From owner-freebsd-security  Tue Mar 18  6:38:20 2003
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 3B0CD37B401
	for <security@freebsd.org>; Tue, 18 Mar 2003 06:38:18 -0800 (PST)
Received: from kurush.osdn.org.ua (external.osdn.org.ua [212.40.34.156])
	by mx1.FreeBSD.org (Postfix) with ESMTP id D5C4543FB1
	for <security@freebsd.org>; Tue, 18 Mar 2003 06:38:02 -0800 (PST)
	(envelope-from never@kurush.osdn.org.ua)
Received: from kurush.osdn.org.ua (never@localhost [127.0.0.1])
	by kurush.osdn.org.ua (8.12.6/8.12.6) with ESMTP id h2IEbxDE078092
	for <security@freebsd.org>; Tue, 18 Mar 2003 16:37:59 +0200 (EET)
	(envelope-from never@kurush.osdn.org.ua)
Received: (from never@localhost)
	by kurush.osdn.org.ua (8.12.6/8.12.6/Submit) id h2IEbxkO078091
	for security@freebsd.org; Tue, 18 Mar 2003 16:37:59 +0200 (EET)
Date: Tue, 18 Mar 2003 16:37:59 +0200
From: Alexandr Kovalenko <never@nevermind.kiev.ua>
To: security@freebsd.org
Subject: Samba vulnerability
Message-ID: <20030318143759.GA77729@nevermind.kiev.ua>
Mime-Version: 1.0
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
User-Agent: Mutt/1.5.1i
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

http://samba.org/samba/samba.html

(14th Mar, 2003) Security Release - Samba 2.2.8

A flaw has been detected in the Samba main smbd code which could allow
an external attacker to remotely and anonymously gain Super User (root)
privileges on a server running a Samba server. This flaw exists in
previous versions of Samba from 2.0.x to 2.2.7a inclusive. This is a
serious problem and all sites should either upgrade to Samba 2.2.8
immediately or prohibit access to TCP ports 139 and 445. The Release
Notes are available on-line.

In addition to addressing this security issue, Samba 2.2.8 includes many
unrelated improvements. These improvements result from our process of
continuous quality assurance and code review, and are part of the Samba
team's committment to excellence.

-- 
NEVE-RIPE, will build world for food
Ukrainian FreeBSD User Group
http://uafug.org.ua/

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message