CVE-2003-0086
CVSS1.2
发布时间 :2003-03-31 00:00:00
修订时间 :2016-10-17 22:29:22
NMCOS    

[原文]The code for writing reg files in Samba before 2.2.8 allows local users to overwrite arbitrary files via a race condition involving chown.


[CNNVD]Samba REG写文件竞争条件漏洞(CNNVD-200303-086)

        
        Samba是一套实现SMB(Server Messages Block)协议,跨平台进行文件共享和打印共享服务的程序。
        Samba在写reg文件时存在竞争条件漏洞,本地攻击者可以利用这个漏洞覆盖任意文件,产生拒绝服务攻击。
        Samba在写reg文件时由于产生临时文件不安全,攻击者可以通过建立符号连接指向系统重要文件,当程序执行的时候可导致目标文件被破坏,可能利用提升权限。目前没有提供详细漏洞细节。
        

- CVSS (基础分值)

CVSS分值: 1.2 [轻微(LOW)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: NONE [对系统可用性无影响]
攻击复杂度: HIGH [漏洞利用存在特定的访问条件]
攻击向量: LOCAL [漏洞利用需要具有物理访问权限或本地帐户]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:samba:samba:2.2.0aSamba Samba 2.2.0a
cpe:/a:samba:samba:2.2.1aSamba Samba 2.2.1a
cpe:/a:samba:samba:2.2.3aSamba Samba 2.2.3a
cpe:/a:samba:samba:2.0.3Samba 2.0.3
cpe:/a:samba:samba:2.0.2Samba 2.0.2
cpe:/a:samba:samba:2.2.0Samba 2.2.0
cpe:/a:samba:samba:2.0.5Samba 2.0.5
cpe:/a:samba:samba:2.2.3Samba 2.2.3
cpe:/a:samba:samba:2.0.4Samba 2.0.4
cpe:/a:samba:samba:2.2.2Samba 2.2.2
cpe:/a:samba:samba:2.0.1Samba 2.0.1
cpe:/a:samba:samba:2.0.0Samba 2.0.0
cpe:/a:samba:samba:2.2.7aSamba Samba 2.2.7a
cpe:/a:samba:samba:2.0.7Samba 2.0.7
cpe:/a:samba:samba:2.2.5Samba 2.2.5
cpe:/a:samba:samba:2.0.6Samba 2.0.6
cpe:/a:samba:samba:2.2.4Samba 2.2.4
cpe:/a:samba:samba:2.0.9Samba 2.0.9
cpe:/a:samba:samba:2.2.7Samba 2.2.7
cpe:/a:samba:samba:2.0.10Samba 2.0.10
cpe:/a:samba:samba:2.0.8Samba 2.0.8
cpe:/a:samba:samba:2.2.6Samba 2.2.6

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:554Samba Arbitrary File Overwrite Vulnerability
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0086
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0086
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200303-086
(官方数据源) CNNVD

- 其它链接及资源

ftp://patches.sgi.com/support/free/security/advisories/20030302-01-I
(UNKNOWN)  SGI  20030302-01-I
http://marc.info/?l=bugtraq&m=104792646416629&w=2
(UNKNOWN)  BUGTRAQ  20030317 GLSA: samba (200303-11)
http://marc.info/?l=bugtraq&m=104801012929374&w=2
(UNKNOWN)  BUGTRAQ  20030318 [OpenPKG-SA-2003.021] OpenPKG Security Advisory (samba)
http://www.debian.org/security/2003/dsa-262
(VENDOR_ADVISORY)  DEBIAN  DSA-262
http://www.gentoo.org/security/en/glsa/glsa-200303-11.xml
(UNKNOWN)  GENTOO  GLSA-200303-11
http://www.mandriva.com/security/advisories?name=MDKSA-2003:032
(UNKNOWN)  MANDRAKE  MDKSA-2003:032
http://www.novell.com/linux/security/advisories/2003_016_samba.html
(UNKNOWN)  SUSE  SuSE-SA:2003:016
http://www.redhat.com/support/errata/RHSA-2003-095.html
(UNKNOWN)  REDHAT  RHSA-2003:095
http://www.redhat.com/support/errata/RHSA-2003-096.html
(UNKNOWN)  REDHAT  RHSA-2003:096
http://www.securityfocus.com/archive/1/archive/1/316165/30/25370/threaded
(UNKNOWN)  BUGTRAQ  20030325 Fwd: APPLE-SA-2003-03-24 Samba, OpenSSL
http://www.securityfocus.com/bid/7107
(VENDOR_ADVISORY)  BID  7107

- 漏洞信息

Samba REG写文件竞争条件漏洞
低危 竞争条件
2003-03-31 00:00:00 2005-10-20 00:00:00
本地  
        
        Samba是一套实现SMB(Server Messages Block)协议,跨平台进行文件共享和打印共享服务的程序。
        Samba在写reg文件时存在竞争条件漏洞,本地攻击者可以利用这个漏洞覆盖任意文件,产生拒绝服务攻击。
        Samba在写reg文件时由于产生临时文件不安全,攻击者可以通过建立符号连接指向系统重要文件,当程序执行的时候可导致目标文件被破坏,可能利用提升权限。目前没有提供详细漏洞细节。
        

- 公告与补丁

        厂商补丁:
        MandrakeSoft
        ------------
        MandrakeSoft已经为此发布了一个安全公告(MDKSA-2003:032)以及相应补丁:
        MDKSA-2003:032:samba
        链接:
        http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:032

        补丁下载:
        Mandrake Upgrade nss_wins-2.2.7a-8.1mdk.i586.rpm
        
        http://www.mandrakesecure.net/en/ftp.php

        Mandrake Corporate Server 2.1.
        Mandrake Upgrade samba-client-2.2.7a-8.1mdk.i586.rpm
        
        http://www.mandrakesecure.net/en/ftp.php

        Mandrake Corporate Server 2.1.
        Mandrake Upgrade samba-common-2.2.7a-8.1mdk.i586.rpm
        
        http://www.mandrakesecure.net/en/ftp.php

        Mandrake Corporate Server 2.1.
        Mandrake Upgrade samba-doc-2.2.7a-8.1mdk.i586.rpm
        
        http://www.mandrakesecure.net/en/ftp.php

        Mandrake Corporate Server 2.1.
        Mandrake Upgrade samba-server-2.2.7a-8.1mdk.i586.rpm
        
        http://www.mandrakesecure.net/en/ftp.php

        Mandrake Corporate Server 2.1.
        Mandrake Upgrade samba-swat-2.2.7a-8.1mdk.i586.rpm
        
        http://www.mandrakesecure.net/en/ftp.php

        Mandrake Corporate Server 2.1.
        Mandrake Upgrade samba-winbind-2.2.7a-8.1mdk.i586.rpm
        
        http://www.mandrakesecure.net/en/ftp.php

        Mandrake Corporate Server 2.1.
        Mandrake Upgrade samba-client-2.2.7a-8.1mdk.i586.rpm
        
        http://www.mandrakesecure.net/en/ftp.php

        Mandrake Linux 8.0.
        Mandrake Upgrade samba-common-2.2.7a-8.1mdk.i586.rpm
        
        http://www.mandrakesecure.net/en/ftp.php

        Mandrake Linux 8.0.
        Mandrake Upgrade samba-doc-2.2.7a-8.1mdk.i586.rpm
        
        http://www.mandrakesecure.net/en/ftp.php

        Mandrake Linux 8.0.
        Mandrake Upgrade samba-server-2.2.7a-8.1mdk.i586.rpm
        
        http://www.mandrakesecure.net/en/ftp.php

        Mandrake Linux 8.0.
        Mandrake Upgrade samba-swat-2.2.7a-8.1mdk.i586.rpm
        
        http://www.mandrakesecure.net/en/ftp.php

        Mandrake Linux 8.0.
        Mandrake Upgrade samba-client-2.2.7a-8.1mdk.ppc.rpm
        
        http://www.mandrakesecure.net/en/ftp.php

        Mandrake Linux 8.0/PPC.
        Mandrake Upgrade samba-common-2.2.7a-8.1mdk.ppc.rpm
        
        http://www.mandrakesecure.net/en/ftp.php

        Mandrake Linux 8.0/PPC.
        Mandrake Upgrade samba-doc-2.2.7a-8.1mdk.ppc.rpm
        
        http://www.mandrakesecure.net/en/ftp.php

        Mandrake Linux 8.0/PPC.
        Mandrake Upgrade samba-server-2.2.7a-8.1mdk.ppc.rpm
        
        http://www.mandrakesecure.net/en/ftp.php

        Mandrake Linux 8.0/PPC.
        Mandrake Upgrade samba-swat-2.2.7a-8.1mdk.ppc.rpm
        
        http://www.mandrakesecure.net/en/ftp.php

        Mandrake Linux 8.0/PPC.
        Mandrake Upgrade samba-client-2.2.7a-8.1mdk.i586.rpm
        
        http://www.mandrakesecure.net/en/ftp.php

        Mandrake Linux 8.1.
        Mandrake Upgrade samba-common-2.2.7a-8.1mdk.i586.rpm
        
        http://www.mandrakesecure.net/en/ftp.php

        Mandrake Linux 8.1.
        Mandrake Upgrade samba-doc-2.2.7a-8.1mdk.i586.rpm
        
        http://www.mandrakesecure.net/en/ftp.php

        Mandrake Linux 8.1.
        Mandrake Upgrade samba-server-2.2.7a-8.1mdk.i586.rpm
        
        http://www.mandrakesecure.net/en/ftp.php

        Mandrake Linux 8.1.
        Mandrake Upgrade samba-swat-2.2.7a-8.1mdk.i586.rpm
        
        http://www.mandrakesecure.net/en/ftp.php

        Mandrake Linux 8.1.
        Mandrake Upgrade samba-client-2.2.7a-8.1mdk.ia64.rpm
        
        http://www.mandrakesecure.net/en/ftp.php

        Mandrake Linux 8.1/IA64.
        Mandrake Upgrade samba-common-2.2.7a-8.1mdk.ia64.rpm
        
        http://www.mandrakesecure.net/en/ftp.php

        Mandrake Linux 8.1/IA64.
        Mandrake Upgrade samba-doc-2.2.7a-8.1mdk.ia64.rpm
        
        http://www.mandrakesecure.net/en/ftp.php

        Mandrake Linux 8.1/IA64.
        Mandrake Upgrade samba-server-2.2.7a-8.1mdk.ia64.rpm
        
        http://www.mandrakesecure.net/en/ftp.php

        Mandrake Linux 8.1/IA64.
        Mandrake Upgrade samba-swat-2.2.7a-8.1mdk.ia64.rpm
        
        http://www.mandrakesecure.net/en/ftp.php

        Mandrake Linux 8.1/IA64.
        Mandrake Upgrade nss_wins-2.2.7a-8.1mdk.i586.rpm
        
        http://www.mandrakesecure.net/en/ftp.php

        Mandrake Linux 8.2.
        Mandrake Upgrade samba-client-2.2.7a-8.1mdk.i586.rpm
        
        http://www.mandrakesecure.net/en/ftp.php

        Mandrake Linux 8.2.
        Mandrake Upgrade samba-common-2.2.7a-8.1mdk.i586.rpm
        
        http://www.mandrakesecure.net/en/ftp.php

        Mandrake Linux 8.2.
        Mandrake Upgrade samba-doc-2.2.7a-8.1mdk.i586.rpm
        
        http://www.mandrakesecure.net/en/ftp.php

        Mandrake Linux 8.2.
        Mandrake Upgrade samba-server-2.2.7a-8.1mdk.i586.rpm
        
        http://www.mandrakesecure.net/en/ftp.php

        Mandrake Linux 8.2.
        Mandrake Upgrade samba-swat-2.2.7a-8.1mdk.i586.rpm
        
        http://www.mandrakesecure.net/en/ftp.php

        Mandrake Linux 8.2.
        Mandrake Upgrade samba-winbind-2.2.7a-8.1mdk.i586.rpm
        
        http://www.mandrakesecure.net/en/ftp.php

        Mandrake Linux 8.2.
        Mandrake Upgrade nss_wins-2.2.7a-8.1mdk.ppc.rpm
        
        http://www.mandrakesecure.net/en/ftp.php

        Mandrake Linux 8.2/PPC.
        Mandrake Upgrade samba-client-2.2.7a-8.1mdk.ppc.rpm
        
        http://www.mandrakesecure.net/en/ftp.php

        Mandrake Linux 8.2/PPC.
        Mandrake Upgrade samba-common-2.2.7a-8.1mdk.ppc.rpm
        
        http://www.mandrakesecure.net/en/ftp.php

        Mandrake Linux 8.2/PPC.
        Mandrake Upgrade samba-doc-2.2.7a-8.1mdk.ppc.rpm
        
        http://www.mandrakesecure.net/en/ftp.php

        Mandrake Linux 8.2/PPC.
        Mandrake Upgrade samba-server-2.2.7a-8.1mdk.ppc.rpm
        
        http://www.mandrakesecure.net/en/ftp.php

        Mandrake Linux 8.2/PPC.
        Mandrake Upgrade samba-swat-2.2.7a-8.1mdk.ppc.rpm
        
        http://www.mandrakesecure.net/en/ftp.php

        Mandrake Linux 8.2/PPC.
        Mandrake Upgrade samba-winbind-2.2.7a-8.1mdk.ppc.rpm
        
        http://www.mandrakesecure.net/en/ftp.php

        Mandrake Linux 8.2/PPC.
        Mand

- 漏洞信息

12642
Samba .reg File Race Condition Arbitrary File Overwrite
Input Manipulation, Race Condition
Loss of Integrity Upgrade
Vendor Verified

- 漏洞描述

- 时间线

2003-03-15 Unknow
Unknow Unknow

- 解决方案

Upgrade to version 2.2.8 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Samba REG File Writing Race Condition Vulnerability
Race Condition Error 7107
No Yes
2003-03-15 12:00:00 2009-07-11 09:06:00
Discovery of this vulnerability credited to Sebastian Krahmer <krahmer at suse.de>.

- 受影响的程序版本

Samba Samba 2.2.7 a
+ MandrakeSoft Corporate Server 2.1 x86_64
+ MandrakeSoft Corporate Server 2.1 x86_64
+ MandrakeSoft Corporate Server 2.1
+ MandrakeSoft Corporate Server 2.1
+ MandrakeSoft Multi Network Firewall 2.0
+ MandrakeSoft Multi Network Firewall 2.0
+ Mandriva Linux Mandrake 9.1 ppc
+ Mandriva Linux Mandrake 9.1 ppc
+ Mandriva Linux Mandrake 9.1
+ Mandriva Linux Mandrake 9.1
+ Mandriva Linux Mandrake 9.0
+ Mandriva Linux Mandrake 9.0
+ Mandriva Linux Mandrake 8.2 ppc
+ Mandriva Linux Mandrake 8.2 ppc
+ Mandriva Linux Mandrake 8.2
+ Mandriva Linux Mandrake 8.2
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1
+ Mandriva Linux Mandrake 8.1
+ Mandriva Linux Mandrake 8.0 ppc
+ Mandriva Linux Mandrake 8.0 ppc
+ Mandriva Linux Mandrake 8.0
+ Mandriva Linux Mandrake 8.0
+ OpenPKG OpenPKG 1.2
+ OpenPKG OpenPKG 1.2
+ OpenPKG OpenPKG 1.1
+ RedHat Linux 9.0 i386
+ RedHat Linux 9.0 i386
+ S.u.S.E. Linux Personal 8.2
+ S.u.S.E. Linux Personal 8.2
+ Slackware Linux 8.1
+ Slackware Linux 8.1
+ Turbolinux Appliance Server Hosting Edition 1.0
+ Turbolinux Appliance Server Hosting Edition 1.0
+ Turbolinux Appliance Server Workgroup Edition 1.0
+ Turbolinux Appliance Server Workgroup Edition 1.0
+ Turbolinux Home
+ Turbolinux Turbolinux Desktop 10.0
+ Turbolinux Turbolinux Desktop 10.0
+ Turbolinux Turbolinux Server 8.0
+ Turbolinux Turbolinux Server 8.0
+ Turbolinux Turbolinux Server 7.0
+ Turbolinux Turbolinux Server 7.0
+ Turbolinux Turbolinux Workstation 8.0
+ Turbolinux Turbolinux Workstation 8.0
+ Turbolinux Turbolinux Workstation 7.0
+ Turbolinux Turbolinux Workstation 7.0
Samba Samba 2.2.7
+ RedHat Linux 8.0 i386
+ RedHat Linux 8.0
+ RedHat Linux 7.3 i386
+ RedHat Linux 7.3
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i686
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.2
+ Sun Linux 5.0.6
+ Sun Solaris 9_x86
+ Sun Solaris 9_x86
+ Sun Solaris 9
+ Sun Solaris 9
Samba Samba 2.2.6
+ Mandriva Linux Mandrake 9.0
Samba Samba 2.2.5
+ Apple Mac OS X 10.2.4
+ Apple Mac OS X 10.2.4
+ Apple Mac OS X 10.2.3
+ Apple Mac OS X 10.2.3
+ Apple Mac OS X 10.2.2
+ Apple Mac OS X 10.2.2
+ Apple Mac OS X 10.2.1
+ Apple Mac OS X 10.2.1
+ Apple Mac OS X 10.2
+ Apple Mac OS X 10.2
+ Gentoo Linux 1.4 _rc3
+ Gentoo Linux 1.4 _rc3
+ HP CIFS/9000 Server A.01.09.02
+ HP CIFS/9000 Server A.01.09.01
+ HP CIFS/9000 Server A.01.09.01
+ HP CIFS/9000 Server A.01.09
+ HP CIFS/9000 Server A.01.09
+ HP CIFS/9000 Server A.01.08.01
+ HP CIFS/9000 Server A.01.08.01
+ HP CIFS/9000 Server A.01.08
+ HP CIFS/9000 Server A.01.08
+ HP CIFS/9000 Server A.01.07
+ HP CIFS/9000 Server A.01.07
+ HP CIFS/9000 Server A.01.06
+ HP CIFS/9000 Server A.01.06
+ HP CIFS/9000 Server A.01.05
+ HP CIFS/9000 Server A.01.05
+ OpenPKG OpenPKG 1.1
+ OpenPKG OpenPKG 1.1
+ RedHat Linux 8.0 i686
+ RedHat Linux 8.0 i686
+ RedHat Linux 8.0 i386
+ RedHat Linux 8.0 i386
+ RedHat Linux 8.0
+ RedHat Linux 8.0
+ S.u.S.E. Linux 8.1
+ S.u.S.E. Linux 8.1
Samba Samba 2.2.4
+ Slackware Linux 8.1
Samba Samba 2.2.3 a
+ Conectiva Linux 8.0
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
+ Debian Linux 3.0
+ Mandriva Linux Mandrake 8.2 ppc
+ Mandriva Linux Mandrake 8.2 ppc
+ Mandriva Linux Mandrake 8.2
+ Mandriva Linux Mandrake 8.2
+ RedHat Linux 7.3 i686
+ RedHat Linux 7.3 i686
+ RedHat Linux 7.3 i386
+ RedHat Linux 7.3 i386
+ RedHat Linux 7.3
+ RedHat Linux 7.3
+ S.u.S.E. Linux 8.0 i386
+ S.u.S.E. Linux 8.0 i386
+ S.u.S.E. Linux 8.0
+ S.u.S.E. Linux 8.0
Samba Samba 2.2.3
+ Apple Mac OS X 10.2.4
+ Apple Mac OS X 10.2.4
+ Apple Mac OS X Server 10.2.4
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
+ Mandriva Linux Mandrake 8.2 ppc
+ Mandriva Linux Mandrake 8.2
Samba Samba 2.2.2
+ Caldera OpenLinux Server 3.1.1
+ Caldera OpenLinux Server 3.1.1
+ Caldera OpenLinux Server 3.1
+ Caldera OpenLinux Workstation 3.1.1
+ Caldera OpenLinux Workstation 3.1.1
+ Caldera OpenLinux Workstation 3.1
+ Conectiva Linux 7.0
+ Conectiva Linux 7.0
+ Conectiva Linux 6.0
+ Conectiva Linux 6.0
+ HP CIFS/9000 Server A.01.09
+ HP CIFS/9000 Server A.01.08.01
+ HP CIFS/9000 Server A.01.08.01
+ HP CIFS/9000 Server A.01.08
+ HP CIFS/9000 Server A.01.08
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1
+ Mandriva Linux Mandrake 8.1
+ OpenPKG OpenPKG 1.0
+ OpenPKG OpenPKG 1.0
Samba Samba 2.2.1 a
+ RedHat Linux 7.2 i686
+ RedHat Linux 7.2 i686
+ RedHat Linux 7.2 i586
+ RedHat Linux 7.2 i586
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.2 athlon
+ RedHat Linux 7.2 athlon
+ RedHat Linux 7.2
+ RedHat Linux 7.2
+ S.u.S.E. Linux 7.3 sparc
+ S.u.S.E. Linux 7.3 sparc
+ S.u.S.E. Linux 7.3 ppc
+ S.u.S.E. Linux 7.3 ppc
+ S.u.S.E. Linux 7.3 i386
+ S.u.S.E. Linux 7.3 i386
+ S.u.S.E. Linux 7.3
+ S.u.S.E. Linux 7.3
+ Sun Linux 5.0
+ Sun LX50
Samba Samba 2.2 .0a
+ S.u.S.E. Linux 7.2 i386
+ S.u.S.E. Linux 7.2
+ S.u.S.E. Linux 7.2
+ Slackware Linux 8.0
+ Slackware Linux 8.0
Samba Samba 2.2 .0
- S.u.S.E. Linux 7.2
Samba Samba 2.0.10
+ S.u.S.E. Linux 7.1 x86
+ S.u.S.E. Linux 7.1 x86
+ S.u.S.E. Linux 7.1 sparc
+ S.u.S.E. Linux 7.1 sparc
+ S.u.S.E. Linux 7.1 ppc
+ S.u.S.E. Linux 7.1 ppc
+ S.u.S.E. Linux 7.1 alpha
+ S.u.S.E. Linux 7.1 alpha
+ S.u.S.E. Linux 7.1
+ S.u.S.E. Linux 7.1
+ Veritas Software ServPoint NAS 3.5
+ Veritas Software ServPoint NAS 1.2.2
+ Veritas Software ServPoint NAS 1.2.2
+ Veritas Software ServPoint NAS 1.2.1
+ Veritas Software ServPoint NAS 1.2.1
+ Veritas Software ServPoint NAS 1.2
+ Veritas Software ServPoint NAS 1.2
+ Veritas Software ServPoint NAS 1.1
+ Veritas Software ServPoint NAS 1.1
+ Wirex Immunix OS 7+
+ Wirex Immunix OS 7+
Samba Samba 2.0.9
- Apple Mac OS X 10.0.4
- Apple Mac OS X 10.0.4
- Apple Mac OS X Server 10.0
- Apple Mac OS X Server 10.0
- Caldera OpenLinux Server 3.1
- Caldera OpenLinux Workstation 3.1
- Caldera OpenLinux Workstation 3.1
+ Conectiva Linux 6.0
+ Conectiva Linux 6.0
- Debian Linux 2.2
- Debian Linux 2.2
- Red Hat Linux 6.2
- Red Hat Linux 6.2
- RedHat Linux 7.1
- RedHat Linux 7.1
- RedHat Linux 7.0
- RedHat Linux 7.0
- S.u.S.E. Linux 7.1 sparc
- S.u.S.E. Linux 7.1 sparc
- S.u.S.E. Linux 7.1 ppc
- S.u.S.E. Linux 7.1 ppc
- S.u.S.E. Linux 7.1 alpha
- S.u.S.E. Linux 7.1 alpha
- S.u.S.E. Linux 7.1
- S.u.S.E. Linux 7.1
- S.u.S.E. Linux 7.0 sparc
- S.u.S.E. Linux 7.0 sparc
- S.u.S.E. Linux 7.0 ppc
- S.u.S.E. Linux 7.0 ppc
- S.u.S.E. Linux 7.0 alpha
- S.u.S.E. Linux 7.0 alpha
- S.u.S.E. Linux 7.0
- S.u.S.E. Linux 7.0
- S.u.S.E. Linux 6.4 ppc
- S.u.S.E. Linux 6.4 ppc
- S.u.S.E. Linux 6.4 alpha
- S.u.S.E. Linux 6.4 alpha
- S.u.S.E. Linux 6.4
- S.u.S.E. Linux 6.4
- S.u.S.E. Linux 6.3 alpha
- S.u.S.E. Linux 6.3 alpha
- S.u.S.E. Linux 6.3
- S.u.S.E. Linux 6.3
- Sun Solaris 8_x86
- Sun Solaris 8_x86
- Sun Solaris 8_sparc
- Sun Solaris 8_sparc
- Sun Solaris 7.0_x86
- Sun Solaris 7.0_x86
- Sun Solaris 7.0
- Sun Solaris 7.0
- Trustix Secure Linux 1.2
- Trustix Secure Linux 1.2
- Trustix Secure Linux 1.1
- Trustix Secure Linux 1.1
- Wirex Immunix OS 7.0 -Beta
- Wirex Immunix OS 7.0 -Beta
- Wirex Immunix OS 7.0
- Wirex Immunix OS 7.0
- Wirex Immunix OS 6.2
- Wirex Immunix OS 6.2
Samba Samba 2.0.8
- Caldera OpenLinux 2.4
- Caldera OpenLinux 2.4
- Conectiva Linux 6.0
- Conectiva Linux 6.0
- Conectiva Linux 5.1
- Conectiva Linux 5.1
- Conectiva Linux 5.0
- Conectiva Linux 5.0
- Conectiva Linux 4.2
- Conectiva Linux 4.2
- Conectiva Linux 4.1
- Conectiva Linux 4.1
- Conectiva Linux 4.0 es
- Conectiva Linux 4.0 es
- Conectiva Linux 4.0
- Conectiva Linux 4.0
- Conectiva Linux graficas
- Conectiva Linux graficas
- Conectiva Linux ecommerce
- Conectiva Linux ecommerce
- Debian Linux 2.2 sparc
- Debian Linux 2.2 sparc
- Debian Linux 2.2 powerpc
- Debian Linux 2.2 powerpc
- Debian Linux 2.2 arm
- Debian Linux 2.2 arm
- Debian Linux 2.2 alpha
- Debian Linux 2.2 alpha
- Debian Linux 2.2 68k
- Debian Linux 2.2 68k
- Debian Linux 2.2
- Debian Linux 2.2
- RedHat Linux 7.1 i386
- RedHat Linux 7.1 i386
- RedHat Linux 7.1 alpha
- RedHat Linux 7.0 i386
- RedHat Linux 7.0 i386
- RedHat Linux 7.0 alpha
- RedHat Linux 7.0 alpha
- RedHat Linux 6.2 sparc
- RedHat Linux 6.2 sparc
- RedHat Linux 6.2 i386
- RedHat Linux 6.2 i386
- RedHat Linux 6.2 alpha
- RedHat Linux 6.2 alpha
- RedHat Linux 5.2 sparc
- RedHat Linux 5.2 sparc
- RedHat Linux 5.2 i386
- RedHat Linux 5.2 i386
- RedHat Linux 5.2 alpha
- RedHat Linux 5.2 alpha
- S.u.S.E. Linux 7.1
- S.u.S.E. Linux 7.1
- S.u.S.E. Linux 7.0
- S.u.S.E. Linux 7.0
- S.u.S.E. Linux 6.4
- S.u.S.E. Linux 6.4
- SCO eDesktop 2.4
- SCO eDesktop 2.4
- SCO eServer 2.3.1
- SCO eServer 2.3.1
- Sun Solaris 8_x86
- Sun Solaris 8_x86
- Sun Solaris 8_sparc
- Sun Solaris 8_sparc
- Sun Solaris 7.0_x86
- Sun Solaris 7.0_x86
- Sun Solaris 7.0
- Sun Solaris 7.0
- Wirex Immunix OS 7.0 -Beta
- Wirex Immunix OS 7.0 -Beta
- Wirex Immunix OS 7.0
- Wirex Immunix OS 7.0
- Wirex Immunix OS 6.2
- Wirex Immunix OS 6.2
Samba Samba 2.0.7
+ Caldera OpenLinux 2.3
+ Caldera OpenLinux 2.3
+ Conectiva Linux 6.0
+ Conectiva Linux 6.0
+ Conectiva Linux 5.1
+ Conectiva Linux 5.1
+ Conectiva Linux 5.0
+ Conectiva Linux 5.0
+ Conectiva Linux 4.2
+ Conectiva Linux 4.2
+ Conectiva Linux 4.1
+ Conectiva Linux 4.1
+ Conectiva Linux 4.0 es
+ Conectiva Linux 4.0 es
+ Conectiva Linux 4.0
+ Conectiva Linux 4.0
+ Conectiva Linux graficas
+ Conectiva Linux ecommerce
+ Conectiva Linux ecommerce
+ Debian Linux 2.3 sparc
+ Debian Linux 2.3 sparc
+ Debian Linux 2.3 powerpc
+ Debian Linux 2.3 powerpc
+ Debian Linux 2.3 alpha
+ Debian Linux 2.3 alpha
+ Debian Linux 2.3
+ Debian Linux 2.3
+ Debian Linux 2.2 sparc
+ Debian Linux 2.2 sparc
+ Debian Linux 2.2 powerpc
+ Debian Linux 2.2 powerpc
+ Debian Linux 2.2 arm
+ Debian Linux 2.2 arm
+ Debian Linux 2.2 alpha
+ Debian Linux 2.2 alpha
+ Debian Linux 2.2 68k
+ Debian Linux 2.2 68k
+ Debian Linux 2.2
+ Debian Linux 2.2
- FreeBSD FreeBSD 5.0
- FreeBSD FreeBSD 5.0
- FreeBSD FreeBSD 4.2
- FreeBSD FreeBSD 4.2
+ Mandriva Linux Mandrake 7.1
+ Mandriva Linux Mandrake 7.1
+ Mandriva Linux Mandrake 7.0
+ Mandriva Linux Mandrake 7.0
+ Progeny Debian 1.0
+ Progeny Debian 1.0
+ RedHat Linux 7.1 i686
+ RedHat Linux 7.1 i686
+ RedHat Linux 7.1 i586
+ RedHat Linux 7.1 i586
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1
+ RedHat Linux 7.1
+ RedHat Linux 7.0 i686
+ RedHat Linux 7.0 i686
+ RedHat Linux 7.0 i386
+ RedHat Linux 7.0 i386
+ RedHat Linux 7.0
+ RedHat Linux 7.0
+ RedHat Linux 6.2 E sparc
+ RedHat Linux 6.2 E i386
+ RedHat Linux 6.2 E alpha
+ RedHat Linux 6.2 sparc
+ RedHat Linux 6.2 i386
+ RedHat Linux 6.2 alpha
+ RedHat Linux 6.1 sparc
+ RedHat Linux 6.1 i386
+ RedHat Linux 6.1 alpha
+ SCO eDesktop 2.4
+ SCO eDesktop 2.4
+ SCO eServer 2.3.1
+ SCO eServer 2.3.1
+ Sun Cobalt Qube3 4000WG
+ Sun Cobalt Qube3 4000WG
+ Sun Cobalt RaQ 550 4100R
+ Sun Cobalt RaQ 550 4100R
+ Sun Cobalt RaQ XTR 3500R
+ Sun Cobalt RaQ XTR 3500R
+ Trustix Secure Linux 1.2
+ Trustix Secure Linux 1.2
+ Trustix Secure Linux 1.1
+ Trustix Secure Linux 1.1
+ Wirex Immunix OS 7.0 -Beta
+ Wirex Immunix OS 7.0 -Beta
+ Wirex Immunix OS 7.0
+ Wirex Immunix OS 7.0
+ Wirex Immunix OS 6.2
+ Wirex Immunix OS 6.2
Samba Samba 2.0.6
+ Red Hat Linux 6.2
+ Red Hat Linux 6.2
+ RedHat Linux 6.2 sparcv9
+ RedHat Linux 6.2 sparcv9
+ RedHat Linux 6.2 E sparc
+ RedHat Linux 6.2 E sparc
+ RedHat Linux 6.2 E i386
+ RedHat Linux 6.2 E i386
+ RedHat Linux 6.2 E alpha
+ RedHat Linux 6.2 E alpha
+ RedHat Linux 6.2 sparc
+ RedHat Linux 6.2 sparc
+ RedHat Linux 6.2 i386
+ RedHat Linux 6.2 i386
+ RedHat Linux 6.2 alpha
+ RedHat Linux 6.2 alpha
+ Sun Cobalt RaQ4 3001R
Samba Samba 2.0.5
- Caldera OpenLinux 2.3
- Caldera OpenLinux 2.3
- SCO eServer 2.3.1
Samba Samba 2.0.4
+ Debian Linux 2.1
+ RedHat Linux 6.0
+ RedHat Linux 6.0
+ RedHat Linux 5.2 i386
+ RedHat Linux 5.2 i386
+ RedHat Linux 4.2
+ RedHat Linux 4.2
Samba Samba 2.0.3
Samba Samba 2.0.2
Samba Samba 2.0.1
Samba Samba 2.0 .0
Samba Samba 2.2.8
+ Conectiva Linux 8.0
+ Conectiva Linux 8.0
+ Conectiva Linux 7.0
+ Conectiva Linux 7.0
+ FreeBSD FreeBSD 5.0
+ FreeBSD FreeBSD 5.0
+ FreeBSD FreeBSD 4.8
+ FreeBSD FreeBSD 4.8
+ FreeBSD FreeBSD 4.7
+ FreeBSD FreeBSD 4.7
+ FreeBSD FreeBSD 4.6
+ FreeBSD FreeBSD 4.6
+ Mandriva Linux Mandrake 9.2 amd64
+ Mandriva Linux Mandrake 9.2
+ Mandriva Linux Mandrake 9.2
+ Trustix Secure Linux 1.5
+ Trustix Secure Linux 1.5
+ Trustix Secure Linux 1.2
+ Trustix Secure Linux 1.2

- 不受影响的程序版本

Samba Samba 2.2.8
+ Conectiva Linux 8.0
+ Conectiva Linux 8.0
+ Conectiva Linux 7.0
+ Conectiva Linux 7.0
+ FreeBSD FreeBSD 5.0
+ FreeBSD FreeBSD 5.0
+ FreeBSD FreeBSD 4.8
+ FreeBSD FreeBSD 4.8
+ FreeBSD FreeBSD 4.7
+ FreeBSD FreeBSD 4.7
+ FreeBSD FreeBSD 4.6
+ FreeBSD FreeBSD 4.6
+ Mandriva Linux Mandrake 9.2 amd64
+ Mandriva Linux Mandrake 9.2
+ Mandriva Linux Mandrake 9.2
+ Trustix Secure Linux 1.5
+ Trustix Secure Linux 1.5
+ Trustix Secure Linux 1.2
+ Trustix Secure Linux 1.2

- 漏洞讨论

A race condition vulnerability has been reported for Samba. The vulnerability occurs when Samba attempts to write reg files. However, it may be possible to create a symbolic link in a crucial point of program execution that would result in the overwriting of files pointed to by the link. This will only occur if the files are writeable by the Samba process.

Successful exploitation may cause local files to be corrupted. If files can be corrupted with custom data, this may result in privilege elevation.

Full details of this vulnerability are not currently known. The BID will be updated as further details are disclosed.

- 漏洞利用

There is no exploit required.

- 解决方案

Gentoo Linux have released an advisory that addresses this vulnerability (200303-11), users who are running net-fs/samba are advised to upgrade to samba-2.2.8 using the following commands:

emerge sync
emerge samba
emerge clean

Debian has released an advisory. Information about obtaining and applying fixes are available in the referenced advisory.

An advisory for Sorcerer Linux is available which addresses this issue. It is possible to update to Samba 2.2.8 with the following commands:

augur synch && augur update

Mandrake has released an advisory (MDKSA-2003:032) which includes fixes for this issue. Please see the attached advisory for further details on obtaining and applying fixes.

SGI has released a security advisory. An updated version of Samba is available for Irix via the Samba website. However, Samba is not a default package for the Irix operating system.

Conectiva has released an advisory (CLA-2003:615) which addresses this vulnerability. Please see the attached advisory for details on obtaining and applying fixes.

Fixes available:


Samba Samba 2.0 .0

Samba Samba 2.0.1

Samba Samba 2.0.10

Samba Samba 2.0.2

Samba Samba 2.0.3

Samba Samba 2.0.4

Samba Samba 2.0.5

Samba Samba 2.0.6

Samba Samba 2.0.7

Samba Samba 2.0.8

Samba Samba 2.0.9

Samba Samba 2.2 .0

Samba Samba 2.2 .0a

Samba Samba 2.2.1 a

Samba Samba 2.2.2

Samba Samba 2.2.3 a

Samba Samba 2.2.3

Samba Samba 2.2.4

Samba Samba 2.2.5

Samba Samba 2.2.6

Samba Samba 2.2.7 a

Samba Samba 2.2.7

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站