Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: USN-918-1: Samba vulnerability
Special Forums Cybersecurity Security Advisories (RSS) USN-918-1: Samba vulnerability Post 302406988 by Linux Bot on Wednesday 24th of March 2010 10:00:02 AM
Old 03-24-2010
USN-918-1: Samba vulnerability
Referenced CVEs:
CVE-2010-0926


Description:
=========================================================== Ubuntu Security Notice USN-918-1 March 24, 2010 samba vulnerability CVE-2010-0926 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 Ubuntu 9.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: samba 3.0.22-1ubuntu3.11 Ubuntu 8.04 LTS: samba 3.0.28a-1ubuntu4.11 Ubuntu 8.10: samba 2:3.2.3-1ubuntu3.8 Ubuntu 9.04: samba 2:3.3.2-1ubuntu3.4 Ubuntu 9.10: samba 2:3.4.0-3ubuntu5.6 In general, a standard system upgrade is sufficient to effect the necessary changes. ATTENTION: This update changes the default samba behaviour. For security reasons, it is no longer possible to use wide links and UNIX extensions at the same time. After applying this security update, wide links will be disabled automatically as UNIX extensions are turned on by default. If wide links are required, you can re-enable them by adding "unix extensions = no" to the [global] section of the /etc/samba/smb.conf configuration file. Details follow: It was discovered the Samba handled symlinks in an unexpected way when both "wide links" and "UNIX extensions" were enabled, which is the default. A remote attacker could create symlinks and access arbitrary files from the server.





More...
 

LEARN ABOUT DEBIAN

tdbbackup

TDBBACKUP(8)                                                System Administration tools                                               TDBBACKUP(8)

NAME

       tdbbackup - tool for backing up and for validating the integrity of samba .tdb files

SYNOPSIS

       tdbbackup [-s suffix] [-v] [-h]

DESCRIPTION

       This tool is part of the samba(1) suite.

       tdbbackup is a tool that may be used to backup samba .tdb files. This tool may also be used to verify the integrity of the .tdb files prior
       to samba startup or during normal operation. If it finds file damage and it finds a prior backup the backup file will be restored.

OPTIONS

       -h
           Get help information.

       -s suffix
           The -s option allows the adminisistrator to specify a file backup extension. This way it is possible to keep a history of tdb backup
           files by using a new suffix for each backup.

       -v
           The -v will check the database for damages (currupt data) which if detected causes the backup to be restored.

COMMANDS

       GENERAL INFORMATION

       The tdbbackup utility can safely be run at any time. It was designed so that it can be used at any time to validate the integrity of tdb
       files, even during Samba operation. Typical usage for the command will be:

       tdbbackup [-s suffix] *.tdb

       Before restarting samba the following command may be run to validate .tdb files:

       tdbbackup -v [-s suffix] *.tdb

       Samba .tdb files are stored in various locations, be sure to run backup all .tdb file on the system. Important files includes:

       o    secrets.tdb - usual location is in the /usr/local/samba/private directory, or on some systems in /etc/samba.

       o    passdb.tdb - usual location is in the /usr/local/samba/private directory, or on some systems in /etc/samba.

       o    *.tdb located in the /usr/local/samba/var directory or on some systems in the /var/cache or /var/lib/samba directories.

VERSION

       This man page is correct for version 3 of the Samba suite.

AUTHOR

       The original Samba software and related utilities were created by Andrew Tridgell. Samba is now developed by the Samba Team as an Open
       Source project similar to the way the Linux kernel is developed.

       The tdbbackup man page was written by John H Terpstra.

Samba 3.5                                                           06/18/2010                                                        TDBBACKUP(8)
All times are GMT -4. The time now is 02:45 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy