[root@ing002 samba]# urpmq -i samba-server
Name : samba-server
Version : 3.0.10
Release : 0.1.101mdk
Group : Networking/Other
Size : 6872035 Architecture: i586
Summary : Samba (SMB) server programs.
Description :
Samba provides an SMB server which can be used to provide
network services to SMB (sometimes called "Lan Manager" )
clients, including various versions of MS Windows, OS/2,
and other Linux machines. Samba also provides some SMB
clients, which complement the built-in SMB filesystem
in Linux. Samba uses NetBIOS over TCP/IP (NetBT) protocols
and does NOT need NetBEUI (Microsoft Raw NetBIOS frame)
protocol.
Samba-3.0 features working NT Domain Control capability and
includes the SWAT (Samba Web Administration Tool) that
allows samba's smb.conf file to be remotely managed using your
favourite web browser. For the time being this is being
enabled on TCP port 901 via xinetd. SWAT is now included in
it's own subpackage, samba-swat.
Please refer to the WHATSNEW.txt document for fixup information.
This binary release includes encrypted password support.
Please read the smb.conf file and ENCRYPTION.txt in the
docs directory for implementation details.
Last updated : Mon Dec 27 10:40:46 2004
Update importance : security
Reason for update :
Remote exploitation of an integer overflow vulnerability
in the smbd daemon included in Samba 2.0.x, Samba 2.2.x,
and Samba 3.0.x prior to and including 3.0.9 could
allow an attacker to cause controllable heap corruption,
leading to execution of arbitrary commands with root
privileges.
In order to exploit this vulnerability an attacker must possess
credentials that allow access to a share on the Samba server.
Unsuccessful exploitation attempts will cause the process
serving the request to crash with signal 11, and may leave
evidence of an attack in logs.
The updated packages have been patched to correct this issue.
Name : samba-server
Version : 3.0.7
Release : 2mdk
Group : Networking/Other
Size : 6838827 Architecture: i586
Summary : Samba (SMB) server programs.
Description :
Samba provides an SMB server which can be used to provide
network services to SMB (sometimes called "Lan Manager" )
clients, including various versions of MS Windows, OS/2,
and other Linux machines. Samba also provides some SMB
clients, which complement the built-in SMB filesystem
in Linux. Samba uses NetBIOS over TCP/IP (NetBT) protocols
and does NOT need NetBEUI (Microsoft Raw NetBIOS frame)
protocol.
Samba-3.0 features working NT Domain Control capability and
includes the SWAT (Samba Web Administration Tool) that
allows samba's smb.conf file to be remotely managed using your
favourite web browser. For the time being this is being
enabled on TCP port 901 via xinetd. SWAT is now included in
it's own subpackage, samba-swat.
Please refer to the WHATSNEW.txt document for fixup information.
This binary release includes encrypted password support.
Please read the smb.conf file and ENCRYPTION.txt in the
docs directory for implementation details.
Last updated : Mon Dec 27 10:40:46 2004
Update importance : security
Reason for update :
Remote exploitation of an integer overflow vulnerability
in the smbd daemon included in Samba 2.0.x, Samba 2.2.x,
and Samba 3.0.x prior to and including 3.0.9 could
allow an attacker to cause controllable heap corruption,
leading to execution of arbitrary commands with root
privileges.
In order to exploit this vulnerability an attacker must possess
credentials that allow access to a share on the Samba server.
Unsuccessful exploitation attempts will cause the process
serving the request to crash with signal 11, and may leave
evidence of an attack in logs.
The updated packages have been patched to correct this issue.
[root@ing002 samba]#
|
FORUM HardWare.fr
