Operating System - HP-UX
1834254 Members
2386 Online
110066 Solutions
New Discussion

Sec. Vulnerability in CIFS/9000 Samba Server2 2

 
Berlene Herren
Honored Contributor

Sec. Vulnerability in CIFS/9000 Samba Server2 2

PROBLEM: CIFS/9000 Server 2.2 buffer overflow vulnerability.

IMPACT: Potential root access.

PLATFORM: HP 9000 servers running the following CIFS Server versions:

- A.01.08
- A.01.08.01
- A.01.09

SOLUTION: Update to CIFS Server 2.2 version A.01.09.01

MANUAL ACTIONS: Yes - Update to version A.01.09.01

AVAILABILITY: CIFS Server 2.2 version A.01.09.01 is currently available from:
<>
A. Background
A buffer overrun has been discovered in the HP CIFS Server version A.01.09 and earlier. There is no known exploit of this vulnerability, and the Samba Team has not been able to
craft one themselves.
Nevertheless, the Samba Team has judged the vulnerability
significant and announced the defect and fix in their latest release. HP has integrated the fix into the latest release of CIFS Server 2.2
For additional details, see:
http://www.samba.org/samba/whatsnew/samba-2.2.7.html

B. Recommended solution
Upgrade to CIFS Server 2.2 version A.01.09.01
which is currently available from:

<>

It is the product B8725AA, CIFS/9000 Server 2.2.c.

Berlene
http://www.mindspring.com/~bkherren/dobes/index.htm
1 REPLY 1
Michael Elleby III_1
Trusted Contributor

Re: Sec. Vulnerability in CIFS/9000 Samba Server2 2

Hello-

I'm currently running A.01.07.. I know you didn't list in this version, but should I think about upgrading to A.01.09.01?

Thanx.

Mike-
Knowledge Is Power