-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
--------------------------------------------------------------------------
Turbolinux Security Advisory TLSA-2007-18
http://www.turbolinux.co.jp/security/
security-team@turbolinux.co.jp
--------------------------------------------------------------------------
Original released date: 14 Mar 2007
Last revised: 14 Mar 2007
Package: samba
Summary: Samba denial of service attack
More information:
Samba is an Open Source/Free Software suite that provides seamless file
and print services to SMB/CIFS clients. Samba is freely available,
unlike other SMB/CIFS implementations, and allows for interoperability
between Linux/Unix servers and Windows-based clients.
Smbd allows remote authenticated users to cause a denial of service.
Samba may allow remote attackers to cause a denial of service via a large
number of share connection requests.
Impact:
This vulnerability may allow remote attackers to cause a denial of service.
Affected Products:
- Turbolinux Appliance Server 2.0
- Turbolinux FUJI
- Turbolinux 10 Server x64 Edition
- Turbolinux 10 Server
<Turbolinux Appliance Server 2.0>
Source Packages
Size: MD5
samba-3.0.6-18.src.rpm
15052538 1adf7ef067d3f15f26f5548b4598c922
Binary Packages
Size: MD5
samba-3.0.6-18.i586.rpm
24906138 e00c16502e3bf19cbd27c1bc98fb181b
samba-devel-3.0.6-18.i586.rpm
751527 5d6a92b9e943f35a6fe0765eb476ea6b
smbfs-3.0.6-18.i586.rpm
246201 3bbf8e059662329800e2955c09d0eb39
<Turbolinux FUJI>
Source Packages
Size: MD5
samba-3.0.20a-7.src.rpm
17201598 c9e85ff12132ba55f8900f8d2362d466
Binary Packages
Size: MD5
samba-3.0.20a-7.i686.rpm
31590452 04ae639adacbbbd18d6cefaff4c2f3bb
samba-debug-3.0.20a-7.i686.rpm
2113796 333a43a3abefc8ca5085781281720c82
samba-devel-3.0.20a-7.i686.rpm
1155626 227a12347b75216c8bf30ec9723d58ac
samba-python-3.0.20a-7.i686.rpm
5120697 6d77ee5bcea35b2aa433b7a96de5bee9
smbfs-3.0.20a-7.i686.rpm
370874 ac4f3439e7307d6233907f157f883c0b
<Turbolinux 10 Server x64 Edition>
Source Packages
Size: MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/SRPMS/samba-3.0.6-18.src.rpm
15052538 86dcb4fe2033098d9ceeb42456769374
Binary Packages
Size: MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/samba-3.0.6-18.x86_64.rpm
26689092 7fb42f4c6ea96fae74400e627839238a
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/samba-debug-3.0.6-18.x86_64.rpm
3005095 ead2c6b6a41a9d2229fe43a3f781fa32
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/samba-devel-3.0.6-18.x86_64.rpm
784362 8ca2327d0f0db597c5a395dd6f325daf
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/samba-python-3.0.6-18.x86_64.rpm
4766177 7d9e7baead501cfe9d880fdcbc87d673
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/smbfs-3.0.6-18.x86_64.rpm
302159 9c83682bcd41de22ccfcda17226401f4
<Turbolinux 10 Server>
Source Packages
Size: MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/SRPMS/samba-3.0.6-18.src.rpm
15052538 1adf7ef067d3f15f26f5548b4598c922
Binary Packages
Size: MD5
samba-3.0.6-18.i586.rpm
24906138 e00c16502e3bf19cbd27c1bc98fb181b
samba-debug-3.0.6-18.i586.rpm
2917113 ccf97b06c3039ad9366cdaad82623f1b
samba-devel-3.0.6-18.i586.rpm
751527 5d6a92b9e943f35a6fe0765eb476ea6b
samba-python-3.0.6-18.i586.rpm
4043713 e39698f0c61357e9704a07d64ee8021e
smbfs-3.0.6-18.i586.rpm
246201 3bbf8e059662329800e2955c09d0eb39
CVE
[CVE-2007-0452]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0452
[CVE-2007-0454]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0454
--------------------------------------------------------------------------
Revision History
14 Mar 2006 Initial release
--------------------------------------------------------------------------
Copyright(C) 2006 Turbolinux, Inc. All rights reserved.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFF93MnK0LzjOqIJMwRAtOZAKCD0/1v77WRYT2BmvxI2BEp44o5IACdE9wv
H/8t3fU336hAQGfCi/8zdts=
=08HQ
-----END PGP SIGNATURE-----