French Security Incident Response Team

FrSIRT   

      

   français French  anglais English

 
Vulnerability Notification Service
 FrSIRT Partner Program
 14-Day Free Trial
Contact FrSIRT Sales Dept.
 

Security Advisories
Linux Security Advisories
Virus and Threats Advisories
Latest Security News
Latest Zero Day Threats
Advisories and vulnerabilities by Vendor
Advisories and vulnerabilities by Keyword
 

Report a security incident
Report a new vulnerability
Security Mailinglist
 

Our Company
FrSIRT in the News
Advertise on FrSIRT.COM
Security Researchers and Exploit Writers Jobs
Contact Us

Fedora Security Update Fixes Samba Winbind Privilege Escalation Vulnerability

Title : Fedora Security Update Fixes Samba Winbind Privilege Escalation Vulnerability
Advisory ID : FrSIRT/ADV-2007-3124
CVE ID : CVE-2007-4138
Rated as : Moderate Risk 
Remotely Exploitable : No
Locally Exploitable : Yes
Release Date : 2007-09-13

Advisory Details
 
  Description
  Affected Products
  Solution
  References
Technical Description    Receive FrSIRT alerts in a Text format  Receive FrSIRT alerts in a PDF format  Receive FrSIRT alerts in an XML format  Receive FrSIRT notifications by SMS 

A vulnerability has been identified in Fedora, which could be exploited by malicious users to obtain elevated privileges [...]

Solution

Upgrade the affected packages :

ad6406f10c7232a272b22cffeaef70063b0d009f samba-debuginfo-3.0.26a-0.fc7.ppc64.rpm
2110038035607453566543f824e3f903c52950e6 samba-doc-3.0.26a-0.fc7.ppc64.rpm
c471275bf6fdef2dec1d6cb0b2d83abea6b2f3cb samba-3.0.26a-0.fc7.ppc64.rpm
8491d2900030836c27da5595cfc5ab2e16e25763 samba-common-3.0.26a-0.fc7.ppc64.rpm
69f0878171d3d69559710a8e82eccae79fee410a samba-client-3.0.26a-0.fc7.ppc64.rpm
ca7d68ea96382e959260b4ed4f6bb5b022933994 libsmbclient-3.0.26a-0.fc7.ppc64.rpm
5e77320ac0496cfe795e414f9093582a6ebaad48 libsmbclient-devel-3.0.26a-0.fc7.ppc64.rpm
abd0fa5f5cb0bb9b2fcabf1f962c6e3ced68297c samba-swat-3.0.26a-0.fc7.ppc64.rpm
97536faa1ce44594712dd4ddafd622689b8a01ae samba-client-3.0.26a-0.fc7.i386.rpm
f6b345c75a3d84ea943aa9816f05a4dd021fcda0 samba-doc-3.0.26a-0.fc7.i386.rpm
a72fa7b43f4eb2d29259bb2798e2555acfe64d8b samba-debuginfo-3.0.26a-0.fc7.i386.rpm
0eb49c6146366d9756e7cd6090ac1ae0297c8654 libsmbclient-3.0.26a-0.fc7.i386.rpm
88d330c1f3079e329b6c412a3d09fa5fed58f796 samba-swat-3.0.26a-0.fc7.i386.rpm
504f3cf8eed2a14aaa2baa892ced6238c8df630a samba-common-3.0.26a-0.fc7.i386.rpm
9b2fe3665c0003d1161d02de8276a5e49e801c71 samba-3.0.26a-0.fc7.i386.rpm
0768bf8d5caa4499008921532431bafbb91256b6 libsmbclient-devel-3.0.26a-0.fc7.i386.rpm
4ada67331c7de4de9fe01ab742d34e40e963c6cb samba-doc-3.0.26a-0.fc7.x86_64.rpm
92b1d59e0e64491b9f265fc9da87703ac6ec3b51 samba-client-3.0.26a-0.fc7.x86_64.rpm
feefe1e0bec73c414120151a0cea0af6f91530f4 samba-3.0.26a-0.fc7.x86_64.rpm
096f2c137bfe0e5e6eac34878ebef26f5b96d205 samba-swat-3.0.26a-0.fc7.x86_64.rpm
c5369d608c129ae2dc5c0de3b905302783aed614 samba-debuginfo-3.0.26a-0.fc7.x86_64.rpm
3f1c1a7b1f204b46ecfc2cbf2023f64aa7ed56cd libsmbclient-3.0.26a-0.fc7.x86_64.rpm
78082028cfacae410186e4e4c76b84f6441a5d18 samba-common-3.0.26a-0.fc7.x86_64.rpm
7127c00d6c261380f169035d829206b9cd2c0fbd libsmbclient-devel-3.0.26a-0.fc7.x86_64.rpm
67bd966e2982f7e04071cdb43400536ee3f66dbf samba-3.0.26a-0.fc7.ppc.rpm
8765b71e0ae0156cf19c423d8e85808862fbf42b samba-doc-3.0.26a-0.fc7.ppc.rpm
6fce203d121f1c90f7dd62bba944a93113ddce65 libsmbclient-3.0.26a-0.fc7.ppc.rpm
d696e3b392a1a77b0918eafaf6793a716ff63ad5 samba-debuginfo-3.0.26a-0.fc7.ppc.rpm
55a19f434d8ee557d538aff449fbb6ef36e85723 samba-client-3.0.26a-0.fc7.ppc.rpm
d606005b9f212bf3d4489390a5f07172b2154a1a libsmbclient-devel-3.0.26a-0.fc7.ppc.rpm
9f46d8d2b93db72ae933d726267b2a0779e80b5a samba-swat-3.0.26a-0.fc7.ppc.rpm
605a11d0e72afbc86836f66157631977708fd5ae samba-common-3.0.26a-0.fc7.ppc.rpm
938a64e38e6c5cdad5b3d9e20f69259ba7443868 samba-3.0.26a-0.fc7.src.rpm

ChangeLog

2007-09-13 : Initial release

Vulnerability Management

Subscribe to FrSIRT VNS and receive real-time e-mail and SMS alerts when new vulnerabilities, exploits, or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form or by email to updates@frsirt.com.
 
 

Search
      

Mailinglist
    
 

Apple Mac OS X Code Execution and Security Bypass Vulnerabilities

Apple iPhone and iPod touch Multiple Code Execution Vulnerabilities

Apple Xcode Code Execution and Information Disclosure Vulnerabilities

Apple TV Data Processing Remote Code Execution Vulnerabilities

Apple Mac OS X Command Execution and Security Bypass Issues

Apple Safari for Mac OS X Remote Code Execution Vulnerability

Apple Mac OS X ARDAgent Local Privilege Escalation Vulnerability

Mozilla Firefox for Mac OS X GIF Rendering Code Execution Vulnerability

Mozilla Products Remote Code Execution and Security Bypass Issues

Mozilla Products Code Execution and Injection Vulnerabilities

Mozilla JavaScript Garbage Collector Code Execution Vulnerability

Mozilla Thunderbird Code Execution and Cross Site Scripting Issues

Mozilla Firefox and SeaMonkey Multiple Remote Code Execution Issues

Mozilla Thunderbird Multiple Security Bypass and Code Execution Issues

Sun Solaris Covert Channel Local Security Bypass Vulnerability

Sun Solaris NFS RPC Zone Denial of Service Vulnerability

Sun Solaris NFS Kernel Module Local Denial of Service Vulnerability

Sun Solaris NFSv4 Client Kernel Module Denial of Service Vulnerability

Sun Java System Portal Server Cross Site Scripting Vulnerability

Sun rdesktop Code Execution and Denial of Service

Sun Java System Web Proxy Server Denial of Service Vulnerability

Copyright 2003-2008 © FrSIRT.COM - Privacy Policy