int(1059)

Boletines de Vulnerabilidades


Acceso no autorizado a archivos en Samba

Clasificación de la vulnerabilidad

Propiedad Valor
Nivel de Confianza Oficial
Impacto Aumento de la visibilidad
Dificultad Avanzado
Requerimientos del atacante Acceso remoto sin cuenta a un servicio estandar

Información sobre el sistema

Propiedad Valor
Fabricante afectado GNU/Linux
Software afectado Samba 2.2.x <= 2.2.11
Samba 3.0.x <= 3.0.2a

Descripción

Se ha descubierto una vulnerabilidad en la versión 2.2.11 y anteriores de la rama 2.2.x de Samba y en la versión 3.0.2a y anteriores de la rama 3.0.x de Samba.

La vulnerabilidad reside en un error de validación de entrada en las rutinas encargadas de convertir los nombres de rutas DOS a nombres de rutas UNIX.

La explotación de esta vulnerabilidad podría permitir a un atacante remoto saltarse las restricciones de recursos compartidos especificadas y obtener acceso de lectura y escritura a archivos y directorios de todo el sistema, con los privilegios del usuario conectado al servidor Samba.

Solución

Si lo desea, aplique los mecanismos de actualización propios de su sistema, o bien descargue las fuentes del software y compílelo usted mismo.


Actualización de software

Samba

Samba 2.2.x
Actualice a Samba 2.2.12
http://us1.samba.org/samba/ftp/samba-2.2.12.tar.gz

Samba 3.0.x
Actualice a Samba 3.0.6 o superior
http://us1.samba.org/samba/ftp/samba-latest.tar.gz

Mandrake Linux

Mandrakelinux 9.2
x86
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/libsmbclient0-2.2.8a-13.3.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/libsmbclient0-devel-2.2.8a-13.3.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/libsmbclient0-static-devel-2.2.8a-13.3.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/nss_wins-2.2.8a-13.3.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/samba-client-2.2.8a-13.3.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/samba-common-2.2.8a-13.3.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/samba-debug-2.2.8a-13.3.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/samba-doc-2.2.8a-13.3.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/samba-server-2.2.8a-13.3.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/samba-swat-2.2.8a-13.3.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/samba-winbind-2.2.8a-13.3.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/SRPMS/samba-2.2.8a-13.3.92mdk.src.rpm
AMD64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/lib64smbclient0-2.2.8a-13.3.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/lib64smbclient0-devel-2.2.8a-13.3.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/lib64smbclient0-static-devel-2.2.8a-13.3.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/nss_wins-2.2.8a-13.3.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/samba-client-2.2.8a-13.3.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/samba-common-2.2.8a-13.3.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/samba-debug-2.2.8a-13.3.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/samba-doc-2.2.8a-13.3.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/samba-server-2.2.8a-13.3.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/samba-swat-2.2.8a-13.3.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/samba-winbind-2.2.8a-13.3.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/SRPMS/samba-2.2.8a-13.3.92mdk.src.rpm

Corporate Server 2.1
x86
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/nss_wins-2.2.7a-10.3.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/samba-client-2.2.7a-10.3.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/samba-common-2.2.7a-10.3.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/samba-doc-2.2.7a-10.3.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/samba-server-2.2.7a-10.3.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/samba-swat-2.2.7a-10.3.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/samba-winbind-2.2.7a-10.3.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/SRPMS/samba-2.2.7a-10.3.C21mdk.src.rpm
X86_64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/nss_wins-2.2.7a-10.3.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/samba-client-2.2.7a-10.3.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/samba-common-2.2.7a-10.3.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/samba-doc-2.2.7a-10.3.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/samba-server-2.2.7a-10.3.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/samba-swat-2.2.7a-10.3.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/samba-winbind-2.2.7a-10.3.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/SRPMS/samba-2.2.7a-10.3.C21mdk.src.rpm

Red Hat Linux

Red Hat Enterprise Linux AS (v. 2.1)
SRPMS
samba-2.2.12-1.21as.src.rpm
i386
samba-2.2.12-1.21as.i386.rpm
samba-client-2.2.12-1.21as.i386.rpm
samba-common-2.2.12-1.21as.i386.rpm
samba-swat-2.2.12-1.21as.i386.rpm
ia64
samba-2.2.12-1.21as.ia64.rpm
samba-client-2.2.12-1.21as.ia64.rpm
samba-common-2.2.12-1.21as.ia64.rpm
samba-swat-2.2.12-1.21as.ia64.rpm
https://rhn.redhat.com/

Red Hat Enterprise Linux ES (v. 2.1)
SRPMS
samba-2.2.12-1.21as.src.rpm
i386
samba-2.2.12-1.21as.i386.rpm
samba-client-2.2.12-1.21as.i386.rpm
samba-common-2.2.12-1.21as.i386.rpm
samba-swat-2.2.12-1.21as.i386.rpm
https://rhn.redhat.com/

Red Hat Enterprise Linux WS (v. 2.1)
SRPMS
samba-2.2.12-1.21as.src.rpm
i386
samba-2.2.12-1.21as.i386.rpm
samba-client-2.2.12-1.21as.i386.rpm
samba-common-2.2.12-1.21as.i386.rpm
samba-swat-2.2.12-1.21as.i386.rpm
https://rhn.redhat.com/

Red Hat Linux Advanced Workstation 2.1 Itanium Processor
SRPMS
samba-2.2.12-1.21as.src.rpm
ia64
samba-2.2.12-1.21as.ia64.rpm
samba-client-2.2.12-1.21as.ia64.rpm
samba-common-2.2.12-1.21as.ia64.rpm
samba-swat-2.2.12-1.21as.ia64.rpm
https://rhn.redhat.com/

SUSE Linux

SUSE Linux 9.0
x86
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/samba-2.2.8a-226.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/samba-2.2.8a-226.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/samba-2.2.8a-226.src.rpm
x86-64
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/samba-2.2.8a-226.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/samba-2.2.8a-226.x86_64.patch.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/samba-2.2.8a-226.src.rpm

SUSE Linux 8.2
x86
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/samba-2.2.8a-225.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/samba-2.2.8a-225.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/samba-2.2.8a-225.src.rpm

SUSE Linux 8.1
x86
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/samba-2.2.8a-224.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/samba-2.2.8a-224.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/samba-2.2.8a-224.src.rpm

Debian Linux

Debian Linux 3.0
Source
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-14.1.dsc
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-14.1.diff.gz
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a.orig.tar.gz
Architecture independent
http://security.debian.org/pool/updates/main/s/samba/samba-doc_2.2.3a-14.1_all.deb
Alpha
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-14.1_alpha.deb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-14.1_alpha.deb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-14.1_alpha.deb
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-14.1_alpha.deb
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-14.1_alpha.deb
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-14.1_alpha.deb
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-14.1_alpha.deb
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-14.1_alpha.deb
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-14.1_alpha.deb
ARM
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-14.1_arm.deb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-14.1_arm.deb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-14.1_arm.deb
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-14.1_arm.deb
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-14.1_arm.deb
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-14.1_arm.deb
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-14.1_arm.deb
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-14.1_arm.deb
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-14.1_arm.deb
Intel IA-32
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-14.1_i386.deb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-14.1_i386.deb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-14.1_i386.deb
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-14.1_i386.deb
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-14.1_i386.deb
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-14.1_i386.deb
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-14.1_i386.deb
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-14.1_i386.deb
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-14.1_i386.deb
Intel IA-64
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-14.1_ia64.deb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-14.1_ia64.deb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-14.1_ia64.deb
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-14.1_ia64.deb
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-14.1_ia64.deb
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-14.1_ia64.deb
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-14.1_ia64.deb
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-14.1_ia64.deb
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-14.1_ia64.deb
HP Precision
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-14.1_hppa.deb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-14.1_hppa.deb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-14.1_hppa.deb
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-14.1_hppa.deb
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-14.1_hppa.deb
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-14.1_hppa.deb
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-14.1_hppa.deb
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-14.1_hppa.deb
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-14.1_hppa.deb
Motorola 680x0
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-14.1_m68k.deb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-14.1_m68k.deb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-14.1_m68k.deb
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-14.1_m68k.deb
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-14.1_m68k.deb
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-14.1_m68k.deb
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-14.1_m68k.deb
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-14.1_m68k.deb
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-14.1_m68k.deb
Big endian MIPS
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-14.1_mips.deb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-14.1_mips.deb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-14.1_mips.deb
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-14.1_mips.deb
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-14.1_mips.deb
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-14.1_mips.deb
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-14.1_mips.deb
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-14.1_mips.deb
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-14.1_mips.deb
Little endian MIPS
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-14.1_mipsel.deb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-14.1_mipsel.deb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-14.1_mipsel.deb
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-14.1_mipsel.deb
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-14.1_mipsel.deb
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-14.1_mipsel.deb
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-14.1_mipsel.deb
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-14.1_mipsel.deb
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-14.1_mipsel.deb
PowerPC
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-14.1_powerpc.deb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-14.1_powerpc.deb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-14.1_powerpc.deb
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-14.1_powerpc.deb
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-14.1_powerpc.deb
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-14.1_powerpc.deb
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-14.1_powerpc.deb
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-14.1_powerpc.deb
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-14.1_powerpc.deb
IBM S/390
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-14.1_s390.deb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-14.1_s390.deb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-14.1_s390.deb
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-14.1_s390.deb
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-14.1_s390.deb
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-14.1_s390.deb
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-14.1_s390.deb
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-14.1_s390.deb
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-14.1_s390.deb
Sun Sparc
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-14.1_sparc.deb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-14.1_sparc.deb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-14.1_sparc.deb
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-14.1_sparc.deb
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-14.1_sparc.deb
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-14.1_sparc.deb
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-14.1_sparc.deb
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-14.1_sparc.deb
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-14.1_sparc.deb

HP

HP-UX B.11.00
Actualizar CIFS-Server a una versión >=A.01.11.03
http://software.hp.com/

HP-UX B.11.11
Actualizar CIFS-Server a una versión >=A.01.11.03
http://software.hp.com/

HP-UX B.11.22
Actualizar CIFS-Server a una versión >=A.01.11.03
http://software.hp.com/

HP-UX B.11.23
Actualizar CIFS-Server a una versión >=A.01.11.03
http://software.hp.com/

HP MPE/iX
MPE/iX 6.5 - Instalar Parche SMBMXR5A
MPE/iX 7.0 - Instalar Parche SMBMXR5B
MPE/iX 7.5 - Instalar Parche SMBMXR5C
http://itrc.hp.com/

Sun

Solaris 9
SPARC - Parche 114684-03
x86 - Parche 114685-03
http://sunsolve.sun.com/pub-cgi/show.pl?target=patchpage

Solaris 10
SPARC - Parche 119757-01
x86 - Parche 119758-01
http://sunsolve.sun.com/pub-cgi/show.pl?target=patchpage

Identificadores estándar

Propiedad Valor
CVE CAN-2004-0815
BID

Recursos adicionales

iDEFENSE Security Advisory
http://www.idefense.com/application/poi/display?id=146&type=vulnerabilities&flashstatus=true

Samba Security Notice
http://us1.samba.org/samba/news/#security_2.2.12

Mandrakesoft Security Advisory MDKSA-2004:104
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:104

Red Hat Security Advisory RHSA-2004:498-04
https://rhn.redhat.com/errata/RHSA-2004-498.html

SUSE Security Announcement SUSE-SA:2004:035
http://www.suse.de/de/security/2004_35_samba.html

Debian Security Advisory DSA 600-1
http://lists.debian.org/debian-security-announce/debian-security-announce-2004/msg00164.html

HP SECURITY BULLETIN HPSBUX01086
http://www5.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01086

HP SECURITY BULLETIN HPSBMP01089
http://www5.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBMP01089

Sun(sm) Alert Notification 101584
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101584-1

Histórico de versiones

Versión Comentario Fecha
1.0 Aviso emitido 2004-10-01
1.1 Aviso emitido por Mandrake (MDKSA-2004:104) 2004-10-04
1.2 Aviso emitido por Red Hat (RHSA-2004:498-04) 2004-10-05
2.0 Solo versión 3.0.2a y anteriores de la rama 3.0.x son vulnerables. Aviso emitido por SuSE (SUSE-SA:2004:035). 2004-10-06
2.1 Aviso emitido por Debian (DSA 600-1) 2004-10-07
2.2 Aviso emitido por HP (HPSBUX01086) 2004-10-19
2.3 Aviso emitido por HP (HPSBMP01089) 2004-11-02
2.4 Aviso emitido por Sun (57664) 2005-01-10
2.5 Aviso actualizado por Sun (101584) 2005-06-14

Miembros de

Ministerio de Defensa
CNI
CCN
CCN-CERT