Advisories, July 25, 2006

Jul 26, 2006, 03:45 (0 Talkback[s])

Gentoo Linux

Gentoo Linux Security Advisory GLSA 200607-09

http://security.gentoo.org/

Severity: High
Title: Wireshark: Multiple vulnerabilities
Date: July 25, 2006
Bugs: #140856
ID: 200607-09

Synopsis

Wireshark (formerly known as Ethereal) is vulnerable to several security issues, potentially allowing the execution of arbitrary code by a remote attacker.

Background

Wireshark, formerly known as Ethereal, is a popular network protocol analyzer.

Affected packages

     Package                 /   Vulnerable   /             Unaffected



  1  net-analyzer/wireshark       < 0.99.2                   >= 0.99.2
  2  net-analyzer/ethereal      <= 0.99.0-r1               Vulnerable!
    -------------------------------------------------------------------
     NOTE: Certain packages are still vulnerable. Users should migrate
           to another package if one is available or wait for the
           existing packages to be marked stable by their
           architecture maintainers.
    -------------------------------------------------------------------
     2 affected packages on all of their supported architectures.

Description

Wireshark dissectors have been found vulnerable to a large number of exploits, including off-by-one errors, buffer overflows, format string overflows and an infinite loop.

Impact

Running an affected version of Wireshark or Ethereal could allow for a remote attacker to execute arbitrary code on the user's computer by sending specially crafted packets.

Workaround

There is no known workaround at this time.

Resolution

All Wireshark users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=net-analyzer/wireshark-0.99.2"

All Ethereal users should migrate to Wireshark:

    # emerge --sync
    # emerge --ask --unmerge net-analyzer/ethereal
    # emerge --ask --oneshot --verbose ">=net-analyzer/wireshark-0.99.2"

To keep the [saved] configuration from Ethereal and reuse it with Wireshark:

    # mv ~/.ethereal ~/.wireshark

References

[ 1 ] Wireshark wnpa-sec-2006-01

http://www.wireshark.org/security/wnpa-sec-2006-01.html

[ 2 ] CVE-2006-3627

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3627

[ 3 ] CVE-2006-3628

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3628

[ 4 ] CVE-2006-3629

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3629

[ 5 ] CVE-2006-3630

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3630

[ 6 ] CVE-2006-3631

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3631

[ 7 ] CVE-2006-3632

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3632

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200607-09.xml

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

License

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory GLSA 200607-10

http://security.gentoo.org/

Severity: Normal
Title: Samba: Denial of Service vulnerability
Date: July 25, 2006
Bugs: #139369
ID: 200607-10

Synopsis

A large number of share connection requests could cause a Denial of Service within Samba.

Background

Samba is a freely available SMB/CIFS implementation which allows seamless interoperability of file and print services to other SMB/CIFS clients.

Affected packages

     Package       /   Vulnerable   /                       Unaffected

  1  net-fs/samba      < 3.0.22-r3                        >= 3.0.22-r3

Description

During an internal audit the Samba team discovered that a flaw in the way Samba stores share connection requests could lead to a Denial of Service.

Impact

By sending a large amount of share connection requests to a vulnerable Samba server, an attacker could cause a Denial of Service due to memory consumption.

Workaround

There is no known workaround at this time.

Resolution

All Samba users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=net-fs/samba-3.0.22-r3"

References

[ 1 ] CVE-2006-3403

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3403

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200607-10.xml

Concerns?

License

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5

Mandriva Linux

Mandriva Linux Security Advisory MDKSA-2006:131
http://www.mandriva.com/security/

Package : perl-Net-Server
Date : July 25, 2006
Affected: Corporate 3.0

Problem Description:

Peter Bieringer discovered a flaw in the perl Net::Server module where the "log" function was not safe against format string exploits in version 0.87 and earlier.

Updated packages have been patched to correct this issue.

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1127

Updated Packages:

Corporate 3.0:
33e4382b4ad9bf5a1894298a468895e8 corporate/3.0/RPMS/perl-Net-Server-0.85-3.1.C30mdk.noarch.rpm
9294cea422b1a149b5a13ad4f8824780 corporate/3.0/SRPMS/perl-Net-Server-0.85-3.1.C30mdk.src.rpm

Corporate 3.0/X86_64:
891bb910d688342cf8a9fde373694b70 x86_64/corporate/3.0/RPMS/perl-Net-Server-0.85-3.1.C30mdk.noarch.rpm
9294cea422b1a149b5a13ad4f8824780 x86_64/corporate/3.0/SRPMS/perl-Net-Server-0.85-3.1.C30mdk.src.rpm

To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com>

Red Hat Linux

Red Hat Security Advisory

Synopsis: Moderate: php security update
Advisory ID: RHSA-2006:0567-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0567.html
Issue date: 2006-07-25
Updated on: 2006-07-25
Product: Red Hat Enterprise Linux
CVE Names: CVE-2002-2214 CVE-2006-1494 CVE-2006-3017

1. Summary:

Updated PHP packages that fix multiple security issues are now available for Red Hat Enterprise Linux 2.1

This update has been rated as having moderate security impact by the Red Hat Security Response Team.

2. Relevant releases/architectures:

3. Problem description:

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server.

A flaw was found in the zend_hash_del() PHP function. For PHP scripts that rely on the use of the unset() function, a remote attacker could force variable initialization to be bypassed. This would be a security issue particularly for installations that enable the "register_globals" setting. "register_globals" is disabled by default in Red Hat Enterprise Linux. (CVE-2006-3017)

A directory traversal vulnerability was found in PHP. Local users could bypass open_basedir restrictions allowing remote attackers to create files in arbitrary directories via the tempnam() function. (CVE-2006-1494)

A flaw was found in the PHP IMAP MIME header decoding function. An attacker could craft a message with an overly long header which caused PHP to crash. (CVE-2002-2214)

Users of PHP should upgrade to these updated packages, which contain backported patches that resolve these issues.

4. Solution:

Before applying this update, make sure all previously released errata relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

195495 - CVE-2002-2214 php imap To header buffer overflow
196257 - CVE-2006-3017 zend_hash_del bug
197050 - CVE-2006-1494 PHP tempname open_basedir issue

6. RPMs required:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/php-4.1.2-2.8.src.rpm
b00da9890a6407ceeefde6af712335a8 php-4.1.2-2.8.src.rpm

i386:
49c5170d0254ab6852ed1a0ec99ee005 php-4.1.2-2.8.i386.rpm
fbbf8ecb1d8212fb61ab03cb582fa6ba php-devel-4.1.2-2.8.i386.rpm
a8cc27adc804ac40f5530f5bc305209b php-imap-4.1.2-2.8.i386.rpm
2b9e509db230478986a620bccf3c3595 php-ldap-4.1.2-2.8.i386.rpm
296c22cd73b830fc0455a3cc00b38858 php-manual-4.1.2-2.8.i386.rpm
a083c9ad5a0aef8c528abb1123bb88aa php-mysql-4.1.2-2.8.i386.rpm
7df60aec5a0b642ea6e8fcb8ae4e0bc4 php-odbc-4.1.2-2.8.i386.rpm
bdbfcb35354ad079d4a15a4054f2caf8 php-pgsql-4.1.2-2.8.i386.rpm

ia64:
0de57ca1d1f8ad29f509288a9c67f501 php-4.1.2-2.8.ia64.rpm
b386f3eacea485b36525055006fa89c5 php-devel-4.1.2-2.8.ia64.rpm
91b7f7262828ad5c9f17d8e1e02bd9e1 php-imap-4.1.2-2.8.ia64.rpm
bb5d71d5964ed4e3ebaba5c1e755599c php-ldap-4.1.2-2.8.ia64.rpm
2d1d721016880e26c041d36af289288f php-manual-4.1.2-2.8.ia64.rpm
74de741c6420b49591eb82e8d3109286 php-mysql-4.1.2-2.8.ia64.rpm
ac98627c368011e8bc123fab619131fa php-odbc-4.1.2-2.8.ia64.rpm
101f908d73b7182821a6ca553df4c3f5 php-pgsql-4.1.2-2.8.ia64.rpm

Red Hat Linux Advanced Workstation 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/php-4.1.2-2.8.src.rpm
b00da9890a6407ceeefde6af712335a8 php-4.1.2-2.8.src.rpm

Red Hat Enterprise Linux ES version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/php-4.1.2-2.8.src.rpm
b00da9890a6407ceeefde6af712335a8 php-4.1.2-2.8.src.rpm

Red Hat Enterprise Linux WS version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/php-4.1.2-2.8.src.rpm
b00da9890a6407ceeefde6af712335a8 php-4.1.2-2.8.src.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2214
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1494
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3017
http://www.php.net/register_globals
http://www.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/

Red Hat Security Advisory

Synopsis: Moderate: kdebase security fix
Advisory ID: RHSA-2006:0576-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0576.html
Issue date: 2006-07-25
Updated on: 2006-07-25
Product: Red Hat Enterprise Linux
CVE Names: CVE-2006-2933

1. Summary:

Updated kdebase packages that resolve a security issue are now available.

This update has been rated as having moderate security impact by the Red Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64

3. Problem description:

The kdebase packages provide the core applications for KDE, the K Desktop Environment.

A flaw was found in KDE where the kdesktop_lock process sometimes failed to terminate properly. This issue could either block the user's ability to manually lock the desktop or prevent the screensaver to activate, both of which could have a security impact for users who rely on these functionalities.
(CVE-2006-2933)

Please note that this issue only affected Red Hat Enterprise Linux 3.

All users of kdebase should upgrade to these updated packages, which contain a patch to resolve this issue.

4. Solution:

Before applying this update, make sure all previously released errata relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

177755 - CVE-2006-2933 occasionally KDE screensaver fails to start

6. RPMs required:

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/kdebase-3.1.3-5.11.src.rpm
6aa3d3f78de7c533e3e6da39794180b2 kdebase-3.1.3-5.11.src.rpm

i386:
118df2b4ac6ab1a4676aa14142f98a09 kdebase-3.1.3-5.11.i386.rpm
a7867ecf99c15ece76eddba8638db7f8 kdebase-debuginfo-3.1.3-5.11.i386.rpm
2ac5719bfa079d8b71371fc90db9f3a9 kdebase-devel-3.1.3-5.11.i386.rpm

ia64:
118df2b4ac6ab1a4676aa14142f98a09 kdebase-3.1.3-5.11.i386.rpm
c720754146a4aa60a4560deb5f6d5eb9 kdebase-3.1.3-5.11.ia64.rpm
a7867ecf99c15ece76eddba8638db7f8 kdebase-debuginfo-3.1.3-5.11.i386.rpm
1cd0f69d9747fbe6c7215e4dabf0a900 kdebase-debuginfo-3.1.3-5.11.ia64.rpm
7266920d22b20b1464ffc37967877ff3 kdebase-devel-3.1.3-5.11.ia64.rpm

ppc:
3420be20d8e4b4570accf770e7905571 kdebase-3.1.3-5.11.ppc.rpm
e239a86189994c13fd353b979267ff36 kdebase-3.1.3-5.11.ppc64.rpm
fa912974f196e8b380aefeb5f101909b kdebase-debuginfo-3.1.3-5.11.ppc.rpm
0fd6a138fbec5a56c34f1d1464657791 kdebase-debuginfo-3.1.3-5.11.ppc64.rpm
d3647bcc06b9b910a0c4fada87d890be kdebase-devel-3.1.3-5.11.ppc.rpm

s390:
fcdf461eb6d600e1f948a3b92ba6a950 kdebase-3.1.3-5.11.s390.rpm
b0b87ea5d1a66b74eb2a56420f54af0f kdebase-debuginfo-3.1.3-5.11.s390.rpm
ab4603381ccf4debd2751a8b8a19c1b9 kdebase-devel-3.1.3-5.11.s390.rpm

s390x:
fcdf461eb6d600e1f948a3b92ba6a950 kdebase-3.1.3-5.11.s390.rpm
3d4f0c441b88e6252cd0b586087b8bb5 kdebase-3.1.3-5.11.s390x.rpm
b0b87ea5d1a66b74eb2a56420f54af0f kdebase-debuginfo-3.1.3-5.11.s390.rpm
d16ac48faa1d513de50d7e8fe1a4c3a4 kdebase-debuginfo-3.1.3-5.11.s390x.rpm
a8423c6093ddab102a593e4e655fea16 kdebase-devel-3.1.3-5.11.s390x.rpm

x86_64:
118df2b4ac6ab1a4676aa14142f98a09 kdebase-3.1.3-5.11.i386.rpm
de315cd2a571e45b4d3e9e4b20f817fd kdebase-3.1.3-5.11.x86_64.rpm
a7867ecf99c15ece76eddba8638db7f8 kdebase-debuginfo-3.1.3-5.11.i386.rpm
e0f0717146bc051a55425ddd812a023e kdebase-debuginfo-3.1.3-5.11.x86_64.rpm
6b940119787351acbd6ef2ea470f4d13 kdebase-devel-3.1.3-5.11.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/kdebase-3.1.3-5.11.src.rpm
6aa3d3f78de7c533e3e6da39794180b2 kdebase-3.1.3-5.11.src.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/kdebase-3.1.3-5.11.src.rpm
6aa3d3f78de7c533e3e6da39794180b2 kdebase-3.1.3-5.11.src.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/kdebase-3.1.3-5.11.src.rpm
6aa3d3f78de7c533e3e6da39794180b2 kdebase-3.1.3-5.11.src.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2933
http://www.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/

Red Hat Security Advisory

Synopsis: Important: samba security update
Advisory ID: RHSA-2006:0591-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0591.html
Issue date: 2006-07-25
Updated on: 2006-07-25
Product: Red Hat Enterprise Linux
CVE Names: CVE-2006-3403

1. Summary:

Updated samba packages that fix a denial of service vulnerability are now available.

This update has been rated as having important security impact by the Red Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Problem description:

Samba provides file and printer sharing services to SMB/CIFS clients.

A denial of service bug was found in the way the smbd daemon tracks active connections to shares. It was possible for a remote attacker to cause the smbd daemon to consume a large amount of system memory by sending carefully crafted smb requests. (CVE-2006-3403)

Users of Samba are advised to upgrade to these packages, which contain a backported patch to correct this issue.

4. Solution:

Before applying this update, make sure all previously released errata relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

197836 - CVE-2006-3403 Samba denial of service

6. RPMs required:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/samba-2.2.12-1.21as.5.src.rpm
744771460c14a1af1b58e82ec52cb6a5 samba-2.2.12-1.21as.5.src.rpm

i386:
c04ce6edfe57da898769cb29454d09c9 samba-2.2.12-1.21as.5.i386.rpm
fa9bab9c09624e93d40025a7d06db389 samba-client-2.2.12-1.21as.5.i386.rpm
744c5053e812e7bf8a7bb61fd5b4dce4 samba-common-2.2.12-1.21as.5.i386.rpm
4214be9c3ab7096b58a86801983bd5c6 samba-swat-2.2.12-1.21as.5.i386.rpm

ia64:
cf8e05d8735bb3c08229f871afd0089d samba-2.2.12-1.21as.5.ia64.rpm
92ae124fb9f103e979f558278c78e90d samba-client-2.2.12-1.21as.5.ia64.rpm
8dff37f2d3cf2174f4975f85862d97d7 samba-common-2.2.12-1.21as.5.ia64.rpm
60b1b37841a5aea18f3d1837337e7545 samba-swat-2.2.12-1.21as.5.ia64.rpm

Red Hat Linux Advanced Workstation 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/samba-2.2.12-1.21as.5.src.rpm
744771460c14a1af1b58e82ec52cb6a5 samba-2.2.12-1.21as.5.src.rpm

Red Hat Enterprise Linux ES version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/samba-2.2.12-1.21as.5.src.rpm
744771460c14a1af1b58e82ec52cb6a5 samba-2.2.12-1.21as.5.src.rpm

Red Hat Enterprise Linux WS version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/samba-2.2.12-1.21as.5.src.rpm
744771460c14a1af1b58e82ec52cb6a5 samba-2.2.12-1.21as.5.src.rpm

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/samba-3.0.9-1.3E.10.src.rpm
ff01b3cb9e7a235e85bfcb934fcd0b52 samba-3.0.9-1.3E.10.src.rpm

i386:
afe7f51705750af98376d4b72eab0e3a samba-3.0.9-1.3E.10.i386.rpm
dfc3dbca60435d016690ea7b78ced477 samba-client-3.0.9-1.3E.10.i386.rpm
01b088d2928e3957c40f6290ab067be6 samba-common-3.0.9-1.3E.10.i386.rpm
88aae1da964dc7499c39f19cd3852160 samba-debuginfo-3.0.9-1.3E.10.i386.rpm
030c6a9c4f242afc59f7eb6ce2024480 samba-swat-3.0.9-1.3E.10.i386.rpm

ia64:
afe7f51705750af98376d4b72eab0e3a samba-3.0.9-1.3E.10.i386.rpm
0934a9f9a74a205a81eda7296c6031a8 samba-3.0.9-1.3E.10.ia64.rpm
b0310000d5fb345ca6c16428afbf1032 samba-client-3.0.9-1.3E.10.ia64.rpm
01b088d2928e3957c40f6290ab067be6 samba-common-3.0.9-1.3E.10.i386.rpm
33585206d76cec5b6293bc10fcc9681d samba-common-3.0.9-1.3E.10.ia64.rpm
88aae1da964dc7499c39f19cd3852160 samba-debuginfo-3.0.9-1.3E.10.i386.rpm
136862188a0e579e3868ee05a62b8c76 samba-debuginfo-3.0.9-1.3E.10.ia64.rpm
c39bf636ea6434b2e241446d5b51fa9c samba-swat-3.0.9-1.3E.10.ia64.rpm

ppc:
8c51b16445534cc7a4ca49eb5cd4890a samba-3.0.9-1.3E.10.ppc.rpm
5766e87f7ea6d1e0c36f53fb4b61bcbb samba-3.0.9-1.3E.10.ppc64.rpm
d3971637751b9653dbb8e638a54846c0 samba-client-3.0.9-1.3E.10.ppc.rpm
d06644b9dc4d459f55c6ba6a2bdd5100 samba-common-3.0.9-1.3E.10.ppc.rpm
4210cb3f8eef958db98543262972beb2 samba-common-3.0.9-1.3E.10.ppc64.rpm
0ce017ed576f45f138f1831fa9bade65 samba-debuginfo-3.0.9-1.3E.10.ppc.rpm
d8617da5ffc7af1d10c3a12fce6435dc samba-debuginfo-3.0.9-1.3E.10.ppc64.rpm
930bb7cdcd5bd0e2214254f96c3f7ce2 samba-swat-3.0.9-1.3E.10.ppc.rpm

s390:
6e6e3c6b46ad6b30e7ba6e40be69f73a samba-3.0.9-1.3E.10.s390.rpm
a0c6e17b4ea40829adb1ff425b2c67c6 samba-client-3.0.9-1.3E.10.s390.rpm
bd7a20a3222cfcb057a3dbda23cf2341 samba-common-3.0.9-1.3E.10.s390.rpm
ad3aef6016c84e226b509f8a830b561c samba-debuginfo-3.0.9-1.3E.10.s390.rpm
37122bfe4d8708d230ca6547996bf994 samba-swat-3.0.9-1.3E.10.s390.rpm

s390x:
6e6e3c6b46ad6b30e7ba6e40be69f73a samba-3.0.9-1.3E.10.s390.rpm
0618de37f16ea17d7566bcfd05f93472 samba-3.0.9-1.3E.10.s390x.rpm
e70a8e4d68d8bf921ee7551fcb24cd02 samba-client-3.0.9-1.3E.10.s390x.rpm
bd7a20a3222cfcb057a3dbda23cf2341 samba-common-3.0.9-1.3E.10.s390.rpm
d9a8d3539074074cb36ddc72c681b271 samba-common-3.0.9-1.3E.10.s390x.rpm
ad3aef6016c84e226b509f8a830b561c samba-debuginfo-3.0.9-1.3E.10.s390.rpm
f6c1f150521cb885982550eab0145040 samba-debuginfo-3.0.9-1.3E.10.s390x.rpm
3da9025363680629381f971a828d302e samba-swat-3.0.9-1.3E.10.s390x.rpm

x86_64:
afe7f51705750af98376d4b72eab0e3a samba-3.0.9-1.3E.10.i386.rpm
ca7e3c02f8dbd7f03d01e467489c34cd samba-3.0.9-1.3E.10.x86_64.rpm
3294ec6317982be1ebbd842d9e1852b0 samba-client-3.0.9-1.3E.10.x86_64.rpm
01b088d2928e3957c40f6290ab067be6 samba-common-3.0.9-1.3E.10.i386.rpm
dbd68f6c8e315652958674ebf2c62e08 samba-common-3.0.9-1.3E.10.x86_64.rpm
88aae1da964dc7499c39f19cd3852160 samba-debuginfo-3.0.9-1.3E.10.i386.rpm
76ccf3614c28cec60d8b362ffb599a2d samba-debuginfo-3.0.9-1.3E.10.x86_64.rpm
b303f8dbf6ecf83859663df1100410af samba-swat-3.0.9-1.3E.10.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/samba-3.0.9-1.3E.10.src.rpm
ff01b3cb9e7a235e85bfcb934fcd0b52 samba-3.0.9-1.3E.10.src.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/samba-3.0.9-1.3E.10.src.rpm
ff01b3cb9e7a235e85bfcb934fcd0b52 samba-3.0.9-1.3E.10.src.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/samba-3.0.9-1.3E.10.src.rpm
ff01b3cb9e7a235e85bfcb934fcd0b52 samba-3.0.9-1.3E.10.src.rpm

Red Hat Enterprise Linux AS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/samba-3.0.10-1.4E.6.2.src.rpm
9724ce298ee37a3e378822a57a0a33dc samba-3.0.10-1.4E.6.2.src.rpm

i386:
dfa53665255d6fd2ffdebfee99d5a3b0 samba-3.0.10-1.4E.6.2.i386.rpm
36b1cd36740619f3d5b41c008135c502 samba-client-3.0.10-1.4E.6.2.i386.rpm
61e19ce7eef9aaaf74da73b84f29f3c0 samba-common-3.0.10-1.4E.6.2.i386.rpm
d072ae1cf3acf0670c5b7444315fe34c samba-debuginfo-3.0.10-1.4E.6.2.i386.rpm
e53a6a487263b67389d18866c2330179 samba-swat-3.0.10-1.4E.6.2.i386.rpm

ia64:
401077259ed47bbdb87cf6e206700b09 samba-3.0.10-1.4E.6.2.ia64.rpm
b73c189d7acc898a325d83e4147fe98c samba-client-3.0.10-1.4E.6.2.ia64.rpm
61e19ce7eef9aaaf74da73b84f29f3c0 samba-common-3.0.10-1.4E.6.2.i386.rpm
c7f3795dfff3cce6e26e0e2acc6b86c1 samba-common-3.0.10-1.4E.6.2.ia64.rpm
d072ae1cf3acf0670c5b7444315fe34c samba-debuginfo-3.0.10-1.4E.6.2.i386.rpm
9a3ba9c8f3440192ab3e2270476677e9 samba-debuginfo-3.0.10-1.4E.6.2.ia64.rpm
a6c6a9d55966afc8f8fe0fd0a554208d samba-swat-3.0.10-1.4E.6.2.ia64.rpm

ppc:
095b804edce6df4d9d0b99bed6222e5e samba-3.0.10-1.4E.6.2.ppc.rpm
417f79b512bd1492727f0a22eadfe57a samba-client-3.0.10-1.4E.6.2.ppc.rpm
0d6d8f0a479c9d5f0e0e1603d66d69c6 samba-common-3.0.10-1.4E.6.2.ppc.rpm
63418d744a15848b48779088a186d6a6 samba-common-3.0.10-1.4E.6.2.ppc64.rpm
aef0ed460ec84db98a363bfe86d9b2b3 samba-debuginfo-3.0.10-1.4E.6.2.ppc.rpm
abfaff84ee6f7690dd71262aed7882fe samba-debuginfo-3.0.10-1.4E.6.2.ppc64.rpm
583ff31d946f8fd96a7581aaa71ec77d samba-swat-3.0.10-1.4E.6.2.ppc.rpm

s390:
84f7081f936aecba3606d09ff3ea6716 samba-3.0.10-1.4E.6.2.s390.rpm
9ab1de15d5582517f8e4b6348f789961 samba-client-3.0.10-1.4E.6.2.s390.rpm
362db413cd4d3069a2ba757322d11581 samba-common-3.0.10-1.4E.6.2.s390.rpm
a2319d41a91b6e67bba4bfa8e3b7cf08 samba-debuginfo-3.0.10-1.4E.6.2.s390.rpm
6b3b3607acd87505660c97c753c6f8e5 samba-swat-3.0.10-1.4E.6.2.s390.rpm

s390x:
381aad2d50b8fe55c7a0aaaca2c956c1 samba-3.0.10-1.4E.6.2.s390x.rpm
27c38f6e43ac9032c760456eadeaf4b3 samba-client-3.0.10-1.4E.6.2.s390x.rpm
362db413cd4d3069a2ba757322d11581 samba-common-3.0.10-1.4E.6.2.s390.rpm
62ca657bff33fabe5df0ebc18fd58589 samba-common-3.0.10-1.4E.6.2.s390x.rpm
a2319d41a91b6e67bba4bfa8e3b7cf08 samba-debuginfo-3.0.10-1.4E.6.2.s390.rpm
02941354da6f7e04d0b3cf046cf4434e samba-debuginfo-3.0.10-1.4E.6.2.s390x.rpm
91b3a34774aa143e017a158906ae4fc5 samba-swat-3.0.10-1.4E.6.2.s390x.rpm

x86_64:
414a2986d5bf7a466a39826ecf6ed1c6 samba-3.0.10-1.4E.6.2.x86_64.rpm
caab365161a896c72ee7cb1238307cb9 samba-client-3.0.10-1.4E.6.2.x86_64.rpm
61e19ce7eef9aaaf74da73b84f29f3c0 samba-common-3.0.10-1.4E.6.2.i386.rpm
4686784c27aefc4acef6e7ffeb82adef samba-common-3.0.10-1.4E.6.2.x86_64.rpm
d072ae1cf3acf0670c5b7444315fe34c samba-debuginfo-3.0.10-1.4E.6.2.i386.rpm
b389651d0ecdf7efdc5c9b4de9f4ded2 samba-debuginfo-3.0.10-1.4E.6.2.x86_64.rpm
e9687c733040c725360ffae580b4c66c samba-swat-3.0.10-1.4E.6.2.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/samba-3.0.10-1.4E.6.2.src.rpm
9724ce298ee37a3e378822a57a0a33dc samba-3.0.10-1.4E.6.2.src.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/samba-3.0.10-1.4E.6.2.src.rpm
9724ce298ee37a3e378822a57a0a33dc samba-3.0.10-1.4E.6.2.src.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/samba-3.0.10-1.4E.6.2.src.rpm
9724ce298ee37a3e378822a57a0a33dc samba-3.0.10-1.4E.6.2.src.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3403
http://www.samba.org/samba/security/CAN-2006-3403.html
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/

Ubuntu Linux

Ubuntu Security Notice USN-296-2

Top White Papers

Subscribe to Our Daily Newsletter

Current Newswire:

More on LinuxToday

Advisories, July 25, 2006

Gentoo Linux

Synopsis

Background

Affected packages

Description

Impact

Workaround

Resolution

References

Availability

Concerns?

License

Synopsis

Background

Affected packages

Description

Impact

Workaround

Resolution

References

Availability

Concerns?

License

Mandriva Linux

Red Hat Linux

Ubuntu Linux