Bug 86209

Summary: Security issue in samba - remote anonymous root
Product: [Retired] Red Hat Linux Reporter: Mark J. Cox <mjc>
Component: sambaAssignee: Jay Fenlason <fenlason>
Status: CLOSED ERRATA QA Contact: David Lawrence <dkl>
Severity: medium Docs Contact:
Priority: medium    
Version: 8.0CC: jfeeney, mitr
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2003-03-19 09:31:51 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Mark J. Cox 2003-03-17 10:00:02 UTC 
Sebastian Krahmer discovered a security vulnerability present
in unpatched versions of Samba prior to 2.2.8. An anonymous user could use
the vulnerability to gain root access on the target machine.
This is CAN-2003-0085

Additionally, a race condition could allow an attacker to overwrite
critical system files.
This is CAN-2003-0086

Updated packages for Red Hat Linux 6.2, 7, 7.1, 7.2, 7.3 and 8.0 will be
available shortly at RHSA-2003:095

http://www.samba.org/samba/whatsnew/samba-2.2.8.html
Comment 1 Mark J. Cox 2003-03-19 09:31:51 UTC 
This is fixed in http://rhn.redhat.com/errata/RHSA-2003-095.html for Red Hat
Linux 7.2, 7.3, and 8.0.  An advisory for Red Hat Linux 6.2, 7, 7.1 will be
available shortly.