Oval Definition:oval:com.redhat.rhsa:def:20100488
Revision Date:2010-06-16Version:640
Title:RHSA-2010:0488: samba and samba3x security update (Critical)
Description:Samba is a suite of programs used by machines to share files, printers, and other information.

  • An input sanitization flaw was found in the way Samba parsed client data. A malicious client could send a specially-crafted SMB packet to the Samba server, resulting in arbitrary code execution with the privileges of the Samba server (smbd). (CVE-2010-2063)

    Red Hat would like to thank the Samba team for responsibly reporting this issue. Upstream acknowledges Jun Mao as the original reporter.

    Users of Samba are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing this update, the smb service will be restarted automatically.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2010-2063
    RHSA-2010:0488
    RHSA-2010:0488-01
    RHSA-2010:0488-01
    Platform(s):Red Hat Enterprise Linux 3
    Red Hat Enterprise Linux 4
    Red Hat Enterprise Linux 5
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 3 is installed
  • AND
  • samba-swat is earlier than 0:3.0.9-1.3E.17
  • AND samba-swat is signed with Red Hat master key
  • samba-client is earlier than 0:3.0.9-1.3E.17
  • AND samba-client is signed with Red Hat master key
  • samba-common is earlier than 0:3.0.9-1.3E.17
  • AND samba-common is signed with Red Hat master key
  • samba is earlier than 0:3.0.9-1.3E.17
  • AND samba is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • samba is earlier than 0:3.0.33-0.19.el4_8.1
  • AND samba is signed with Red Hat master key
  • samba-common is earlier than 0:3.0.33-0.19.el4_8.1
  • AND samba-common is signed with Red Hat master key
  • samba-client is earlier than 0:3.0.33-0.19.el4_8.1
  • AND samba-client is signed with Red Hat master key
  • samba-swat is earlier than 0:3.0.33-0.19.el4_8.1
  • AND samba-swat is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • libsmbclient-devel is earlier than 0:3.0.33-3.29.el5_5
  • AND libsmbclient-devel is signed with Red Hat redhatrelease key
  • samba-swat is earlier than 0:3.0.33-3.29.el5_5
  • AND samba-swat is signed with Red Hat redhatrelease key
  • samba-client is earlier than 0:3.0.33-3.29.el5_5
  • AND samba-client is signed with Red Hat redhatrelease key
  • samba is earlier than 0:3.0.33-3.29.el5_5
  • AND samba is signed with Red Hat redhatrelease key
  • samba-common is earlier than 0:3.0.33-3.29.el5_5
  • AND samba-common is signed with Red Hat redhatrelease key
  • libsmbclient is earlier than 0:3.0.33-3.29.el5_5
  • AND libsmbclient is signed with Red Hat redhatrelease key
  • samba3x-doc is earlier than 0:3.3.8-0.52.el5_5
  • AND samba3x-doc is signed with Red Hat redhatrelease key
  • samba3x-common is earlier than 0:3.3.8-0.52.el5_5
  • AND samba3x-common is signed with Red Hat redhatrelease key
  • libtalloc is earlier than 0:1.2.0-52.el5_5
  • AND libtalloc is signed with Red Hat redhatrelease key
  • samba3x-client is earlier than 0:3.3.8-0.52.el5_5
  • AND samba3x-client is signed with Red Hat redhatrelease key
  • libtdb is earlier than 0:1.1.2-52.el5_5
  • AND libtdb is signed with Red Hat redhatrelease key
  • samba3x-swat is earlier than 0:3.3.8-0.52.el5_5
  • AND samba3x-swat is signed with Red Hat redhatrelease key
  • samba3x-winbind is earlier than 0:3.3.8-0.52.el5_5
  • AND samba3x-winbind is signed with Red Hat redhatrelease key
  • libtdb-devel is earlier than 0:1.1.2-52.el5_5
  • AND libtdb-devel is signed with Red Hat redhatrelease key
  • samba3x-domainjoin-gui is earlier than 0:3.3.8-0.52.el5_5
  • AND samba3x-domainjoin-gui is signed with Red Hat redhatrelease key
  • samba3x is earlier than 0:3.3.8-0.52.el5_5
  • AND samba3x is signed with Red Hat redhatrelease key
  • samba3x-winbind-devel is earlier than 0:3.3.8-0.52.el5_5
  • AND samba3x-winbind-devel is signed with Red Hat redhatrelease key
  • tdb-tools is earlier than 0:1.1.2-52.el5_5
  • AND tdb-tools is signed with Red Hat redhatrelease key
  • libtalloc-devel is earlier than 0:1.2.0-52.el5_5
  • AND libtalloc-devel is signed with Red Hat redhatrelease key
    • Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • samba is earlier than 0:3.0.33-0.19.el4_8.1
  • AND samba is signed with Red Hat redhatrelease2 key
  • samba-client is earlier than 0:3.0.33-0.19.el4_8.1
  • AND samba-client is signed with Red Hat redhatrelease2 key
  • samba-common is earlier than 0:3.0.33-0.19.el4_8.1
  • AND samba-common is signed with Red Hat redhatrelease2 key
  • samba-swat is earlier than 0:3.0.33-0.19.el4_8.1
  • AND samba-swat is signed with Red Hat redhatrelease2 key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • libsmbclient is earlier than 0:3.0.33-3.29.el5_5
  • AND libsmbclient is signed with Red Hat redhatrelease2 key
  • libsmbclient-devel is earlier than 0:3.0.33-3.29.el5_5
  • AND libsmbclient-devel is signed with Red Hat redhatrelease2 key
  • samba is earlier than 0:3.0.33-3.29.el5_5
  • AND samba is signed with Red Hat redhatrelease2 key
  • samba-client is earlier than 0:3.0.33-3.29.el5_5
  • AND samba-client is signed with Red Hat redhatrelease2 key
  • samba-common is earlier than 0:3.0.33-3.29.el5_5
  • AND samba-common is signed with Red Hat redhatrelease2 key
  • samba-swat is earlier than 0:3.0.33-3.29.el5_5
  • AND samba-swat is signed with Red Hat redhatrelease2 key
  • libtalloc is earlier than 0:1.2.0-52.el5_5
  • AND libtalloc is signed with Red Hat redhatrelease2 key
  • libtalloc-devel is earlier than 0:1.2.0-52.el5_5
  • AND libtalloc-devel is signed with Red Hat redhatrelease2 key
  • libtdb is earlier than 0:1.1.2-52.el5_5
  • AND libtdb is signed with Red Hat redhatrelease2 key
  • libtdb-devel is earlier than 0:1.1.2-52.el5_5
  • AND libtdb-devel is signed with Red Hat redhatrelease2 key
  • samba3x is earlier than 0:3.3.8-0.52.el5_5
  • AND samba3x is signed with Red Hat redhatrelease2 key
  • samba3x-client is earlier than 0:3.3.8-0.52.el5_5
  • AND samba3x-client is signed with Red Hat redhatrelease2 key
  • samba3x-common is earlier than 0:3.3.8-0.52.el5_5
  • AND samba3x-common is signed with Red Hat redhatrelease2 key
  • samba3x-doc is earlier than 0:3.3.8-0.52.el5_5
  • AND samba3x-doc is signed with Red Hat redhatrelease2 key
  • samba3x-domainjoin-gui is earlier than 0:3.3.8-0.52.el5_5
  • AND samba3x-domainjoin-gui is signed with Red Hat redhatrelease2 key
  • samba3x-swat is earlier than 0:3.3.8-0.52.el5_5
  • AND samba3x-swat is signed with Red Hat redhatrelease2 key
  • samba3x-winbind is earlier than 0:3.3.8-0.52.el5_5
  • AND samba3x-winbind is signed with Red Hat redhatrelease2 key
  • samba3x-winbind-devel is earlier than 0:3.3.8-0.52.el5_5
  • AND samba3x-winbind-devel is signed with Red Hat redhatrelease2 key
  • tdb-tools is earlier than 0:1.1.2-52.el5_5
  • AND tdb-tools is signed with Red Hat redhatrelease2 key
    • BACK