Upstream information

CVE-2009-0022 at MITRE

Description

Samba 3.2.0 through 3.2.6, when registry shares are enabled, allows remote authenticated users to access the root filesystem via a crafted connection request that specifies a blank share name.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having important severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 6.3
Vector AV:N/AC:M/Au:S/C:C/I:N/A:N
Access Vector Network
Access Complexity Medium
Authentication Single
Confidentiality Impact Complete
Integrity Impact None
Availability Impact None
SUSE Bugzilla entry: 460764 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Server 11 SP1
  • cifs-mount >= 3.4.3-1.17.2
  • ldapsmb >= 1.34b-11.17.2
  • libsmbclient0 >= 3.4.3-1.17.2
  • libsmbclient0-32bit >= 3.4.3-1.17.2
  • libsmbclient0-x86 >= 3.4.3-1.17.2
  • libtalloc1 >= 3.4.3-1.17.2
  • libtalloc1-32bit >= 3.4.3-1.17.2
  • libtalloc1-x86 >= 3.4.3-1.17.2
  • libtdb1 >= 3.4.3-1.17.2
  • libtdb1-32bit >= 3.4.3-1.17.2
  • libtdb1-x86 >= 3.4.3-1.17.2
  • libwbclient0 >= 3.4.3-1.17.2
  • libwbclient0-32bit >= 3.4.3-1.17.2
  • libwbclient0-x86 >= 3.4.3-1.17.2
  • samba >= 3.4.3-1.17.2
  • samba-32bit >= 3.4.3-1.17.2
  • samba-client >= 3.4.3-1.17.2
  • samba-client-32bit >= 3.4.3-1.17.2
  • samba-client-x86 >= 3.4.3-1.17.2
  • samba-krb-printing >= 3.4.3-1.17.2
  • samba-winbind >= 3.4.3-1.17.2
  • samba-winbind-32bit >= 3.4.3-1.17.2
  • samba-winbind-x86 >= 3.4.3-1.17.2
  • samba-x86 >= 3.4.3-1.17.2
Patchnames:
SUSE Linux Enterprise Server 11 SP1 GA cifs-mount
SUSE Linux Enterprise Server 11 SP2
  • cifs-utils >= 5.1-0.4.9
  • ldapsmb >= 1.34b-12.18.3
  • libldb1 >= 3.6.3-0.18.3
  • libsmbclient0 >= 3.6.3-0.18.3
  • libsmbclient0-32bit >= 3.6.3-0.18.3
  • libsmbclient0-x86 >= 3.6.3-0.18.3
  • libtalloc2 >= 3.6.3-0.18.3
  • libtalloc2-32bit >= 3.6.3-0.18.3
  • libtalloc2-x86 >= 3.6.3-0.18.3
  • libtdb1 >= 3.6.3-0.18.3
  • libtdb1-32bit >= 3.6.3-0.18.3
  • libtdb1-x86 >= 3.6.3-0.18.3
  • libtevent0 >= 3.6.3-0.18.3
  • libwbclient0 >= 3.6.3-0.18.3
  • libwbclient0-32bit >= 3.6.3-0.18.3
  • libwbclient0-x86 >= 3.6.3-0.18.3
  • samba >= 3.6.3-0.18.3
  • samba-32bit >= 3.6.3-0.18.3
  • samba-client >= 3.6.3-0.18.3
  • samba-client-32bit >= 3.6.3-0.18.3
  • samba-client-x86 >= 3.6.3-0.18.3
  • samba-krb-printing >= 3.6.3-0.18.3
  • samba-winbind >= 3.6.3-0.18.3
  • samba-winbind-32bit >= 3.6.3-0.18.3
  • samba-winbind-x86 >= 3.6.3-0.18.3
  • samba-x86 >= 3.6.3-0.18.3
Patchnames:
SUSE Linux Enterprise Server 11 SP2 GA cifs-utils
SUSE Linux Enterprise Server 11 SP2 GA ldapsmb
SUSE Linux Enterprise Server 11 SP3
  • cifs-utils >= 5.1-0.11.1
  • ldapsmb >= 1.34b-12.39.1
  • libldb1 >= 3.6.3-0.39.1
  • libsmbclient0 >= 3.6.3-0.39.1
  • libsmbclient0-32bit >= 3.6.3-0.39.1
  • libsmbclient0-x86 >= 3.6.3-0.39.1
  • libtalloc2 >= 3.6.3-0.39.1
  • libtalloc2-32bit >= 3.6.3-0.39.1
  • libtalloc2-x86 >= 3.6.3-0.39.1
  • libtdb1 >= 3.6.3-0.39.1
  • libtdb1-32bit >= 3.6.3-0.39.1
  • libtdb1-x86 >= 3.6.3-0.39.1
  • libtevent0 >= 3.6.3-0.39.1
  • libwbclient0 >= 3.6.3-0.39.1
  • libwbclient0-32bit >= 3.6.3-0.39.1
  • libwbclient0-x86 >= 3.6.3-0.39.1
  • samba >= 3.6.3-0.39.1
  • samba-32bit >= 3.6.3-0.39.1
  • samba-client >= 3.6.3-0.39.1
  • samba-client-32bit >= 3.6.3-0.39.1
  • samba-client-x86 >= 3.6.3-0.39.1
  • samba-krb-printing >= 3.6.3-0.39.1
  • samba-winbind >= 3.6.3-0.39.1
  • samba-winbind-32bit >= 3.6.3-0.39.1
  • samba-winbind-x86 >= 3.6.3-0.39.1
  • samba-x86 >= 3.6.3-0.39.1
Patchnames:
SUSE Linux Enterprise Server 11 SP3 GA cifs-utils
SUSE Linux Enterprise Server 11 SP3 GA ldapsmb
SUSE Linux Enterprise Server 11 SP4
  • cifs-utils >= 5.1-0.14.46
  • ldapsmb >= 1.34b-12.58.1
  • libldb1 >= 3.6.3-0.58.1
  • libsmbclient0 >= 3.6.3-0.58.1
  • libsmbclient0-32bit >= 3.6.3-0.58.1
  • libsmbclient0-x86 >= 3.6.3-0.58.1
  • libtalloc2 >= 3.6.3-0.58.1
  • libtalloc2-32bit >= 3.6.3-0.58.1
  • libtalloc2-x86 >= 3.6.3-0.58.1
  • libtdb1 >= 3.6.3-0.58.1
  • libtdb1-32bit >= 3.6.3-0.58.1
  • libtdb1-x86 >= 3.6.3-0.58.1
  • libtevent0 >= 3.6.3-0.58.1
  • libtevent0-32bit >= 3.6.3-0.58.1
  • libtevent0-x86 >= 3.6.3-0.39.1
  • libwbclient0 >= 3.6.3-0.58.1
  • libwbclient0-32bit >= 3.6.3-0.58.1
  • libwbclient0-x86 >= 3.6.3-0.58.1
  • samba >= 3.6.3-0.58.1
  • samba-32bit >= 3.6.3-0.58.1
  • samba-client >= 3.6.3-0.58.1
  • samba-client-32bit >= 3.6.3-0.58.1
  • samba-client-x86 >= 3.6.3-0.58.1
  • samba-krb-printing >= 3.6.3-0.58.1
  • samba-winbind >= 3.6.3-0.58.1
  • samba-winbind-32bit >= 3.6.3-0.58.1
  • samba-winbind-x86 >= 3.6.3-0.58.1
  • samba-x86 >= 3.6.3-0.58.1
Patchnames:
SUSE Linux Enterprise Server 11 SP4 GA cifs-utils
SUSE Linux Enterprise Server 11 SP4 GA ldapsmb
SUSE Linux Enterprise Server 11 SP4 GA libtevent0-x86
SUSE Linux Enterprise Software Development Kit 11 SP4
  • libldb-devel >= 3.6.3-0.58.1
  • libnetapi-devel >= 3.6.3-0.58.1
  • libnetapi0 >= 3.6.3-0.58.1
  • libsmbclient-devel >= 3.6.3-0.58.1
  • libsmbsharemodes-devel >= 3.6.3-0.58.1
  • libsmbsharemodes0 >= 3.6.3-0.58.1
  • libtalloc-devel >= 3.6.3-0.58.1
  • libtdb-devel >= 3.6.3-0.58.1
  • libtevent-devel >= 3.6.3-0.58.1
  • libwbclient-devel >= 3.6.3-0.58.1
  • samba-devel >= 3.6.3-0.58.1
  • samba-test >= 3.6.3-0.58.1
Patchnames:
SUSE Linux Enterprise Software Development Kit 11 SP4 GA libldb-devel
openSUSE 11.0
  • samba-debuginfo >= 3.2.4-4.3
openSUSE 11.0
  • cifs-mount >= 3.2.4-4.3
  • ldapsmb >= 1.34b-195.8
  • libnetapi-devel >= 3.2.4-4.3
  • libnetapi0 >= 3.2.4-4.3
  • libsmbclient-devel >= 3.2.4-4.3
  • libsmbclient0 >= 3.2.4-4.3
  • libsmbclient0-32bit >= 3.2.4-4.3
  • libsmbclient0-64bit >= 3.2.4-4.3
  • libsmbsharemodes-devel >= 3.2.4-4.3
  • libsmbsharemodes0 >= 3.2.4-4.3
  • libtalloc-devel >= 3.2.4-4.3
  • libtalloc1 >= 3.2.4-4.3
  • libtalloc1-32bit >= 3.2.4-4.3
  • libtalloc1-64bit >= 3.2.4-4.3
  • libtdb-devel >= 3.2.4-4.3
  • libtdb1 >= 3.2.4-4.3
  • libtdb1-32bit >= 3.2.4-4.3
  • libtdb1-64bit >= 3.2.4-4.3
  • libwbclient-devel >= 3.2.4-4.3
  • libwbclient0 >= 3.2.4-4.3
  • libwbclient0-32bit >= 3.2.4-4.3
  • libwbclient0-64bit >= 3.2.4-4.3
  • samba >= 3.2.4-4.3
  • samba-32bit >= 3.2.4-4.3
  • samba-64bit >= 3.2.4-4.3
  • samba-client >= 3.2.4-4.3
  • samba-client-32bit >= 3.2.4-4.3
  • samba-client-64bit >= 3.2.4-4.3
  • samba-devel >= 3.2.4-4.3
  • samba-krb-printing >= 3.2.4-4.3
  • samba-winbind >= 3.2.4-4.3
  • samba-winbind-32bit >= 3.2.4-4.3
  • samba-winbind-64bit >= 3.2.4-4.3
openSUSE 11.1
  • cifs-mount >= 3.2.6-0.3.1
  • ldapsmb >= 1.34b-5.3.1
  • libnetapi-devel >= 3.2.6-0.3.1
  • libnetapi0 >= 3.2.6-0.3.1
  • libsmbclient-devel >= 3.2.6-0.3.1
  • libsmbclient0 >= 3.2.6-0.3.1
  • libsmbclient0-32bit >= 3.2.6-0.3.1
  • libsmbsharemodes-devel >= 3.2.6-0.3.1
  • libsmbsharemodes0 >= 3.2.6-0.3.1
  • libtalloc-devel >= 3.2.6-0.3.1
  • libtalloc1 >= 3.2.6-0.3.1
  • libtalloc1-32bit >= 3.2.6-0.3.1
  • libtdb-devel >= 3.2.6-0.3.1
  • libtdb1 >= 3.2.6-0.3.1
  • libtdb1-32bit >= 3.2.6-0.3.1
  • libwbclient-devel >= 3.2.6-0.3.1
  • libwbclient0 >= 3.2.6-0.3.1
  • libwbclient0-32bit >= 3.2.6-0.3.1
  • samba >= 3.2.6-0.3.1
  • samba-32bit >= 3.2.6-0.3.1
  • samba-client >= 3.2.6-0.3.1
  • samba-client-32bit >= 3.2.6-0.3.1
  • samba-debuginfo >= 3.2.6-0.3.1
  • samba-debugsource >= 3.2.6-0.3.1
  • samba-devel >= 3.2.6-0.3.1
  • samba-krb-printing >= 3.2.6-0.3.1
  • samba-vscan >= 0.3.6b-5.3.1
  • samba-winbind >= 3.2.6-0.3.1
  • samba-winbind-32bit >= 3.2.6-0.3.1
openSUSE 11.1
  • cifs-mount >= 3.2.6-0.3.1
  • ldapsmb >= 1.34b-5.3.1
  • libnetapi-devel >= 3.2.6-0.3.1
  • libnetapi0 >= 3.2.6-0.3.1
  • libsmbclient-devel >= 3.2.6-0.3.1
  • libsmbclient0 >= 3.2.6-0.3.1
  • libsmbclient0-32bit >= 3.2.6-0.3.1
  • libsmbclient0-64bit >= 3.2.6-0.3.1
  • libsmbsharemodes-devel >= 3.2.6-0.3.1
  • libsmbsharemodes0 >= 3.2.6-0.3.1
  • libtalloc-devel >= 3.2.6-0.3.1
  • libtalloc1 >= 3.2.6-0.3.1
  • libtalloc1-32bit >= 3.2.6-0.3.1
  • libtalloc1-64bit >= 3.2.6-0.3.1
  • libtdb-devel >= 3.2.6-0.3.1
  • libtdb1 >= 3.2.6-0.3.1
  • libtdb1-32bit >= 3.2.6-0.3.1
  • libtdb1-64bit >= 3.2.6-0.3.1
  • libwbclient-devel >= 3.2.6-0.3.1
  • libwbclient0 >= 3.2.6-0.3.1
  • libwbclient0-32bit >= 3.2.6-0.3.1
  • libwbclient0-64bit >= 3.2.6-0.3.1
  • samba >= 3.2.6-0.3.1
  • samba-32bit >= 3.2.6-0.3.1
  • samba-64bit >= 3.2.6-0.3.1
  • samba-client >= 3.2.6-0.3.1
  • samba-client-32bit >= 3.2.6-0.3.1
  • samba-client-64bit >= 3.2.6-0.3.1
  • samba-devel >= 3.2.6-0.3.1
  • samba-krb-printing >= 3.2.6-0.3.1
  • samba-vscan >= 0.3.6b-5.3.1
  • samba-winbind >= 3.2.6-0.3.1
  • samba-winbind-32bit >= 3.2.6-0.3.1
  • samba-winbind-64bit >= 3.2.6-0.3.1
openSUSE 11.1
  • keyutils-debuginfo >= 1.2-107.4
  • keyutils-debuginfo >= 1.2-107.9
  • keyutils-debugsource >= 1.2-107.4
  • keyutils-debugsource >= 1.2-107.9
  • samba-debuginfo >= 3.2.6-0.3.1
  • samba-debugsource >= 3.2.6-0.3.1
openSUSE 11.1
  • cifs-mount >= 3.2.6-0.3.1
  • keyutils >= 1.2-107.4
  • keyutils >= 1.2-107.9
  • ldapsmb >= 1.34b-5.3.1
  • libnetapi-devel >= 3.2.6-0.3.1
  • libnetapi0 >= 3.2.6-0.3.1
  • libsmbclient-devel >= 3.2.6-0.3.1
  • libsmbclient0 >= 3.2.6-0.3.1
  • libsmbclient0-32bit >= 3.2.6-0.3.1
  • libsmbclient0-64bit >= 3.2.6-0.3.1
  • libsmbsharemodes-devel >= 3.2.6-0.3.1
  • libsmbsharemodes0 >= 3.2.6-0.3.1
  • libtalloc-devel >= 3.2.6-0.3.1
  • libtalloc1 >= 3.2.6-0.3.1
  • libtalloc1-32bit >= 3.2.6-0.3.1
  • libtalloc1-64bit >= 3.2.6-0.3.1
  • libtdb-devel >= 3.2.6-0.3.1
  • libtdb1 >= 3.2.6-0.3.1
  • libtdb1-32bit >= 3.2.6-0.3.1
  • libtdb1-64bit >= 3.2.6-0.3.1
  • libwbclient-devel >= 3.2.6-0.3.1
  • libwbclient0 >= 3.2.6-0.3.1
  • libwbclient0-32bit >= 3.2.6-0.3.1
  • libwbclient0-64bit >= 3.2.6-0.3.1
  • samba >= 3.2.6-0.3.1
  • samba-32bit >= 3.2.6-0.3.1
  • samba-64bit >= 3.2.6-0.3.1
  • samba-client >= 3.2.6-0.3.1
  • samba-client-32bit >= 3.2.6-0.3.1
  • samba-client-64bit >= 3.2.6-0.3.1
  • samba-devel >= 3.2.6-0.3.1
  • samba-krb-printing >= 3.2.6-0.3.1
  • samba-vscan >= 0.3.6b-5.3.1
  • samba-winbind >= 3.2.6-0.3.1
  • samba-winbind-32bit >= 3.2.6-0.3.1
  • samba-winbind-64bit >= 3.2.6-0.3.1