New Samba release fixes three important vulnerabilities
Last Updated: 2007-05-15 06:58:35 UTC
by Maarten Van Horenbeeck (Version: 1)
The Samba project has just released version 3.0.25 of their SMB/CIFS server software. As this is widely used to serve printer and filesystem access from Unix servers to networks with Windows clients, we suggest reviewing whether you may need to upgrade.
CVE-2007-2446 is a remote code execution vulnerability through multiple heap overflows. It applies to versions 3.0.0 through 3.0.25rc3.
CVE-2007-2444 can allow a user to temporary escalate his privileges to root. It applies to versions 3.0.23d through 3.0.25pre2.
CVE-2007-2447 allows for remote code execution through unescaped input parameters to /bin/sh. A workaround consists of removing all external script invocations from the SMB configuration file. It applies to versions 3.0.0 through 3.0.25rc3.