Vulnerability Bulletins |
Vulnerabilidad de desbordamiento de búfer en Samba |
|
Vulnerability classification |
|
Property | Value |
Confidence level | Oficial |
Impact | Obtener acceso |
Dificulty | Avanzado |
Required attacker level | Acceso remoto con cuenta |
System information |
|
Property | Value |
Affected manufacturer | GNU/Linux |
Affected software | Samba 3.0.x <= 3.0.7 |
Description |
|
Se ha encontrado un problema en el manejo de las cadenas Unicode dentro del procesado de archivos de Samba lo cual podría causar un desbordamiento de búfer que permitiría a un atacante remoto insertar código arbitrario en el proceso smbd. | |
Solution |
|
Actualización de software SUSE x86: SUSE Linux 9.2: ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/samba-3.0.7-5.2.i586.rpm patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/samba-3.0.7-5.2.i586.patch.rpm source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/samba-3.0.7-5.2.src.rpm SUSE Linux 9.1: ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/samba-3.0.4-1.34.3.i586.rpm patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/samba-3.0.4-1.34.3.i586.patch.rpm source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/samba-3.0.4-1.34.3.src.rpm x86-64: SUSE Linux 9.2: ftp://ftp.suse.com/pub/suse/x86_64/update/9.2/rpm/x86_64/samba-3.0.7-5.2.x86_64.rpm patch rpm(s): ftp://ftp.suse.com/pub/suse/x86_64/update/9.2/rpm/x86_64/samba-3.0.7-5.2.x86_64.patch.rpm source rpm(s): ftp://ftp.suse.com/pub/suse/x86_64/update/9.2/rpm/src/samba-3.0.7-5.2.src.rpm SUSE Linux 9.1: ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/samba-3.0.4-1.34.3.x86_64.rpm patch rpm(s): ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/samba-3.0.4-1.34.3.x86_64.patch.rpm source rpm(s): ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/samba-3.0.4-1.34.3.src.rpm |
|
Standar resources |
|
Property | Value |
CVE | CAN-2004-0882 |
BID | |
Other resources |
|
SUSE Security Announcement (SUSE-SA:2004:040) http://www.suse.de/de/security/2004_40_samba.html |
Version history |
||
Version | Comments | Date |
1.0 | Aviso emitido | 2004-11-15 |