AnNyung Official Homepage Home > Update [ 1.3 ]  

HOME
What is AnNyung
Documents
Packages System
White Paper
Download
Update
  . 3.x [RSS]
  . 2.x [RSS]
  . 1.3 [RSS]
  . 1.2 [RSS]
  . 1.1 [RSS]
  . 1.0 [RSS]
FAQ
Hardware
RoadMap
Gallery

  Go oops.org
  AnNyung banner 88x31

  AnNyung 1 banner 80x15
  AnNyung 2 banner 80x15
  AnNyung 3 banner 80x15
  AnNyung banner 80x15
  AnNyung banner 80x15



samba 보안 업데이트 
Web Browser 로는 FTP 접속이 불가능 합니다.

문서번호 : 1260041814
업데이트 : 2009.12.06


상세내용

Security fix (중요)

. CVE-2009-1888
The acl_group_override function in smbd/posix_acls.c in smbd in Samba 3.0.x
before 3.0.35, 3.1.x and 3.2.x before 3.2.13, and 3.3.x before 3.3.6, when
dos filemode is enabled, allows remote attackers to modify access control
lists for files via vectors related to read access to uninitialized memory.
References

. CVE-2009-2813
Samba 3.4 before 3.4.2, 3.3 before 3.3.8, 3.2 before 3.2.15, and 3.0.12
through 3.0.36, as used in the SMB subsystem in Apple Mac OS X 10.5.8 when
Windows File Sharing is enabled, Fedora 11, and other operating systems,
does not properly handle errors in resolving pathnames, which allows remote
authenticated users to bypass intended sharing restrictions, and read,
create, or modify files, in certain circumstances involving user accounts
that lack home directories.

. CVE-2009-2906
smbd in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8, and
3.4 before 3.4.2 allows remote authenticated users to cause a denial of
service (infinite loop) via an unanticipated oplock break notification reply
packet.

. CVE-2009-2948
mount.cifs in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8
and 3.4 before 3.4.2, when mount.cifs is installed suid root, does not
properly enforce permissions, which allows local users to read part of the
credentials file and obtain the password by specifying the path to the
credentials file and using the --verbose or -v option.


Autoupdates 지원 : Packages System
    pkgadd -F "samba*"


update 패키지

  RPMS :

    . samba-common-3.0.33-0.18.el48.i686.rpm
    . samba-3.0.33-0.18.el48.i686.rpm
    . samba-clients-3.0.33-0.18.el48.i686.rpm
    . samba-swat-3.0.33-0.18.el48.i686.rpm

  SRPMS :

    . samba-3.0.33-0.18.el48.src.rpm


참고 : 없음
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1888
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2813
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2906
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2948


    

 Home > Update [ 1.3 ]
Copyright 2024 OOPS Development Organization 
LAST MODIFIED: 2018/04/10