USN-556-1: Samba vulnerability Post: 302153206

Sponsored Content

Special Forums Cybersecurity Security Advisories (RSS) USN-556-1: Samba vulnerability Post 302153206 by Linux Bot on Sunday 23rd of December 2007 11:52:05 PM

12-24-2007

Registered User

USN-556-1: Samba vulnerability

Referenced CVEs:
CVE-2007-6015

Description:
=========================================================== Ubuntu Security Notice USN-556-1 December 18, 2007samba vulnerabilityCVE-2007-6015===========================================================A security issue affects the following Ubuntu releases:Ubuntu 6.06 LTSUbuntu 6.10Ubuntu 7.04Ubuntu 7.10This advisory also applies to the corresponding versions ofKubuntu, Edubuntu, and Xubuntu.The problem can be corrected by upgrading your system to thefollowing package versions:Ubuntu 6.06 LTS: libsmbclient 3.0.22-1ubuntu3.6 samba 3.0.22-1ubuntu3.6Ubuntu 6.10: libsmbclient 3.0.22-1ubuntu4.5 samba 3.0.22-1ubuntu4.5Ubuntu 7.04: libsmbclient 3.0.24-2ubuntu1.5 samba 3.0.24-2ubuntu1.5Ubuntu 7.10: libsmbclient 3.0.26a-1ubuntu2.3 samba 3.0.26a-1ubuntu2.3In general, a standard system upgrade is sufficient to effect thenecessary changes.Details follow:Alin Rad Pop discovered that Samba did not correctly check the sizeof reply packets to mailslot requests. If a server was configuredwith domain logon enabled, an unauthenticated remote attacker could senda specially crafted domain logon packet and execute arbitrary code orcrash the Samba service. By default, domain logon is disabled in Ubuntu.

More...

Linux Bot

View Public Profile for Linux Bot

Find all posts by Linux Bot

LEARN ABOUT DEBIAN

tdbbackup.tdbtools

TDBBACKUP(8)						    System Administration tools 					      TDBBACKUP(8)

NAME

       tdbbackup - tool for backing up and for validating the integrity of samba .tdb files

SYNOPSIS

       tdbbackup [-s suffix] [-v] [-h]

DESCRIPTION

       This tool is part of the samba(1) suite.

       tdbbackup is a tool that may be used to backup samba .tdb files. This tool may also be used to verify the integrity of the .tdb files prior
       to samba startup or during normal operation. If it finds file damage and it finds a prior backup the backup file will be restored.

OPTIONS

       -h
	   Get help information.

       -s suffix
	   The -s option allows the adminisistrator to specify a file backup extension. This way it is possible to keep a history of tdb backup
	   files by using a new suffix for each backup.

       -v
	   The -v will check the database for damages (currupt data) which if detected causes the backup to be restored.

COMMANDS

       GENERAL INFORMATION

       The tdbbackup utility can safely be run at any time. It was designed so that it can be used at any time to validate the integrity of tdb
       files, even during Samba operation. Typical usage for the command will be:

       tdbbackup [-s suffix] *.tdb

       Before restarting samba the following command may be run to validate .tdb files:

       tdbbackup -v [-s suffix] *.tdb

       Samba .tdb files are stored in various locations, be sure to run backup all .tdb file on the system. Important files includes:

       o    secrets.tdb - usual location is in the /usr/local/samba/private directory, or on some systems in /etc/samba.

       o    passdb.tdb - usual location is in the /usr/local/samba/private directory, or on some systems in /etc/samba.

       o    *.tdb located in the /usr/local/samba/var directory or on some systems in the /var/cache or /var/lib/samba directories.

VERSION

       This man page is correct for version 3 of the Samba suite.

AUTHOR

       The original Samba software and related utilities were created by Andrew Tridgell. Samba is now developed by the Samba Team as an Open
       Source project similar to the way the Linux kernel is developed.

       The tdbbackup man page was written by John H Terpstra.

Samba 3.6							    05/28/2012							      TDBBACKUP(8)