[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[debian-users:39909] [Translate] [SECURITY] [DSA 463-1] New samba packages fix privilege escalation in smbmnt
かねこです。
URL 等は元記事を確認ください。
------>8------------>8------------>8------------>8------------>8
- --------------------------------------------------------------------------
Debian Security Advisory DSA 463-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
March 12th, 2004 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Package : samba
Vulnerability : privilege escalation
Problem-Type : local
Debian-specific: no
CVE Ids : CAN-2004-0186
Debian bug : 232327
LanManager 対応の Unix 上のファイル・プリンタサーバ Samba に欠陥が発見さ
れました。リモートサーバのファイルシステムをマウントする setuid root さ
れたユーティリティ smbmnt が、このプログラムでユーザの自由になる setuid
プログラムを含むリモートサーバのファイルシステムをマウント可能です。これ
により、ローカルシステムの特権を得ることが可能です。
現安定版 (stable) woody では、これはバージョン 2.2.3a-13 で修正されてい
ます。
不安定版 (unstable) sid では、これはバージョン 3.0.2-2 で修正されていま
す。
すぐに samba パッケージをアップグレードすることを勧めます。
アップグレード手順
------------------
wget url
でファイルを取得できます。
dpkg -i file.deb
で参照されたファイルをインストールできます。
を用いて、apt-get パッケージマネージャに以下記載の sources.list を与えて
次のコマンドを使ってください。
apt-get update
これは内部データベースを更新します。
apt-get upgrade
これで修正されたパッケージをインストールします。
本メールのフッタ記載の設定を自ホストの設定に加えることにより、自動更新を
行うこともできます。
Debian GNU/Linux 3.0 愛称 woody
- ------------------------------------
ソースアーカイブ:
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-13.dsc
Size/MD5 checksum: 771 368a31c193ef5bf3034d016bf17b3c33
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-13.diff.gz
Size/MD5 checksum: 107084 260331016c3fab5ab1efc18b042c366a
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a.orig.tar.gz
Size/MD5 checksum: 5460531 b6ec2f076af69331535a82b586f55254
Architecture independent components:
http://security.debian.org/pool/updates/main/s/samba/samba-doc_2.2.3a-13_all.deb
Size/MD5 checksum: 2446826 04fbfd9e02fa8ac7a620ef3d4a63de26
Alpha architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-13_alpha.deb
Size/MD5 checksum: 415570 b53d43d7a8c84688da6b462b39aee4d3
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-13_alpha.deb
Size/MD5 checksum: 489562 2804f74721a5ed6c8c112942153affb6
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-13_alpha.deb
Size/MD5 checksum: 600374 17d5b931c95935c58288952f058230fb
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-13_alpha.deb
Size/MD5 checksum: 2955970 b897e2cac80af528d5892e482d84f5d3
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-13_alpha.deb
Size/MD5 checksum: 1131294 e8f0665a479c1bb538b70c59a06dc453
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-13_alpha.deb
Size/MD5 checksum: 1155930 e2f2f876a2d93d53bf5ad442c937763e
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-13_alpha.deb
Size/MD5 checksum: 949708 b20d2e6a186e066ee0db50075fcc06c2
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-13_alpha.deb
Size/MD5 checksum: 623020 e45b93bd3f559da4f4b307d5e356a504
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-13_alpha.deb
Size/MD5 checksum: 1106812 7fff9e4fce08188a6ae772206dc7a7f3
ARM architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-13_arm.deb
Size/MD5 checksum: 396940 2ba9dfe8e82dd7a7adc232b41b98e52c
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-13_arm.deb
Size/MD5 checksum: 461480 e5f534fe376ea7dfb0ade350825fb6a7
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-13_arm.deb
Size/MD5 checksum: 547118 bc8049e7ed747d73e98c31dd3087c2f7
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-13_arm.deb
Size/MD5 checksum: 2552934 403df24f97ed8ae593dd226984c2eff8
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-13_arm.deb
Size/MD5 checksum: 1022914 a49e0092094d863018ecbe10fa1f6b20
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-13_arm.deb
Size/MD5 checksum: 1002616 a9165882ae5c2a473850d21c8c826f6d
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-13_arm.deb
Size/MD5 checksum: 831596 2997d5629f1a4f83cc412af1a95c2a67
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-13_arm.deb
Size/MD5 checksum: 557746 4305f452586d4398750cdcbf591b2621
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-13_arm.deb
Size/MD5 checksum: 974490 22b0f0fb3030b33fd95517d65c66528a
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-13_i386.deb
Size/MD5 checksum: 388784 64bcc1e33978b3fcb54af2a6f5291ab0
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-13_i386.deb
Size/MD5 checksum: 446248 94bcd03c02a773e5cdf855031be67b95
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-13_i386.deb
Size/MD5 checksum: 499968 9b0491fc2a1074229c7ffa787d3cc951
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-13_i386.deb
Size/MD5 checksum: 2417274 b9d50d55cac51dafd8f593097708bfd8
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-13_i386.deb
Size/MD5 checksum: 993282 6af8f16fb101eaa9bfc7f7945144e052
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-13_i386.deb
Size/MD5 checksum: 954056 9db7aeab257cdab1df232c23040b8a58
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-13_i386.deb
Size/MD5 checksum: 793424 52bbe4f30b8e73d4c6b5cae22ddfdbd9
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-13_i386.deb
Size/MD5 checksum: 535374 2d08ea9d3d7429210434adcd06146549
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-13_i386.deb
Size/MD5 checksum: 930382 6f39b49f5233d6e1bbfeb1a1c18ef623
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-13_ia64.deb
Size/MD5 checksum: 461604 3d68e98cf19628566ac2e1e31c55ff33
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-13_ia64.deb
Size/MD5 checksum: 553576 eba6cec2a0c07fe93d516cf6849723b5
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-13_ia64.deb
Size/MD5 checksum: 624710 6cc458b8ce244651364e66d618524d5b
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-13_ia64.deb
Size/MD5 checksum: 3487522 c0d6be58fde6169e60520130cd740943
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-13_ia64.deb
Size/MD5 checksum: 1248526 5a5d93d85e266bc37a80881a5fe84957
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-13_ia64.deb
Size/MD5 checksum: 1328396 c1bf261106844f6e18b4f5a5c119ea91
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-13_ia64.deb
Size/MD5 checksum: 1097630 566e64c00795da28867bbbec41a02fcf
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-13_ia64.deb
Size/MD5 checksum: 695382 32cd6e7226788fd6a41cf7573831942f
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-13_ia64.deb
Size/MD5 checksum: 1281614 e3ba65f4548e943a46c838e170561873
HP Precision architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-13_hppa.deb
Size/MD5 checksum: 419578 3e6d29176654bef0f30457aab8d20bad
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-13_hppa.deb
Size/MD5 checksum: 491048 38032eaa678bea9a2b1fd635adfb7a70
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-13_hppa.deb
Size/MD5 checksum: 589368 f16e929a2dcef0582171d64ecd02162d
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-13_hppa.deb
Size/MD5 checksum: 2791044 c4565cfd5b30fa5c986cd3b69f245e80
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-13_hppa.deb
Size/MD5 checksum: 1081542 cf153c78f0656be9de16d254f906ff06
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-13_hppa.deb
Size/MD5 checksum: 1084930 97e794295ecf5969299c7f5bc1c389a1
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-13_hppa.deb
Size/MD5 checksum: 901254 ce8e4fae0a38eab96e558a16e8290e2d
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-13_hppa.deb
Size/MD5 checksum: 589884 44c54f8dea7bfb5bc00f351b2d617b50
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-13_hppa.deb
Size/MD5 checksum: 1059960 1a7d769b825d12253580ba631948761b
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-13_m68k.deb
Size/MD5 checksum: 398658 2120ba89a7551c024f13a397b25d5b03
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-13_m68k.deb
Size/MD5 checksum: 459706 d1b997d08c4bbc5aeb7a52b30e9bef71
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-13_m68k.deb
Size/MD5 checksum: 504416 7317331a5c943a5cc34ccd5449339169
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-13_m68k.deb
Size/MD5 checksum: 2355190 54e5c83b257bc63da387f75ca73b974c
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-13_m68k.deb
Size/MD5 checksum: 982026 af688de22aa3b1adac39ee371d6fefc7
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-13_m68k.deb
Size/MD5 checksum: 936014 d33323195488e8dbf77b1433d019ce72
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-13_m68k.deb
Size/MD5 checksum: 788322 8a654f6130d8a9eae453c8b9d57fe1c9
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-13_m68k.deb
Size/MD5 checksum: 524096 6d82b4b24fbd23ea56b87df8c773a191
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-13_m68k.deb
Size/MD5 checksum: 930054 b6dfb77a0490434463a8ac46bf722cc8
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-13_mips.deb
Size/MD5 checksum: 396038 06d128b588d74faab640264b5b07b43f
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-13_mips.deb
Size/MD5 checksum: 459302 e6f4b8f55f6072d49e0837e5f7ddd431
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-13_mips.deb
Size/MD5 checksum: 569484 f460a836482b5df1920ac057fd998e25
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-13_mips.deb
Size/MD5 checksum: 2803494 7cf473c86311ebf9b1508c832ac63fa4
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-13_mips.deb
Size/MD5 checksum: 1078220 58e57371febffa921887c6cb38d54018
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-13_mips.deb
Size/MD5 checksum: 1088272 52b81221ed111cf8983e1df1095a430b
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-13_mips.deb
Size/MD5 checksum: 910402 56357685c7087a198df2d0acc287dc11
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-13_mips.deb
Size/MD5 checksum: 581064 58743a31fdc72f2e7f4ec374e720495c
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-13_mips.deb
Size/MD5 checksum: 1027726 a3aedb65c7080f04623d12d736d3e3ca
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-12.3_mipsel.deb
Size/MD5 checksum: 392066 1f1fc176814ecfac29d118615cd4c690
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-12.3_mipsel.deb
Size/MD5 checksum: 453818 cbd527e54f64f8bf6485ab2e7ae9721c
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-12.3_mipsel.deb
Size/MD5 checksum: 562342 290660f12cd2a820214ca2b6d7d54d6d
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12.3_mipsel.deb
Size/MD5 checksum: 2763772 53a5d57ad99bdc08d50c393bb5e30679
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-12.3_mipsel.deb
Size/MD5 checksum: 1071330 43424fb484d5381c7cdf7917183aa7c7
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-12.3_mipsel.deb
Size/MD5 checksum: 1075646 5ad7462a285e314f68a44c1f3155e2ec
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-12.3_mipsel.deb
Size/MD5 checksum: 896916 61bf72b0399398412ea8f82cdeb517e4
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-12.3_mipsel.deb
Size/MD5 checksum: 576524 f4ff502bae712790d235c5f3b3e9bee3
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-12.3_mipsel.deb
Size/MD5 checksum: 1014918 1acbe4bcd445f17f0d0df4528160ace2
PowerPC architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-13_powerpc.deb
Size/MD5 checksum: 408822 d553508340ade1689d41f9cda1357d62
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-13_powerpc.deb
Size/MD5 checksum: 475630 5e67cb59b0af58733bb66284163b1202
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-13_powerpc.deb
Size/MD5 checksum: 546218 5d684dd998d737e0eb2fe35df89a8c8b
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-13_powerpc.deb
Size/MD5 checksum: 2607386 e78ce70419e886cc5b379729fc18ee09
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-13_powerpc.deb
Size/MD5 checksum: 1036628 93fbe90841d9cd62aa47e85fe3b8a731
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-13_powerpc.deb
Size/MD5 checksum: 1021454 31962c16aeafdf88eaafd1f5bde1d679
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-13_powerpc.deb
Size/MD5 checksum: 852504 3ff8483b7a217925075c951544b9c2fb
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-13_powerpc.deb
Size/MD5 checksum: 560860 e7138598fab5b6c69f0dab10f06a8135
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-13_powerpc.deb
Size/MD5 checksum: 1001574 1064609c2b5da3e0de78094ed5fa2e29
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-13_s390.deb
Size/MD5 checksum: 403106 caafdee242929fa567efb1e09fb8228e
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-13_s390.deb
Size/MD5 checksum: 469908 a68b54c8beaf737f4d1aace3826c58aa
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-13_s390.deb
Size/MD5 checksum: 526608 8bb5ba81c712ec314329422578f127d4
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-13_s390.deb
Size/MD5 checksum: 2496102 dac5ea4e852b6f271f469d569bb1209f
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-13_s390.deb
Size/MD5 checksum: 1008168 e9385dd3a03fa14beaf0d41a2dc00e60
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-13_s390.deb
Size/MD5 checksum: 982676 3ec7a67088114be5f99d08fdee72d09d
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-13_s390.deb
Size/MD5 checksum: 833248 a7aa3136af1031c422e2e95019fa2210
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-13_s390.deb
Size/MD5 checksum: 537754 f41e66e212e514b072ca1b16277fad2e
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-13_s390.deb
Size/MD5 checksum: 965622 36f9a550e3167aa7ecf714442a17ed03
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-13_sparc.deb
Size/MD5 checksum: 400486 52015fc24c39926ca0023b521e02663e
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-13_sparc.deb
Size/MD5 checksum: 461862 afd850c7686b3946cc52b07b5db8273e
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-13_sparc.deb
Size/MD5 checksum: 523832 e4f3cdfbc5151e70fc1c567d310334ba
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-13_sparc.deb
Size/MD5 checksum: 2513444 c030b4ccb2ccff58cddca015e10c0d9b
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-13_sparc.deb
Size/MD5 checksum: 1011272 0f96ed0ed807c5ae007bcb9c33d578d2
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-13_sparc.deb
Size/MD5 checksum: 985344 0118c1fe2e4eed5738753a02972c86d9
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-13_sparc.deb
Size/MD5 checksum: 829404 738387e356a7d3b699fe27a9b10e3ee9
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-13_sparc.deb
Size/MD5 checksum: 543614 1a5f4e5cc790ef3ace1347050a4cc5c0
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-13_sparc.deb
Size/MD5 checksum: 964396 efb4aefe0cc631b1e4b5ca6f19a12743
これらのファイルは次の版の安定版リリース時そちらに移されます。
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
------>8------------>8------------>8------------>8------------>8
--
Seiji Kaneko skaneko@xxxxxxxxxxxx
足跡 = 55A4 898A C765 F20A 1693 7882 579A 3339 D6ED 97E8