samba 보안 업데이트
Web Browser 로는 FTP 접속이 불가능 합니다.
문서번호 : 1260041814
업데이트 : 2009.12.06
상세내용
Security fix (중요)
. CVE-2009-1888
The acl_group_override function in smbd/posix_acls.c in smbd in Samba 3.0.x
before 3.0.35, 3.1.x and 3.2.x before 3.2.13, and 3.3.x before 3.3.6, when
dos filemode is enabled, allows remote attackers to modify access control
lists for files via vectors related to read access to uninitialized memory.
References
. CVE-2009-2813
Samba 3.4 before 3.4.2, 3.3 before 3.3.8, 3.2 before 3.2.15, and 3.0.12
through 3.0.36, as used in the SMB subsystem in Apple Mac OS X 10.5.8 when
Windows File Sharing is enabled, Fedora 11, and other operating systems,
does not properly handle errors in resolving pathnames, which allows remote
authenticated users to bypass intended sharing restrictions, and read,
create, or modify files, in certain circumstances involving user accounts
that lack home directories.
. CVE-2009-2906
smbd in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8, and
3.4 before 3.4.2 allows remote authenticated users to cause a denial of
service (infinite loop) via an unanticipated oplock break notification reply
packet.
. CVE-2009-2948
mount.cifs in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8
and 3.4 before 3.4.2, when mount.cifs is installed suid root, does not
properly enforce permissions, which allows local users to read part of the
credentials file and obtain the password by specifying the path to the
credentials file and using the --verbose or -v option.
Autoupdates 지원 : Packages System
pkgadd -F "samba*"
update 패키지
RPMS :
. samba-common-3.0.33-0.18.el48.i686.rpm
. samba-3.0.33-0.18.el48.i686.rpm
. samba-clients-3.0.33-0.18.el48.i686.rpm
. samba-swat-3.0.33-0.18.el48.i686.rpm
SRPMS :
. samba-3.0.33-0.18.el48.src.rpm
참고 : 없음
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1888
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2813
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2906
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2948
|