Rapid7 Vulnerability & Exploit Database

RHSA-2009:1529: samba security update

Back to Search

RHSA-2009:1529: samba security update

Severity
6
CVSS
(AV:N/AC:M/Au:S/C:P/I:P/A:P)
Published
09/14/2009
Created
07/25/2018
Added
11/02/2009
Modified
07/04/2017

Description

Samba is a suite of programs used by machines to share files, printers, andother information.A denial of service flaw was found in the Samba smbd daemon. Anauthenticated, remote user could send a specially-crafted response thatwould cause an smbd child process to enter an infinite loop. Anauthenticated, remote user could use this flaw to exhaust system resourcesby opening multiple CIFS sessions. (CVE-2009-2906)An uninitialized data access flaw was discovered in the smbd daemon whenusing the non-default "dos filemode" configuration option in "smb.conf". Anauthenticated, remote user with write access to a file could possibly usethis flaw to change an access control list for that file, even when suchaccess should have been denied. (CVE-2009-1888)A flaw was discovered in the way Samba handled users without a homedirectory set in the back-end password database (e.g. "/etc/passwd"). If ashare for the home directory of such a user was created (e.g. using theautomated "[homes]" share), any user able to access that share could seethe whole file system, possibly bypassing intended access restrictions.(CVE-2009-2813)The mount.cifs program printed CIFS passwords as part of its debug outputwhen running in verbose mode. When mount.cifs had the setuid bit set, alocal, unprivileged user could use this flaw to disclose passwords from afile that would otherwise be inaccessible to that user. Note: mount.cifsfrom the samba packages distributed by Red Hat does not have the setuid bitset. This flaw only affected systems where the setuid bit was manually setby an administrator. (CVE-2009-2948)Users of Samba should upgrade to these updated packages, which containbackported patches to correct these issues. After installing this update,the smb service will be restarted automatically.

Solution(s)

  • redhat-upgrade-samba
  • redhat-upgrade-samba-client
  • redhat-upgrade-samba-common
  • redhat-upgrade-samba-swat

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;