Lan Manager") clients. Samba uses NetBIOS over
TCP/IP (NetBT) protocols and does NOT need the NetBEUI (Microsoft Raw
NetBIOS frame) protocol.

---------------------------------------------------------------------
Update Information:

This update closes two security holes: CAN-2004-0882 and CAN-2004-0930.

---------------------------------------------------------------------
* Mon Nov 22 2004 Jay Fenlason <fenlason@redhat.com> 3.0.9-1.fc3

- Upgrade to 3.0.9, which fixes problems with 3.0.8
  (From the release notes:)
  o Problem updating roaming user profiles.
  o Crash in smbd when printing from a Windows 9x client.
  o Unresolved symbols in libsmbclient which caused 
    applications such as KDE's konqueror to fail when
    accessing smb:// URLs.
- Backport fixes for #134694, #76628, #76641
- Remove the hack needed for the bad doc files in the 3.0.8 tarball.
- Include the install.mount.smbfs patch.
- Remove obsolete triggers from this spec file.

* Tue Nov 09 2004 Jay Fenlason <fenlason@redhat.com> 3.0.8-1.fc3

- New upstream release fixes CAN-2004-0930
  This obsoletes the disable-sendfile, salt, signing-shortkey and fqdn patches.
- Updated pie and logfiles patches for 3.0.8
- Include the corrected docs tarball, and use it instead of the obsolete
  docs from the upstream 3.0.8 tarballs.


---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

d254ddf57e6fd0ebeb0e0dc8aa2a5ac2  SRPMS/samba-3.0.9-1.fc3.src.rpm
fd6e5d1bd9d1ca5f023396884b795389  x86_64/samba-3.0.9-1.fc3.x86_64.rpm
18a20384b1aaed6c72b1894a986644a9  x86_64/samba-client-3.0.9-1.fc3.x86_64.rpm
c7f95e47ffb456b08a7e8a146a7f5ff4  x86_64/samba-common-3.0.9-1.fc3.x86_64.rpm
c30dd1bed208b5ff60ce2a953b56b32f  x86_64/samba-swat-3.0.9-1.fc3.x86_64.rpm
f245d6faff2da4736fa292629abfc378  x86_64/debug/samba-debuginfo-3.0.9-1.fc3.x86_64.rpm
6389442760fcf4f69e7085d62292fd32  x86_64/samba-common-3.0.9-1.fc3.i386.rpm
bd54457ee99bcbfb5e36d194363c959c  i386/samba-3.0.9-1.fc3.i386.rpm
300e28632cdc1712dfb39ecf405e2049  i386/samba-client-3.0.9-1.fc3.i386.rpm
6389442760fcf4f69e7085d62292fd32  i386/samba-common-3.0.9-1.fc3.i386.rpm
cb09ddf548381c1e4b3fbf6c86212e7b  i386/samba-swat-3.0.9-1.fc3.i386.rpm
b948a78e6376f3620be26ac9161fe95e  i386/debug/samba-debuginfo-3.0.9-1.fc3.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
---------------------------------------------------------------------

--
fedora-announce-list mailing list
fedora-announce-list@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-announce-list

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC