int(939)

Boletines de Vulnerabilidades


Vulnerabilidad de desbordamiento de búfer en Samba 2.2.x y Samba 3.0.x

Clasificación de la vulnerabilidad

Propiedad Valor
Nivel de Confianza Oficial
Impacto Obtener acceso
Dificultad Experto
Requerimientos del atacante Acceso remoto sin cuenta a un servicio estandar

Información sobre el sistema

Propiedad Valor
Fabricante afectado GNU/Linux
Software afectado Samba v2.2.x < v2.2.10
Samba v3.0.x < v3.0.5
HP CIFS Server A.01.11.02

Descripción

Se ha descubierto una vulnerabilidad de desbordamiento de búfer en las versiones 2.2.x menores que la 2.2.9 y versiones 3.0.x menores que la 3.0.x de Samba. La vulnerabilidad reside en el código que implementa la opción 'mangling method = hash'.

El impacto que podría llegar a tener la explotación de esta vulnerabilidad es por el momento desconocido.

Solución

Utilizar el valor 'hash2' para la opción 'mangling method' en el archivo smb.conf.

Si lo desea, aplique los mecanismos de actualización propios de su distribución, o bien baje las fuentes del software y compílelo usted mismo.


Actualización de software

Samba
Samba 3.0.5
Samba 2.2.10
http://hostopia.samba.org/samba/ftp/

Mandrake Linux

Mandrakelinux 9.1
x86
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.1/RPMS/nss_wins-2.2.7a-9.4.91mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.1/RPMS/samba-client-2.2.7a-9.4.91mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.1/RPMS/samba-common-2.2.7a-9.4.91mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.1/RPMS/samba-doc-2.2.7a-9.4.91mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.1/RPMS/samba-server-2.2.7a-9.4.91mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.1/RPMS/samba-swat-2.2.7a-9.4.91mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.1/RPMS/samba-winbind-2.2.7a-9.4.91mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.1/SRPMS/samba-2.2.7a-9.4.91mdk.src.rpm
PPC
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/ppc/9.1/RPMS/nss_wins-2.2.7a-9.4.91mdk.ppc.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/ppc/9.1/RPMS/samba-client-2.2.7a-9.4.91mdk.ppc.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/ppc/9.1/RPMS/samba-common-2.2.7a-9.4.91mdk.ppc.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/ppc/9.1/RPMS/samba-doc-2.2.7a-9.4.91mdk.ppc.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/ppc/9.1/RPMS/samba-server-2.2.7a-9.4.91mdk.ppc.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/ppc/9.1/RPMS/samba-swat-2.2.7a-9.4.91mdk.ppc.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/ppc/9.1/RPMS/samba-winbind-2.2.7a-9.4.91mdk.ppc.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/ppc/9.1/SRPMS/samba-2.2.7a-9.4.91mdk.src.rpm

Mandrakelinux 9.2
x86
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/libsmbclient0-2.2.8a-13.2.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/libsmbclient0-devel-2.2.8a-13.2.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/libsmbclient0-static-devel-2.2.8a-13.2.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/nss_wins-2.2.8a-13.2.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/samba-client-2.2.8a-13.2.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/samba-common-2.2.8a-13.2.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/samba-debug-2.2.8a-13.2.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/samba-doc-2.2.8a-13.2.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/samba-server-2.2.8a-13.2.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/samba-swat-2.2.8a-13.2.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/samba-winbind-2.2.8a-13.2.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/SRPMS/samba-2.2.8a-13.2.92mdk.src.rpm
AMD64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/nss_wins-2.2.8a-13.2.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/samba-client-2.2.8a-13.2.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/samba-common-2.2.8a-13.2.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/samba-debug-2.2.8a-13.2.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/samba-doc-2.2.8a-13.2.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/samba-server-2.2.8a-13.2.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/samba-swat-2.2.8a-13.2.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/samba-winbind-2.2.8a-13.2.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/SRPMS/samba-2.2.8a-13.2.92mdk.src.rpm

Mandrakelinux 10.0
x86
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/libsmbclient0-3.0.2a-3.2.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/libsmbclient0-devel-3.0.2a-3.2.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/libsmbclient0-static-devel-3.0.2a-3.2.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/nss_wins-3.0.2a-3.2.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/samba-client-3.0.2a-3.2.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/samba-common-3.0.2a-3.2.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/samba-doc-3.0.2a-3.2.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/samba-passdb-mysql-3.0.2a-3.2.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/samba-passdb-xml-3.0.2a-3.2.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/samba-server-3.0.2a-3.2.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/samba-swat-3.0.2a-3.2.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/samba-winbind-3.0.2a-3.2.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/SRPMS/samba-3.0.2a-3.2.100mdk.src.rpm
AMD64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/nss_wins-3.0.2a-3.2.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/samba-client-3.0.2a-3.2.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/samba-common-3.0.2a-3.2.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/samba-doc-3.0.2a-3.2.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/samba-passdb-mysql-3.0.2a-3.2.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/samba-passdb-xml-3.0.2a-3.2.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/samba-server-3.0.2a-3.2.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/samba-swat-3.0.2a-3.2.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/samba-winbind-3.0.2a-3.2.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/SRPMS/samba-3.0.2a-3.2.100mdk.src.rpm

Mandrake Multi Network Firewall 8.2
x86
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf8.2/RPMS/nss_wins-2.2.7a-9.4.M82mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf8.2/RPMS/samba-client-2.2.7a-9.4.M82mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf8.2/RPMS/samba-common-2.2.7a-9.4.M82mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf8.2/RPMS/samba-doc-2.2.7a-9.4.M82mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf8.2/RPMS/samba-server-2.2.7a-9.4.M82mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf8.2/RPMS/samba-swat-2.2.7a-9.4.M82mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf8.2/RPMS/samba-winbind-2.2.7a-9.4.M82mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf8.2/SRPMS/samba-2.2.7a-9.4.M82mdk.src.rpm

Mandrake Corporate Server 2.1
x86
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/nss_wins-2.2.7a-10.2.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/samba-client-2.2.7a-10.2.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/samba-common-2.2.7a-10.2.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/samba-doc-2.2.7a-10.2.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/samba-server-2.2.7a-10.2.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/samba-swat-2.2.7a-10.2.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/samba-winbind-2.2.7a-10.2.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/SRPMS/samba-2.2.7a-10.2.C21mdk.src.rpm
X86_64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/nss_wins-2.2.7a-10.2.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/samba-client-2.2.7a-10.2.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/samba-common-2.2.7a-10.2.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/samba-doc-2.2.7a-10.2.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/samba-server-2.2.7a-10.2.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/samba-swat-2.2.7a-10.2.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/samba-winbind-2.2.7a-10.2.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/SRPMS/samba-2.2.7a-10.2.C21mdk.src.rpm

Red Hat Linux

Red Hat Desktop (v. 3)
AMD64
samba-3.0.4-6.3E.x86_64.rpm
samba-client-3.0.4-6.3E.x86_64.rpm
samba-common-3.0.4-6.3E.x86_64.rpm
samba-swat-3.0.4-6.3E.x86_64.rpm
SRPMS
samba-3.0.4-6.3E.src.rpm
i386
samba-3.0.4-6.3E.i386.rpm
samba-client-3.0.4-6.3E.i386.rpm
samba-common-3.0.4-6.3E.i386.rpm
samba-swat-3.0.4-6.3E.i386.rpm
samba-3.0.4-6.3E.i386.rpm
https://rhn.redhat.com/

Red Hat Enterprise Linux AS (v. 3)
AMD64
samba-3.0.4-6.3E.x86_64.rpm
samba-client-3.0.4-6.3E.x86_64.rpm
samba-common-3.0.4-6.3E.x86_64.rpm
samba-swat-3.0.4-6.3E.x86_64.rpm
SRPMS
samba-3.0.4-6.3E.src.rpm
i386
samba-3.0.4-6.3E.i386.rpm
samba-client-3.0.4-6.3E.i386.rpm
samba-common-3.0.4-6.3E.i386.rpm
samba-swat-3.0.4-6.3E.i386.rpm
samba-3.0.4-6.3E.i386.rpm
ia64
samba-3.0.4-6.3E.ia64.rpm
samba-client-3.0.4-6.3E.ia64.rpm
samba-common-3.0.4-6.3E.ia64.rpm
samba-swat-3.0.4-6.3E.ia64.rpm
ppc
samba-3.0.4-6.3E.ppc.rpm
samba-client-3.0.4-6.3E.ppc.rpm
samba-common-3.0.4-6.3E.ppc.rpm
samba-swat-3.0.4-6.3E.ppc.rpm
ppc64
samba-3.0.4-6.3E.ppc64.rpm
s390
samba-3.0.4-6.3E.s390.rpm
samba-client-3.0.4-6.3E.s390.rpm
samba-common-3.0.4-6.3E.s390.rpm
samba-swat-3.0.4-6.3E.s390.rpm
samba-3.0.4-6.3E.s390.rpm
s390x
samba-3.0.4-6.3E.s390x.rpm
samba-client-3.0.4-6.3E.s390x.rpm
samba-common-3.0.4-6.3E.s390x.rpm
samba-swat-3.0.4-6.3E.s390x.rpm
https://rhn.redhat.com/

Red Hat Enterprise Linux ES (v. 3)
AMD64
samba-3.0.4-6.3E.x86_64.rpm
samba-client-3.0.4-6.3E.x86_64.rpm
samba-common-3.0.4-6.3E.x86_64.rpm
samba-swat-3.0.4-6.3E.x86_64.rpm
SRPMS
samba-3.0.4-6.3E.src.rpm
i386
samba-3.0.4-6.3E.i386.rpm
samba-client-3.0.4-6.3E.i386.rpm
samba-common-3.0.4-6.3E.i386.rpm
samba-swat-3.0.4-6.3E.i386.rpm
samba-3.0.4-6.3E.i386.rpm
ia64
samba-3.0.4-6.3E.ia64.rpm
samba-client-3.0.4-6.3E.ia64.rpm
samba-common-3.0.4-6.3E.ia64.rpm
samba-swat-3.0.4-6.3E.ia64.rpm
https://rhn.redhat.com/

Red Hat Enterprise Linux WS (v. 3)
AMD64
samba-3.0.4-6.3E.x86_64.rpm
samba-client-3.0.4-6.3E.x86_64.rpm
samba-common-3.0.4-6.3E.x86_64.rpm
samba-swat-3.0.4-6.3E.x86_64.rpm
SRPMS
samba-3.0.4-6.3E.src.rpm
i386
samba-3.0.4-6.3E.i386.rpm
samba-client-3.0.4-6.3E.i386.rpm
samba-common-3.0.4-6.3E.i386.rpm
samba-swat-3.0.4-6.3E.i386.rpm
samba-3.0.4-6.3E.i386.rpm
ia64
samba-3.0.4-6.3E.ia64.rpm
samba-client-3.0.4-6.3E.ia64.rpm
samba-common-3.0.4-6.3E.ia64.rpm
samba-swat-3.0.4-6.3E.ia64.rpm
https://rhn.redhat.com/

Red Hat Enterprise Linux AS (v. 2.1)
SRPMS
samba-2.2.10-1.21as.1.src.rpm
i386
samba-2.2.10-1.21as.1.i386.rpm
samba-client-2.2.10-1.21as.1.i386.rpm
samba-common-2.2.10-1.21as.1.i386.rpm
samba-swat-2.2.10-1.21as.1.i386.rpm
ia64
samba-2.2.10-1.21as.1.ia64.rpm
samba-client-2.2.10-1.21as.1.ia64.rpm
samba-common-2.2.10-1.21as.1.ia64.rpm
samba-swat-2.2.10-1.21as.1.ia64.rpm
https://rhn.redhat.com/

Red Hat Enterprise Linux ES (v. 2.1)
SRPMS
samba-2.2.10-1.21as.1.src.rpm
i386
samba-2.2.10-1.21as.1.i386.rpm
samba-client-2.2.10-1.21as.1.i386.rpm
samba-common-2.2.10-1.21as.1.i386.rpm
samba-swat-2.2.10-1.21as.1.i386.rpm
https://rhn.redhat.com/

Red Hat Enterprise Linux WS (v. 2.1)
SRPMS
samba-2.2.10-1.21as.1.src.rpm
i386
samba-2.2.10-1.21as.1.i386.rpm
samba-client-2.2.10-1.21as.1.i386.rpm
samba-common-2.2.10-1.21as.1.i386.rpm
samba-swat-2.2.10-1.21as.1.i386.rpm
https://rhn.redhat.com/

Red Hat Linux Advanced Workstation 2.1 Itanium Processor
SRPMS
samba-2.2.10-1.21as.1.src.rpm
ia64
samba-2.2.10-1.21as.1.ia64.rpm
samba-client-2.2.10-1.21as.1.ia64.rpm
samba-common-2.2.10-1.21as.1.ia64.rpm
samba-swat-2.2.10-1.21as.1.ia64.rpm
https://rhn.redhat.com/

SUSE Linux

SUSE Linux 9.1
x86
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/samba-3.0.4-1.27.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/samba-client-3.0.4-1.27.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/samba-pdb-3.0.4-1.27.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/samba-python-3.0.4-1.27.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/samba-vscan-0.3.4-83.30.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/samba-winbind-3.0.4-1.27.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/samba-doc-3.0.4-1.12.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/libsmbclient-3.0.4-1.27.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/libsmbclient-devel-3.0.4-1.27.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/samba-3.0.4-1.27.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/samba-client-3.0.4-1.27.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/samba-pdb-3.0.4-1.27.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/samba-python-3.0.4-1.27.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/samba-vscan-0.3.4-83.30.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/samba-winbind-3.0.4-1.27.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/samba-doc-3.0.4-1.12.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/libsmbclient-3.0.4-1.27.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/libsmbclient-devel-3.0.4-1.27.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/samba-3.0.4-1.27.src.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/samba-3.0.4-1.27.src.rpm
x86-64
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/samba-3.0.4-1.27.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/samba-client-3.0.4-1.27.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/samba-pdb-3.0.4-1.27.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/samba-python-3.0.4-1.27.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/samba-vscan-0.3.4-83.30.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/samba-winbind-3.0.4-1.27.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/samba-doc-3.0.4-1.12.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/libsmbclient-3.0.4-1.27.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/libsmbclient-devel-3.0.4-1.27.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/samba-3.0.4-1.27.x86_64.patch.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/samba-client-3.0.4-1.27.x86_64.patch.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/samba-pdb-3.0.4-1.27.x86_64.patch.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/samba-python-3.0.4-1.27.x86_64.patch.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/samba-vscan-0.3.4-83.30.x86_64.patch.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/samba-winbind-3.0.4-1.27.x86_64.patch.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/samba-doc-3.0.4-1.12.x86_64.patch.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/libsmbclient-3.0.4-1.27.x86_64.patch.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/libsmbclient-devel-3.0.4-1.27.x86_64.patch.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/samba-3.0.4-1.27.src.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/samba-3.0.4-1.27.src.rpm

SUSE Linux 9.0
x86
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/samba-2.2.8a-220.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/samba-client-2.2.8a-220.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/libsmbclient-2.2.8a-220.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/libsmbclient-devel-2.2.8a-220.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/samba-2.2.8a-220.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/samba-client-2.2.8a-220.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/libsmbclient-2.2.8a-220.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/libsmbclient-devel-2.2.8a-220.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/samba-2.2.8a-220.src.rpm
x86-64
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/samba-2.2.8a-220.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/samba-client-2.2.8a-220.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/libsmbclient-2.2.8a-220.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/libsmbclient-devel-2.2.8a-220.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/samba-2.2.8a-220.x86_64.patch.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/samba-client-2.2.8a-220.x86_64.patch.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/libsmbclient-2.2.8a-220.x86_64.patch.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/libsmbclient-devel-2.2.8a-220.x86_64.patch.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/samba-2.2.8a-220.src.rpm

SUSE Linux 8.2
x86
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/samba-2.2.8a-220.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/samba-client-2.2.8a-220.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/samba-vscan-0.3.2a-273.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/samba-doc-2.2.8a-220.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/libsmbclient-2.2.8a-220.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/libsmbclient-devel-2.2.8a-220.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/samba-2.2.8a-220.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/samba-client-2.2.8a-220.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/samba-vscan-0.3.2a-273.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/samba-doc-2.2.8a-220.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/libsmbclient-2.2.8a-220.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/libsmbclient-devel-2.2.8a-220.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/samba-2.2.8a-220.src.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/samba-2.2.8a-218.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/samba-client-2.2.8a-218.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/samba-vscan-0.3.2a-271.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/samba-2.2.8a-218.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/samba-client-2.2.8a-218.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/samba-vscan-0.3.2a-271.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/samba-2.2.8a-218.src.rpm

HP-UX
HP-UX B.11.00, B.11.11 & B.11.23
http://software.hp.com

Sun

Solaris 9
SPARC - Parche 114684-03
x86 - Parche 114685-03
http://sunsolve.sun.com/pub-cgi/show.pl?target=patchpage

Solaris 10
SPARC - Parche 119757-01
x86 - Parche 119758-01
http://sunsolve.sun.com/pub-cgi/show.pl?target=patchpage

Identificadores estándar

Propiedad Valor
CVE CAN-2004-0686
BID

Recursos adicionales

Samba Security Releases 2.2.10
http://us1.samba.org/samba/whatsnew/samba-2.2.10.html

Samba Security Release 3.0.5
http://us1.samba.org/samba/whatsnew/samba-3.0.5.html

Mandrakesoft Security Advisory MDKSA-2004:071
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:071

Red Hat Security Advisory RHSA-2004-259.html
https://rhn.redhat.com/errata/RHSA-2004-259.html

Red Hat Security Advisory RHSA-2004:404-04
https://rhn.redhat.com/errata/RHSA-2004-404.html

SUSE Security Announcement SUSE-SA:2004:022
http://www.suse.de/de/security/2004_22_samba.html

HP SECURITY BULLETIN HPSBUX01062
http://www4.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01062

Sun(sm) Alert Notification 101584
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101584-1

Histórico de versiones

Versión Comentario Fecha
1.0 Aviso emitido 2004-07-23
1.1 Aviso emitido por SuSE (SUSE-SA:2004:022) 2004-07-26
1.2 Aviso emitido por Red Hat (RHSA-2004:404-04). Aviso emitido por HP (HPSBUX01062). 2004-07-27
1.3 Aviso emitido por HP (HPSBUX01062) 2004-08-09
1.4 Aviso emitido por Sun (57664) 2004-10-26
1.5 Nuevos parches emitidos por Sun (57664) 2005-01-10
1.6 Aviso actualizado por Sun (101584) 2005-06-14

Miembros de

Ministerio de Defensa
CNI
CCN
CCN-CERT