The OpenPKG Project Information for VU#958321
Samba contains a remotely exploitable stack buffer overflow
- Vendor Information Help Date Notified:
- Statement Date:
- Date Updated: 13 Dec 2002
-----BEGIN PGP SIGNED MESSAGE-----
OpenPKG Security Advisory The OpenPKG Project
Vulnerability: code execution, root exploit
OpenPKG Specific: no
Dependent Packages: none
Affected Releases: Affected Packages: Corrected Packages:
OpenPKG 1.0 <= samba-2.2.2-1.0.0 >= samba-2.2.2-1.0.1
OpenPKG 1.1 <= samba-2.2.5-1.1.0 >= samba-2.2.5-1.1.1
OpenPKG CURRENT <= samba-2.2.6-20021017 >= samba-2.2.7-20021120
A vulnerability in Samba  versions 2.2.2 through 2.2.6 was
discovered by the Debian Samba maintainers . A bug in the
length checking for encrypted password change requests from clients
could be exploited using a buffer overrun attack on the smbd(8)
stack. This attack would have to be crafted in such a way that
converting a DOS codepage string to little endian UCS2 unicode
would translate into an executable block of code.
Check whether you are affected by running "<prefix>/bin/rpm -q
samba". If you have an affected version of the samba package (see
above), please upgrade it according to the solution below.
Update existing packages to newly patched versions of Samba. Select the
updated source RPM appropriate for your OpenPKG release , and
fetch it from the OpenPKG FTP service or a mirror location. Verify its
integrity , build a corresponding binary RPM from it and update your
OpenPKG installation by applying the binary RPM . For the latest
OpenPKG 1.1 release, perform the following operations to permanently fix
the security problem (for other releases adjust accordingly).
$ ftp ftp.openpkg.org
ftp> cd release/1.1/UPD
ftp> get samba-2.2.5-1.1.1.src.rpm
$ <prefix>/bin/rpm -v --checksig samba-2.2.5-1.1.1.src.rpm
$ <prefix>/bin/rpm --rebuild samba-2.2.5-1.1.1.src.rpm
$ su -
# <prefix>/bin/rpm -Fvh <prefix>/RPM/PKG/samba-2.2.5-1.1.1.*.rpm
# <prefix>/etc/rc samba stop start
For security reasons, this advisory was digitally signed with
the OpenPGP public key "OpenPKG <email@example.com>" (ID 63C4CB9F)
of the OpenPKG project which you can find under the official URL
http://www.openpkg.org/openpkg.pgp or on http://keyserver.pgp.com/. To
check the integrity of this advisory, verify its digital signature by
using GnuPG (http://www.gnupg.org/). For example, pipe this message to
the command "gpg --verify --keyserver keyserver.pgp.com".
-----BEGIN PGP SIGNATURE-----
Comment: OpenPKG <firstname.lastname@example.org>
-----END PGP SIGNATURE-----
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.