---

Home Security

Suid problem in samba as shipped with Caldera

By

—–BEGIN PGP SIGNED MESSAGE—– Subject: Caldera Security
Advisory SA-1998.35: Suid problem in samba Topic: Suid problem in
samba Advisory issue date: 20 Nov 1998 I. Problem Description The
problem is the installation permissions of the wsmbconf binary. The
RPM installs wsmbconf as a setgid binary owned by group root and
executable by all users. The wsmbconf program was a prototype
application and was never meant to make its way into a Samba
release. It was not designed to be setgid and is vulnerable to
attack by local users when installed setgid. II. Impact
Non-privileged users can use wsmbconf to gain read/write access to
any file which is accessible to the root group. Description:
Vulnerable Systems: OpenLinux 1.0, 1.1, 1.2 & 1.3 systems using
a samba package prior to samba-1.9.18p10-1. III. Solution
Workaround: All systems on which the Samba RPM are installed should
immediately remove the file /usr/sbin/wsmbconf: rm -f
/usr/sbin/wsmbconf removing this file will not in any way adversely
affect your Samba installation as the file is not actually part of
Samba 1.9.18p10. Correction: The proper solution is to upgrade to
the samba-1.9.18p10-1 packages. They can be found on Caldera’s FTP
site at: ftp://ftp.caldera.com/pub/OpenLinux/updates/1.3/007/RPMS
The corresponding source code can be found at:
ftp://ftp.caldera.com/pub/OpenLinux/updates/1.3/007/SRPMS The MD5
checksums (from the “md5sum” command) for these packages are:
e3f2fe967ccc19a3bb81979dac13c551 RPMS/samba-1.9.18p10-1.i386.rpm
cba3bd97896ed4099d516750b4c878cf SRPMS/samba-1.9.18p10-1.src.rpm
Upgrade with the following commands: rpm -q samba && rpm -U
samba-1.9.18p10.i386.rpm IV. References This and other Caldera
security resources are located at:
http://www.caldera.com/news/security/index.html This security fix
closes Caldera’s internal Problem Report 4195. —–BEGIN PGP
SIGNATURE—– Version: 2.6.3i Charset: noconv
iQCVAwUBNlRrDen+9R4958LpAQF/hgQAiFndAi2nI5ivmM+4OUAbPQ+fQ/+Gepdr
KNfsqLmJnmcYiFU0jIlvDIWQ6wHH71iF0v36lt/uuNgXkHvEk7pZu82XR0YneKOR
qa5n/VCpymsVyBPXKo5Rlm+18QmtO/ew76d2eAUFD0gI7MGK7IlgYT0hPodl0uKc
dg4N71lyP5c= =5upH —–END PGP SIGNATURE—–

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis

Must Read

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

Our Brands

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.