-----BEGIN PGP SIGNED MESSAGE----- Subject: Caldera Security Advisory SA-1998.26: Buffer overflows in samba Topic: Buffer overflows in samba. Advisory issue date: August 28 1998 I. Problem Description There are several instances where buffer overflows in samba could be exploited. II. Impact Vulnerable Systems: OpenLinux 1.0, 1.1, & 1.2 systems using a samba package prior to samba-1.9.18p8-2. III. Solution Correction: The proper solution is to Upgrade to the samba-1.9.18p8-2 packages. They can be found on Caldera's FTP site at: ftp://ftp.caldera.com/pub/OpenLinux/updates/1.2/013/RPMS The corresponding source code can be found at: ftp://ftp.caldera.com/pub/OpenLinux/updates/1.2/013/SRPMS The MD5 checksums (from the "md5sum" command) for these packages are: b799dd50683181eccbdace2bdd420caf RPMS/samba-1.9.18p8-2.i386.rpm 60e4a0df02716d3d447a0011fef214be SRPMS/samba-1.9.18p8-2.src.rpm Upgrade with the following commands: rpm -q samba && rpm -U RPMS/samba-1.9.18p8-2.i386.rpm IV. References This and other Caldera security resources are located at: http://www.caldera.com/news/security/index.html Additional documentation on this problem can be found in --- Message-ID: Date: Sun, 10 May 1998 12:43:32 -0400 Reply-To: Drago Sender: Bugtraq List From: Drago Subject: Samba problems X-To: samba-bugs@samba.anu.edu.au To: BUGTRAQ@NETSPACE.ORG --- This security fix closes Caldera's internal Problem Report 4007. V. PGP Signature This message was signed with the PGP key for security@caldera.com. This key can be obtained from: ftp://ftp.caldera.com/pub/pgp-keys/ Or on an OpenLinux CDROM under: /OpenLinux/pgp-keys/ -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: noconv iQCVAwUBNebJMun+9R4958LpAQHf0wP7BmNT/QnvUcbstJh2JbRAFwr3i8M6mAVb O51gwFNJSDBxTMA/pSvq/aQ0DOF5B0ITX/fEKPkhK+1CKZ14ZqMm7uPhvZbSqEXv ND8aQdskqW6urU+blQJLK0q7z/pHvZ9meBhCfgZux2r2lHwC1v0ZVZFW08N+KoXd 8TbBEpHeZCM= =NYfm -----END PGP SIGNATURE-----