Bug 142472 - CAN-2004-1154 Samba authenticated remote root
Summary: CAN-2004-1154 Samba authenticated remote root
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: samba
Version: 3.0
Hardware: All
OS: Linux
medium
high
Target Milestone: ---
Assignee: Jay Fenlason
QA Contact: David Lawrence
URL:
Whiteboard: impact=important,embargo=20041216:12
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2004-12-09 22:10 UTC by Mark J. Cox
Modified: 2014-08-31 23:26 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2004-12-21 18:57:22 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)
Upstream patch (417.69 KB, patch)
2004-12-09 22:14 UTC, Mark J. Cox
no flags Details | Diff


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2004:670 0 high SHIPPED_LIVE Important: samba security update 2004-12-16 05:00:00 UTC
Red Hat Product Errata RHSA-2004:681 0 high SHIPPED_LIVE Important: samba security update 2004-12-21 05:00:00 UTC
Red Hat Product Errata RHSA-2005:020 0 normal SHIPPED_LIVE Important: samba security update 2005-01-05 05:00:00 UTC

Description Mark J. Cox 2004-12-09 22:10:54 UTC
Jerry at Samba reported to vendor-sec on 20041209 a remote root flaw
in Samba, affecting all versions.  Requires authenticated
user.  Issue was discovered by iDEFENSE.

This issue is currently embargoed until 20041216:1200UTC

Comment 1 Mark J. Cox 2004-12-09 22:12:17 UTC
Issue affects RHEL2.1 and RHEL3
(RHEL4 and FC by separate tracking bug)

Comment 2 Mark J. Cox 2004-12-09 22:14:37 UTC
Created attachment 108267 [details]
Upstream patch

Comment 3 Mark J. Cox 2004-12-16 14:42:49 UTC
Removing embargo

Comment 4 Josh Bressers 2004-12-16 21:08:29 UTC
An errata has been issued which should help the problem 
described in this bug report. This report is therefore being 
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files, 
please follow the link below. You may reopen this bug report 
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2004-670.html


Comment 5 Mark J. Cox 2004-12-16 22:29:06 UTC
Reopening for RHEL2.1

Comment 6 Mark J. Cox 2004-12-21 18:57:22 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2004-681.html


Comment 7 Josh Bressers 2005-01-05 15:40:31 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2005-020.html



Note You need to log in before you can comment on or make changes to this bug.