Detections
Analytics

Mandrake Linux Security Advisory : samba (MDKSA-2004:071)

critical Nessus Plugin ID 14170

Synopsis

The remote Mandrake Linux host is missing one or more security updates.

Description

A vulnerability was discovered in SWAT, the Samba Web Administration Tool. The routine used to decode the base64 data during HTTP basic authentication is subject to a buffer overrun caused by an invalid base64 character. This same code is also used to internally decode the sambaMungedDial attribute value when using the ldapsam passdb backend, and to decode input given to the ntlm_auth tool.

This vulnerability only exists in Samba versions 3.0.2 or later; the 3.0.5 release fixes the vulnerability. Systems using SWAT, the ldapsam passdb backend, and tose running winbindd and allowing third- party applications to issue authentication requests via ntlm_auth tool should upgrade immediately. (CVE-2004-0600)

A buffer overrun has been located in the code used to support the 'mangling method = hash' smb.conf option. Please be aware that the default setting for this parameter is 'mangling method = hash2' and therefore not vulnerable. This bug is present in Samba 3.0.0 and later, as well as Samba 2.2.X (CVE-2004-0686)

This update also fixes a bug where attempting to print in some cases would cause smbd to exit with a signal 11.

Solution

Update the affected packages.

Plugin Details

Severity: Critical

ID: 14170

File Name: mandrake_MDKSA-2004-071.nasl

Version: 1.19

Type: local

Published: 7/31/2004

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:libsmbclient0, p-cpe:/a:mandriva:linux:libsmbclient0-devel, p-cpe:/a:mandriva:linux:libsmbclient0-static-devel, p-cpe:/a:mandriva:linux:nss_wins, p-cpe:/a:mandriva:linux:samba-client, p-cpe:/a:mandriva:linux:samba-common, p-cpe:/a:mandriva:linux:samba-debug, p-cpe:/a:mandriva:linux:samba-doc, p-cpe:/a:mandriva:linux:samba-passdb-mysql, p-cpe:/a:mandriva:linux:samba-passdb-xml, p-cpe:/a:mandriva:linux:samba-server, p-cpe:/a:mandriva:linux:samba-swat, p-cpe:/a:mandriva:linux:samba-winbind, cpe:/o:mandrakesoft:mandrake_linux:10.0, cpe:/o:mandrakesoft:mandrake_linux:9.1, cpe:/o:mandrakesoft:mandrake_linux:9.2

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Patch Publication Date: 7/22/2004

Reference Information

CVE: CVE-2004-0600, CVE-2004-0686

MDKSA: 2004:071