Boletines de Vulnerabilidades |
Denegación de Servicio en el servidor smbd de Samba |
|
Clasificación de la vulnerabilidad |
|
Propiedad | Valor |
Nivel de Confianza | Oficial |
Impacto | Denegación de Servicio |
Dificultad | Avanzado |
Requerimientos del atacante | Acceso remoto sin cuenta a un servicio estandar |
Información sobre el sistema |
|
Propiedad | Valor |
Fabricant afectat | GNU/Linux |
Software afectado | Samba 3.0.x <=v3.0.6 |
Descripción |
|
Se ha descubierto una vulnerabilidad en el servidor smbd de las versiones 3.0.x menores o igual a la 3.0.6 de Samba. La vulnerabilidad reside en el parseo de ASN.1 y permite a un atacante remoto sin autenticación enviar múltiples peticiones malformadas que pueden provocar un consumo de los recursos del sistema ya que cada una de las peticiones arrancará un nuevo proceso que entrara en un bucle infinito lo que puede resultar en una denegación de servicio del sistema. |
|
Solución |
|
Actualización de software Samba Samba 3.0.5 - Parche http://download.samba.org/samba/ftp/patches/security/ Mandrake Linux Mandrakelinux 10.0 x86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/libsmbclient0-3.0.6-4.1.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/libsmbclient0-devel-3.0.6-4.1.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/libsmbclient0-static-devel-3.0.6-4.1.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/nss_wins-3.0.6-4.1.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/samba-client-3.0.6-4.1.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/samba-common-3.0.6-4.1.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/samba-doc-3.0.6-4.1.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/samba-passdb-mysql-3.0.6-4.1.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/samba-passdb-pgsql-3.0.6-4.1.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/samba-passdb-xml-3.0.6-4.1.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/samba-server-3.0.6-4.1.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/samba-swat-3.0.6-4.1.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/samba-winbind-3.0.6-4.1.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/SRPMS/samba-3.0.6-4.1.100mdk.src.rpm AMD64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/lib64smbclient0-3.0.6-4.1.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/lib64smbclient0-devel-3.0.6-4.1.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/lib64smbclient0-static-devel-3.0.6-4.1.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/nss_wins-3.0.6-4.1.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/samba-client-3.0.6-4.1.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/samba-common-3.0.6-4.1.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/samba-doc-3.0.6-4.1.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/samba-passdb-mysql-3.0.6-4.1.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/samba-passdb-pgsql-3.0.6-4.1.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/samba-passdb-xml-3.0.6-4.1.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/samba-server-3.0.6-4.1.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/samba-swat-3.0.6-4.1.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/samba-winbind-3.0.6-4.1.100mdk.amd64.rpm Red Hat Linux Red Hat Desktop (v. 3) AMD64 samba-3.0.7-1.3E.x86_64.rpm samba-client-3.0.7-1.3E.x86_64.rpm samba-common-3.0.7-1.3E.x86_64.rpm samba-swat-3.0.7-1.3E.x86_64.rpm SRPMS samba-3.0.7-1.3E.src.rpm i386 samba-3.0.7-1.3E.i386.rpm samba-client-3.0.7-1.3E.i386.rpm samba-common-3.0.7-1.3E.i386.rpm samba-swat-3.0.7-1.3E.i386.rpm samba-3.0.7-1.3E.i386.rpm https://rhn.redhat.com/ Red Hat Enterprise Linux AS (v. 3) AMD64 samba-3.0.7-1.3E.x86_64.rpm samba-client-3.0.7-1.3E.x86_64.rpm samba-common-3.0.7-1.3E.x86_64.rpm samba-swat-3.0.7-1.3E.x86_64.rpm SRPMS samba-3.0.7-1.3E.src.rpm i386 samba-3.0.7-1.3E.i386.rpm samba-client-3.0.7-1.3E.i386.rpm samba-common-3.0.7-1.3E.i386.rpm samba-swat-3.0.7-1.3E.i386.rpm samba-3.0.7-1.3E.i386.rpm samba-3.0.7-1.3E.i386.rpm ia64 samba-3.0.7-1.3E.ia64.rpm samba-client-3.0.7-1.3E.ia64.rpm samba-common-3.0.7-1.3E.ia64.rpm samba-swat-3.0.7-1.3E.ia64.rpm ppc samba-3.0.7-1.3E.ppc.rpm samba-client-3.0.7-1.3E.ppc.rpm samba-common-3.0.7-1.3E.ppc.rpm samba-swat-3.0.7-1.3E.ppc.rpm s390 samba-3.0.7-1.3E.s390.rpm samba-client-3.0.7-1.3E.s390.rpm samba-common-3.0.7-1.3E.s390.rpm samba-swat-3.0.7-1.3E.s390.rpm samba-3.0.7-1.3E.s390.rpm s390x samba-3.0.7-1.3E.s390x.rpm samba-client-3.0.7-1.3E.s390x.rpm samba-common-3.0.7-1.3E.s390x.rpm samba-swat-3.0.7-1.3E.s390x.rpm https://rhn.redhat.com/ Red Hat Enterprise Linux ES (v. 3) AMD64 samba-3.0.7-1.3E.x86_64.rpm samba-client-3.0.7-1.3E.x86_64.rpm samba-common-3.0.7-1.3E.x86_64.rpm samba-swat-3.0.7-1.3E.x86_64.rpm SRPMS samba-3.0.7-1.3E.src.rpm i386 samba-3.0.7-1.3E.i386.rpm samba-client-3.0.7-1.3E.i386.rpm samba-common-3.0.7-1.3E.i386.rpm samba-swat-3.0.7-1.3E.i386.rpm samba-3.0.7-1.3E.i386.rpm samba-3.0.7-1.3E.i386.rpm ia64 samba-3.0.7-1.3E.ia64.rpm samba-client-3.0.7-1.3E.ia64.rpm samba-common-3.0.7-1.3E.ia64.rpm samba-swat-3.0.7-1.3E.ia64.rpm https://rhn.redhat.com/ Red Hat Enterprise Linux WS (v. 3) AMD64 samba-3.0.7-1.3E.x86_64.rpm samba-client-3.0.7-1.3E.x86_64.rpm samba-common-3.0.7-1.3E.x86_64.rpm samba-swat-3.0.7-1.3E.x86_64.rpm SRPMS samba-3.0.7-1.3E.src.rpm i386 samba-3.0.7-1.3E.i386.rpm samba-client-3.0.7-1.3E.i386.rpm samba-common-3.0.7-1.3E.i386.rpm samba-swat-3.0.7-1.3E.i386.rpm samba-3.0.7-1.3E.i386.rpm samba-3.0.7-1.3E.i386.rpm ia64 samba-3.0.7-1.3E.ia64.rpm samba-client-3.0.7-1.3E.ia64.rpm samba-common-3.0.7-1.3E.ia64.rpm samba-swat-3.0.7-1.3E.ia64.rpm https://rhn.redhat.com/ IRIX IRIX 6.5.22, IRIX 6.5.23, IRIX 6.5.24, IRIX 6.5.25, IRIX 6.5.26 - Instale el parche 5798 ftp://patches.sgi.com/ |
|
Identificadores estándar |
|
Propiedad | Valor |
CVE | CAN-2004-0807 |
BID | |
Recursos adicionales |
|
Samba announce: Samba 3.0.x Denial of Service Flaw http://us1.samba.org/samba/history/3.0_DOS_sept04_announce.txt iDEFENSE Security Advisory 09.13.04b http://www.idefense.com/application/poi/display?id=139&type=vulnerabilities Mandrakesoft Security Advisory MDKSA-2004:092 http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:092 Red Hat Security Advisory RHSA-2004:467-04 https://rhn.redhat.com/errata/RHSA-2004-467.html SGI Security Advisory (20041201-01-P) ftp://patches.sgi.com/support/free/security/advisories/20041201-01-P.asc |
Histórico de versiones |
||
Versión | Comentario | Data |
1.0 | Aviso emitido | 2004-09-14 |
1.1 | Aviso emitido por Red Hat (RHSA-2004:467-04) | 2004-09-23 |
1.2 | Aviso emitido por SGI (20041201-01-P) | 2004-12-10 |