Samba regression

ID USN-460-2
Type ubuntu
Reporter Ubuntu
Modified 2007-05-22T00:00:00


USN-460-1 fixed several vulnerabilities in Samba. The upstream changes for CVE-2007-2444 had an unexpected side-effect in Feisty. Shares configured with the “force group” option no longer behaved correctly.
This update corrects the problem. We apologize for the inconvenience.

Original advisory details:

Paul Griffith and Andrew Hogue discovered that Samba did not fully drop root privileges while translating SIDs. A remote authenticated user could issue SMB operations during a small window of opportunity and gain root privileges. (CVE-2007-2444)