Vulnerability Assessment & Network Security Forums

If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.

Home >> Browse Vulnerability Assessment Database >> SuSE Local Security Checks >> SUSE-SA:2002:045: samba

Vulnerability Assessment Details

SUSE-SA:2002:045: samba

Vulnerability Assessment Summary
Check for the version of the samba package

Detailed Explanation for this Vulnerability Assessment

The remote host is missing the patch for the advisory SUSE-SA:2002:045 (samba).

Samba developer Steve Langasek found a security problem in samba, the
widely known free implementation of the SMB protocol.

The error consists of a buffer overflow in a commonly used routine
that accepts user input and may write up to 127 bytes past the end of
the buffer allocated with static length, leaving enough room for
an exploit. The resulting vulnerability can be exploited locally
in applications using the pam_smbpass Pluggable Authentication Module
(PAM). It may be possible to exploit this vulnerability remotely,
causing the running smbd to crash or even to execute arbitrary code.

The samba package is installed by default only on the SUSE LINUX
Enterprise Server. SUSE LINUX products do not have the samba and
samba-client packages installed by default.
The samba packages in SUSE LINUX version 7.1 and before are not affected
by this vulnerability.
For the bug to be exploited, your system has to be running the smbd
samba server, or an administrator must have (manually) changed the
configuration of the PAM authentification subsystem to enable the use
of the pam_smbpass module. The samba server process(es) are not activated
automatically after installation (of the package).

The samba subsystem on SUSE products is split into two different
subpackages: samba and smbclnt up to and including SUSE LINUX 7.2, on
SUSE LINUX 7.3 and newer the package names are samba and samba-client.
To completely remove the vulnerability, you should update all of the
installed packages.

We wish to express our gratitude to the samba development team and
in particular to Steve Langasek and Volker Lendecke who provided the
patches and communicated them to the vendors. Please know that the
samba team will release the new version 2.2.7 of the samba software to
address the security fix at the same time as this announcement gets
published. More information about samba (and the security fix) is
available at

Please download the update package for your distribution and verify its
integrity by the methods listed in section 3) of this announcement.
Then, install the package using the command 'rpm -Fhv file.rpm' to apply
the update.

Solution :
Network Security Threat Level: High

Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2004 Tenable Network Security

Cables, Connectors

1U Server IBM System x3530 M3 8-Core 2x QC Xeon E5620 2.4GHz 2GB M1015
1U Server IBM System x3530 M3 8-Core 2x QC Xeon E5620 2.4GHz 2GB M1015 pictureLOT OF 8 IBM 08L7828 08L7829 05J8007 05J8006 7133-D40 SERVER FILLER TRAY
LOT OF 8 IBM 08L7828 08L7829 05J8007 05J8006 7133-D40 SERVER FILLER TRAY pictureIBM System Computer X3400 XEON Server Desktop UNTESTED *of 14f
IBM System Computer X3400 XEON Server Desktop  UNTESTED  *of 14f pictureIBM X3650 32 Server Access Rail Kit, 00D9375
IBM X3650 32 Server Access Rail Kit, 00D9375 picture


No Discussions have been posted on this vulnerability.