Upstream information

CVE-2008-1105 at MITRE

Description

Heap-based buffer overflow in the receive_smb_raw function in util/sock.c in Samba 3.0.0 through 3.0.29 allows remote attackers to execute arbitrary code via a crafted SMB response.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having important severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 7.5
Vector AV:N/AC:L/Au:N/C:P/I:P/A:P
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact Partial
Integrity Impact Partial
Availability Impact Partial
SUSE Bugzilla entry: 391168 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Server 11 SP1
  • cifs-mount >= 3.4.3-1.17.2
  • ldapsmb >= 1.34b-11.17.2
  • libsmbclient0 >= 3.4.3-1.17.2
  • libsmbclient0-32bit >= 3.4.3-1.17.2
  • libsmbclient0-x86 >= 3.4.3-1.17.2
  • libtalloc1 >= 3.4.3-1.17.2
  • libtalloc1-32bit >= 3.4.3-1.17.2
  • libtalloc1-x86 >= 3.4.3-1.17.2
  • libtdb1 >= 3.4.3-1.17.2
  • libtdb1-32bit >= 3.4.3-1.17.2
  • libtdb1-x86 >= 3.4.3-1.17.2
  • libwbclient0 >= 3.4.3-1.17.2
  • libwbclient0-32bit >= 3.4.3-1.17.2
  • libwbclient0-x86 >= 3.4.3-1.17.2
  • samba >= 3.4.3-1.17.2
  • samba-32bit >= 3.4.3-1.17.2
  • samba-client >= 3.4.3-1.17.2
  • samba-client-32bit >= 3.4.3-1.17.2
  • samba-client-x86 >= 3.4.3-1.17.2
  • samba-krb-printing >= 3.4.3-1.17.2
  • samba-winbind >= 3.4.3-1.17.2
  • samba-winbind-32bit >= 3.4.3-1.17.2
  • samba-winbind-x86 >= 3.4.3-1.17.2
  • samba-x86 >= 3.4.3-1.17.2
Patchnames:
SUSE Linux Enterprise Server 11 SP1 GA cifs-mount
SUSE Linux Enterprise Server 11 SP2
  • cifs-utils >= 5.1-0.4.9
  • ldapsmb >= 1.34b-12.18.3
  • libldb1 >= 3.6.3-0.18.3
  • libsmbclient0 >= 3.6.3-0.18.3
  • libsmbclient0-32bit >= 3.6.3-0.18.3
  • libsmbclient0-x86 >= 3.6.3-0.18.3
  • libtalloc2 >= 3.6.3-0.18.3
  • libtalloc2-32bit >= 3.6.3-0.18.3
  • libtalloc2-x86 >= 3.6.3-0.18.3
  • libtdb1 >= 3.6.3-0.18.3
  • libtdb1-32bit >= 3.6.3-0.18.3
  • libtdb1-x86 >= 3.6.3-0.18.3
  • libtevent0 >= 3.6.3-0.18.3
  • libwbclient0 >= 3.6.3-0.18.3
  • libwbclient0-32bit >= 3.6.3-0.18.3
  • libwbclient0-x86 >= 3.6.3-0.18.3
  • samba >= 3.6.3-0.18.3
  • samba-32bit >= 3.6.3-0.18.3
  • samba-client >= 3.6.3-0.18.3
  • samba-client-32bit >= 3.6.3-0.18.3
  • samba-client-x86 >= 3.6.3-0.18.3
  • samba-krb-printing >= 3.6.3-0.18.3
  • samba-winbind >= 3.6.3-0.18.3
  • samba-winbind-32bit >= 3.6.3-0.18.3
  • samba-winbind-x86 >= 3.6.3-0.18.3
  • samba-x86 >= 3.6.3-0.18.3
Patchnames:
SUSE Linux Enterprise Server 11 SP2 GA cifs-utils
SUSE Linux Enterprise Server 11 SP2 GA ldapsmb
SUSE Linux Enterprise Server 11 SP3
  • cifs-utils >= 5.1-0.11.1
  • ldapsmb >= 1.34b-12.39.1
  • libldb1 >= 3.6.3-0.39.1
  • libsmbclient0 >= 3.6.3-0.39.1
  • libsmbclient0-32bit >= 3.6.3-0.39.1
  • libsmbclient0-x86 >= 3.6.3-0.39.1
  • libtalloc2 >= 3.6.3-0.39.1
  • libtalloc2-32bit >= 3.6.3-0.39.1
  • libtalloc2-x86 >= 3.6.3-0.39.1
  • libtdb1 >= 3.6.3-0.39.1
  • libtdb1-32bit >= 3.6.3-0.39.1
  • libtdb1-x86 >= 3.6.3-0.39.1
  • libtevent0 >= 3.6.3-0.39.1
  • libwbclient0 >= 3.6.3-0.39.1
  • libwbclient0-32bit >= 3.6.3-0.39.1
  • libwbclient0-x86 >= 3.6.3-0.39.1
  • samba >= 3.6.3-0.39.1
  • samba-32bit >= 3.6.3-0.39.1
  • samba-client >= 3.6.3-0.39.1
  • samba-client-32bit >= 3.6.3-0.39.1
  • samba-client-x86 >= 3.6.3-0.39.1
  • samba-krb-printing >= 3.6.3-0.39.1
  • samba-winbind >= 3.6.3-0.39.1
  • samba-winbind-32bit >= 3.6.3-0.39.1
  • samba-winbind-x86 >= 3.6.3-0.39.1
  • samba-x86 >= 3.6.3-0.39.1
Patchnames:
SUSE Linux Enterprise Server 11 SP3 GA cifs-utils
SUSE Linux Enterprise Server 11 SP3 GA ldapsmb
SUSE Linux Enterprise Server 11 SP4
  • cifs-utils >= 5.1-0.14.46
  • ldapsmb >= 1.34b-12.58.1
  • libldb1 >= 3.6.3-0.58.1
  • libsmbclient0 >= 3.6.3-0.58.1
  • libsmbclient0-32bit >= 3.6.3-0.58.1
  • libsmbclient0-x86 >= 3.6.3-0.58.1
  • libtalloc2 >= 3.6.3-0.58.1
  • libtalloc2-32bit >= 3.6.3-0.58.1
  • libtalloc2-x86 >= 3.6.3-0.58.1
  • libtdb1 >= 3.6.3-0.58.1
  • libtdb1-32bit >= 3.6.3-0.58.1
  • libtdb1-x86 >= 3.6.3-0.58.1
  • libtevent0 >= 3.6.3-0.58.1
  • libtevent0-32bit >= 3.6.3-0.58.1
  • libtevent0-x86 >= 3.6.3-0.39.1
  • libwbclient0 >= 3.6.3-0.58.1
  • libwbclient0-32bit >= 3.6.3-0.58.1
  • libwbclient0-x86 >= 3.6.3-0.58.1
  • samba >= 3.6.3-0.58.1
  • samba-32bit >= 3.6.3-0.58.1
  • samba-client >= 3.6.3-0.58.1
  • samba-client-32bit >= 3.6.3-0.58.1
  • samba-client-x86 >= 3.6.3-0.58.1
  • samba-krb-printing >= 3.6.3-0.58.1
  • samba-winbind >= 3.6.3-0.58.1
  • samba-winbind-32bit >= 3.6.3-0.58.1
  • samba-winbind-x86 >= 3.6.3-0.58.1
  • samba-x86 >= 3.6.3-0.58.1
Patchnames:
SUSE Linux Enterprise Server 11 SP4 GA cifs-utils
SUSE Linux Enterprise Server 11 SP4 GA ldapsmb
SUSE Linux Enterprise Server 11 SP4 GA libtevent0-x86
SUSE Linux Enterprise Software Development Kit 11 SP4
  • libldb-devel >= 3.6.3-0.58.1
  • libnetapi-devel >= 3.6.3-0.58.1
  • libnetapi0 >= 3.6.3-0.58.1
  • libsmbclient-devel >= 3.6.3-0.58.1
  • libsmbsharemodes-devel >= 3.6.3-0.58.1
  • libsmbsharemodes0 >= 3.6.3-0.58.1
  • libtalloc-devel >= 3.6.3-0.58.1
  • libtdb-devel >= 3.6.3-0.58.1
  • libtevent-devel >= 3.6.3-0.58.1
  • libwbclient-devel >= 3.6.3-0.58.1
  • samba-devel >= 3.6.3-0.58.1
  • samba-test >= 3.6.3-0.58.1
Patchnames:
SUSE Linux Enterprise Software Development Kit 11 SP4 GA libldb-devel
SUSE LINUX 10.1
  • cifs-mount >= 3.0.28-0.4.3
  • ldapsmb >= 1.34b-24.31.5
  • libmsrpc >= 3.0.28-0.4.3
  • libmsrpc-devel >= 3.0.28-0.4.3
  • libsmbclient >= 3.0.28-0.4.3
  • libsmbclient-32bit >= 3.0.28-0.4.3
  • libsmbclient-64bit >= 3.0.28-0.4.3
  • libsmbclient-devel >= 3.0.28-0.4.3
  • samba >= 3.0.28-0.4.3
  • samba-32bit >= 3.0.28-0.4.3
  • samba-64bit >= 3.0.28-0.4.3
  • samba-client >= 3.0.28-0.4.3
  • samba-client-32bit >= 3.0.28-0.4.3
  • samba-client-64bit >= 3.0.28-0.4.3
  • samba-pdb >= 3.0.28-0.4.3
  • samba-python >= 3.0.28-0.4.3
  • samba-vscan >= 0.3.6b-42.69.6
  • samba-winbind >= 3.0.28-0.4.3
  • samba-winbind-32bit >= 3.0.28-0.4.3
  • samba-winbind-64bit >= 3.0.28-0.4.3
SUSE Linux Enterprise SDK 10 SP2
  • libmsrpc >= 3.0.28-0.6
  • libmsrpc-devel >= 3.0.28-0.6
  • libsmbclient-devel >= 3.0.28-0.6
  • libsmbsharemodes >= 3.0.28-0.6
  • libsmbsharemodes-devel >= 3.0.28-0.6
  • samba-python >= 3.0.28-0.6
sles10-sp2.x86-64
core9.ia64
core9.x86-64
sles10-sp2.s390x
sles10-sp2.ia64
core9.ppc
sles10.x86-64
sles10.ppc
sles10-sp2.ppc
sles10-sp2.x86
core9.x86
sles10.ia64
core9.s390x
sles10.s390x
sles10.x86
core9.s390
ZYPP Patch Nr: 5292
Novell Linux Desktop 9 for x86
  • ldapsmb >= 1.34b-64.1.74
  • libsmbclient >= 3.0.26a-0.9
  • libsmbclient-devel >= 3.0.26a-0.9
  • samba >= 3.0.26a-0.9
  • samba-client >= 3.0.26a-0.9
  • samba-doc >= 3.0.26a-0.9
  • samba-pdb >= 3.0.26a-0.9
  • samba-python >= 3.0.26a-0.9
  • samba-vscan >= 0.3.6b-0.37
  • samba-winbind >= 3.0.26a-0.9
sles10-sp2.x86-64
core9.ia64
core9.x86-64
sles10-sp2.s390x
sles10-sp2.ia64
core9.ppc
sles10.x86-64
sles10.ppc
sles10-sp2.ppc
sles10-sp2.x86
core9.x86
sles10.ia64
core9.s390x
sles10.s390x
sles10.x86
core9.s390
ZYPP Patch Nr: 5292
Novell Linux Desktop 9 for x86_64
  • ldapsmb >= 1.34b-64.1.74
  • libsmbclient >= 3.0.26a-0.9
  • libsmbclient-32bit >= 9-200805282142
  • libsmbclient-devel >= 3.0.26a-0.9
  • samba >= 3.0.26a-0.9
  • samba-32bit >= 9-200805282142
  • samba-client >= 3.0.26a-0.9
  • samba-client-32bit >= 9-200805282142
  • samba-doc >= 3.0.26a-0.9
  • samba-pdb >= 3.0.26a-0.9
  • samba-python >= 3.0.26a-0.9
  • samba-vscan >= 0.3.6b-0.37
  • samba-winbind >= 3.0.26a-0.9
  • samba-winbind-32bit >= 9-200805282142
sles10-sp2.x86-64
core9.ia64
core9.x86-64
sles10-sp2.s390x
sles10-sp2.ia64
core9.ppc
sles10.x86-64
sles10.ppc
sles10-sp2.ppc
sles10-sp2.x86
core9.x86
sles10.ia64
core9.s390x
sles10.s390x
sles10.x86
core9.s390
ZYPP Patch Nr: 5292
Open Enterprise Server
  • libsmbclient >= 3.0.26a-0.9
  • libsmbclient-devel >= 3.0.26a-0.9
  • samba >= 3.0.26a-0.9
  • samba-client >= 3.0.26a-0.9
  • samba-doc >= 3.0.26a-0.9
  • samba-pdb >= 3.0.26a-0.9
  • samba-python >= 3.0.26a-0.9
  • samba-vscan >= 0.3.6b-0.37
  • samba-winbind >= 3.0.26a-0.9
sles10-sp2.x86-64
core9.ia64
core9.x86-64
sles10-sp2.s390x
sles10-sp2.ia64
core9.ppc
sles10.x86-64
sles10.ppc
sles10-sp2.ppc
sles10-sp2.x86
core9.x86
sles10.ia64
core9.s390x
sles10.s390x
sles10.x86
core9.s390
ZYPP Patch Nr: 5292