Debian DSA-1823-1 : samba - several vulnerabilities

high Nessus Plugin ID 39568

Synopsis

The remote Debian host is missing a security-related update.

Description

Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server. The Common Vulnerabilities and Exposures project identifies the following problems :

- CVE-2009-1886 The smbclient utility contains a formatstring vulnerability where commands dealing with file names treat user input as format strings to asprintf.

- CVE-2009-1888 In the smbd daemon, if a user is trying to modify an access control list (ACL) and is denied permission, this deny may be overridden if the parameter 'dos filemode' is set to 'yes' in the smb.conf and the user already has write access to the file.

Solution

Upgrade the samba package.

The old stable distribution (etch) is not affected by these problems.

For the stable distribution (lenny), these problems have been fixed in version 3.2.5-4lenny6.

See Also

https://security-tracker.debian.org/tracker/CVE-2009-1886

https://security-tracker.debian.org/tracker/CVE-2009-1888

https://www.debian.org/security/2009/dsa-1823

Plugin Details

Severity: High

ID: 39568

File Name: debian_DSA-1823.nasl

Version: 1.14

Type: local

Agent: unix

Published: 6/30/2009

Updated: 1/4/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:samba, cpe:/o:debian:debian_linux:5.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Patch Publication Date: 6/25/2009

Reference Information

CVE: CVE-2009-1886, CVE-2009-1888

CWE: 134, 264

DSA: 1823