[SECURITY] [DSA 2175-1] samba security update

2011-02-2823:15:23

lists.debian.org

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.036 Low

EPSS

Percentile

91.6%

JSON

Debian Security Advisory DSA-2175-1 [email protected]
http://www.debian.org/security/ Moritz Muehlenhoff
February 28, 2011 http://www.debian.org/security/faq

Package : samba
Vulnerability : missing input sanisiting
Problem type : remote
Debian-specific: no
CVE ID : CVE-2011-0719

Volker Lendecke discovered that missing range checks in Samba's file
descriptor handling could lead to memory corruption, resulting in denial
of service.

For the oldstable distribution (lenny), this problem has been fixed in
version 3.2.5-4lenny14.

For the stable distribution (squeeze), this problem has been fixed in
version 3.5.6~dfsg-3squeeze2.

For the unstable distribution (sid), this problem will be fixed soon.

We recommend that you upgrade your samba packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian5sparcsmbclient< 2:3.2.5-4lenny14smbclient_2:3.2.5-4lenny14_sparc.deb
Debian6ia64libwbclient0< 2:3.5.6~dfsg-3squeeze2libwbclient0_2:3.5.6~dfsg-3squeeze2_ia64.deb
Debian5ia64samba-dbg< 2:3.2.5-4lenny14samba-dbg_2:3.2.5-4lenny14_ia64.deb
Debian5alphalibsmbclient< 2:3.2.5-4lenny14libsmbclient_2:3.2.5-4lenny14_alpha.deb
Debian5mipselsamba-tools< 2:3.2.5-4lenny14samba-tools_2:3.2.5-4lenny14_mipsel.deb
Debian6amd64libwbclient0< 2:3.5.6~dfsg-3squeeze2libwbclient0_2:3.5.6~dfsg-3squeeze2_amd64.deb
Debian6i386libwbclient0< 2:3.5.6~dfsg-3squeeze2libwbclient0_2:3.5.6~dfsg-3squeeze2_i386.deb
Debian5hppalibwbclient0< 2:3.2.5-4lenny14libwbclient0_2:3.2.5-4lenny14_hppa.deb
Debian5mipssamba< 2:3.2.5-4lenny14samba_2:3.2.5-4lenny14_mips.deb
Debian5ia64swat< 2:3.2.5-4lenny14swat_2:3.2.5-4lenny14_ia64.deb

OS	Version	Architecture	Package	Version	Filename
Debian	5	sparc	smbclient	< 2:3.2.5-4lenny14	smbclient_2:3.2.5-4lenny14_sparc.deb
Debian	6	ia64	libwbclient0	< 2:3.5.6~dfsg-3squeeze2	libwbclient0_2:3.5.6~dfsg-3squeeze2_ia64.deb
Debian	5	ia64	samba-dbg	< 2:3.2.5-4lenny14	samba-dbg_2:3.2.5-4lenny14_ia64.deb
Debian	5	alpha	libsmbclient	< 2:3.2.5-4lenny14	libsmbclient_2:3.2.5-4lenny14_alpha.deb
Debian	5	mipsel	samba-tools	< 2:3.2.5-4lenny14	samba-tools_2:3.2.5-4lenny14_mipsel.deb
Debian	6	amd64	libwbclient0	< 2:3.5.6~dfsg-3squeeze2	libwbclient0_2:3.5.6~dfsg-3squeeze2_amd64.deb
Debian	6	i386	libwbclient0	< 2:3.5.6~dfsg-3squeeze2	libwbclient0_2:3.5.6~dfsg-3squeeze2_i386.deb
Debian	5	hppa	libwbclient0	< 2:3.2.5-4lenny14	libwbclient0_2:3.2.5-4lenny14_hppa.deb
Debian	5	mips	samba	< 2:3.2.5-4lenny14	samba_2:3.2.5-4lenny14_mips.deb
Debian	5	ia64	swat	< 2:3.2.5-4lenny14	swat_2:3.2.5-4lenny14_ia64.deb