-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
--------------------------------------------------------------------------
Turbolinux Security Advisory TLSA-2003-27
http://www.turbolinux.co.jp/security/
security-team@turbolinux.co.jp
--------------------------------------------------------------------------
Original released date : 10 Apr 2003
Last revised : 10 Apr 2003
Package : samba
Summary : Vulnerabilities are in the samba SMB protocol implementation
More information :
A buffer overrun condition exists in the samba SMB protocol implementation.
Impact :
These vulnerabilities may allow remote attackers to gain the root privileges.
Affected Products :
- Turbolinux 8 Server
- Turbolinux 8 Workstation
- Turbolinux 7 Server
- Turbolinux 7 Workstation
- Turbolinux Server 6.5
- Turbolinux Advanced Server 6
- Turbolinux Server 6.1
- Turbolinux Workstation 6.0
Solution :
Please use turbopkg tool to apply the update.
<Turbolinux 8 Server>
Source Packages
Size : MD5
samba-2.2.7a-5jaJP.src.rpm
7151214 3193d30965baa5438a41881cd2121a24
Binary Packages
Size : MD5
samba-2.2.7a-5jaJP.i586.rpm
15900676 9c6120b2d81d7cb59d703ae67661007f
samba-devel-2.2.7a-5jaJP.i586.rpm
498906 98cd1fcb994e8f205debb4285e1b4c14
smbfs-2.2.7a-5jaJP.i586.rpm
627968 036018db4afc6508f1357c06a8b36c19
<Turbolinux 8 Workstation>
Source Packages
Size : MD5
samba-2.2.7a-5jaJP.src.rpm
7151214 8460c193dd902c3b810a9f641ec7e457
Binary Packages
Size : MD5
samba-2.2.7a-5jaJP.i586.rpm
15896778 ad263d7f67616cf36cf04714aa65f17a
samba-devel-2.2.7a-5jaJP.i586.rpm
498887 c70871ad612050ac390f57f4d5321405
smbfs-2.2.7a-5jaJP.i586.rpm
626881 9f76a208ed26d077fc4ee16599601eb4
<Turbolinux 7 Server>
Source Packages
Size : MD5
samba-2.2.7a-5jaJP.src.rpm
7151214 6fac4d4f43053471703cd83824ce39d4
Binary Packages
Size : MD5
samba-2.2.7a-5jaJP.i586.rpm
15806944 7c8d3b3690ed0ddd6ceb98949fb922db
samba-devel-2.2.7a-5jaJP.i586.rpm
491512 40461bd57607923306ce1c1283c207e9
smbfs-2.2.7a-5jaJP.i586.rpm
611962 1617b16fd8005911b2e167fb9a68a58c
<Turbolinux 7 Workstation>
Source Packages
Size : MD5
samba-2.2.7a-5jaJP.src.rpm
7151214 9a7045badf4394e69914d8669ec1a951
Binary Packages
Size : MD5
samba-2.2.7a-5jaJP.i586.rpm
15810406 0b8903479b99e19621e022966909b81a
samba-devel-2.2.7a-5jaJP.i586.rpm
492183 21778dc6d7d6fed244546fd40f5c0048
smbfs-2.2.7a-5jaJP.i586.rpm
612310 94226992ce0c45f4005b092c134ec241
<Turbolinux Server 6.5>
Source Packages
Size : MD5
samba-2.2.7a-5jaJP.src.rpm
7151214 3676f22a2e0e2156c5e7fca36c0822d6
Binary Packages
Size : MD5
samba-2.2.7a-5jaJP.i386.rpm
17593931 be3e6dad814257118c46669de835b34f
samba-devel-2.2.7a-5jaJP.i386.rpm
563353 d607e059a340c6d67961e9ae6b13fc55
smbfs-2.2.7a-5jaJP.i386.rpm
858469 5f3d079027600237733007c1a9455183
<Turbolinux Advanced Server 6>
Source Packages
Size : MD5
samba-2.2.7a-5jaJP.src.rpm
7151214 c23a003f96cab1c19ad7d220b934df09
Binary Packages
Size : MD5
samba-2.2.7a-5jaJP.i386.rpm
17593703 fd62da7fd3af5526ea613c0522d1f75e
samba-devel-2.2.7a-5jaJP.i386.rpm
563269 6ad8e51af8134c789dc4df7be4bc721c
smbfs-2.2.7a-5jaJP.i386.rpm
858443 87f46ed42711ac721c250a09992b679e
<Turbolinux Server 6.1>
Source Packages
Size : MD5
samba-2.2.7a-5jaJP.src.rpm
7151214 b75432a5b28b7d39378019d7ce63b151
Binary Packages
Size : MD5
samba-2.2.7a-5jaJP.i386.rpm
17593707 1215140c64a59147071610eed838e03c
samba-devel-2.2.7a-5jaJP.i386.rpm
563313 47c6bd68fd30c908437e336fa8b82678
smbfs-2.2.7a-5jaJP.i386.rpm
858438 1b8b2841acdb827277a330425938b07b
<Turbolinux Workstation 6.0>
Source Packages
Size : MD5
samba-2.2.7a-5jaJP.src.rpm
7151214 55b48ce8f2e07cc1ce504aaa84939753
Binary Packages
Size : MD5
samba-2.2.7a-5jaJP.i386.rpm
17593904 7965a24bc944f9b0b78535fae0971f42
samba-devel-2.2.7a-5jaJP.i386.rpm
563288 be30d22766c0fff7aa0fa411ebf1b713
smbfs-2.2.7a-5jaJP.i386.rpm
858444 5dbc407eb293f6c11a3abd19c640f91d
References :
samba-announce
http://lists.samba.org/pipermail/samba-announce/2003-April/000065.html
CVE
[
CAN-2003-0201]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=
CAN-2003-0201
--------------------------------------------------------------------------
Revision History
10 Apr 2003 Initial release
--------------------------------------------------------------------------
Copyright(C) 2003 Turbolinux, Inc. All rights reserved.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQE+lONPK0LzjOqIJMwRAiOyAJ9ueomv4zAIrJF07a0VJGQu5oevpwCfYVrV
TN3s3pJ+xQSkqjyMSuvywSA=
=gjTj
-----END PGP SIGNATURE-----