Debian Bug report logs - #496073
samba: group_mapping.ldb created world writeable after manual deletion

version graph

Package: samba; Maintainer for samba is Debian Samba Maintainers <pkg-samba-maint@lists.alioth.debian.org>; Source for samba is src:samba (PTS, buildd, popcon).

Reported by: Sascha Herrmann <sh_bugs@nttcable.de>

Date: Fri, 22 Aug 2008 13:57:01 UTC

Severity: important

Tags: confirmed, security, upstream

Found in version samba/2:3.2.0-4

Fixed in version samba/2:3.2.3-1

Done: Steve Langasek <vorlon@debian.org>

Bug is archived. No further changes may be made.

Forwarded to https://bugzilla.samba.org/show_bug.cgi?id=5715

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Debian Samba Maintainers <pkg-samba-maint@lists.alioth.debian.org>:
Bug#496073; Package samba. (full text, mbox, link).


Acknowledgement sent to Sascha Herrmann <sh_bugs@nttcable.de>:
New Bug report received and forwarded. Copy sent to Debian Samba Maintainers <pkg-samba-maint@lists.alioth.debian.org>. (full text, mbox, link).


Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Sascha Herrmann <sh_bugs@nttcable.de>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: samba: group_mapping.ldb created world writeable after manual deletion
Date: Fri, 22 Aug 2008 15:54:21 +0200
Package: samba
Version: 2:3.2.0-4
Severity: normal

After removing the group_mapping.tdb file in /var/lib/samba, samba recreates
this file with the permissions set to 0666, allowing everybody with access
to the system to modify this file. I think this isn't a good idea. I removed
this file on a system I cloned from a working system because I wanted to be
sure there are no cached informations of the domain the original system was
a member of.

-- System Information:
Debian Release: lenny/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)

Kernel: Linux 2.6.18-6-xen-686 (SMP w/1 CPU core)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/bash

Versions of packages samba depends on:
ii  adduser              3.108               add and remove users and groups
ii  debconf [debconf-2.0 1.5.22              Debian configuration management sy
ii  libacl1              2.2.47-2            Access control list shared library
ii  libattr1             1:2.4.43-1          Extended attribute shared library
ii  libc6                2.7-13              GNU C Library: Shared libraries
ii  libcomerr2           1.41.0-3            common error description library
pi  libcups2             1.3.8-1             Common UNIX Printing System(tm) - 
ii  libgnutls26          2.4.1-1             the GNU TLS library - runtime libr
ii  libkrb53             1.6.dfsg.4~beta1-3  MIT Kerberos runtime libraries
ii  libldap-2.4-2        2.4.10-3            OpenLDAP libraries
ii  libpam-modules       1.0.1-2             Pluggable Authentication Modules f
ii  libpam-runtime       1.0.1-2             Runtime support for the PAM librar
ii  libpam0g             1.0.1-2             Pluggable Authentication Modules l
ii  libpopt0             1.14-4              lib for parsing cmdline parameters
ii  libtalloc1           1.2.0~git20080616-1 hierarchical pool based memory all
ii  libwbclient0         2:3.2.0-4           client library for interfacing wit
ii  logrotate            3.7.1-3             Log rotation utility
ii  lsb-base             3.2-19              Linux Standard Base 3.2 init scrip
ii  procps               1:3.2.7-8           /proc file system utilities
ii  samba-common         2:3.2.0-4           Samba common files used by both th
ii  update-inetd         4.30+nmu1           inetd configuration file updater
ii  zlib1g               1:1.2.3.3.dfsg-12   compression library - runtime

samba recommends no packages.

Versions of packages samba suggests:
ii  openbsd-inetd [inet-superse 0.20080125-1 The OpenBSD Internet Superserver
pn  smbldap-tools               <none>       (no description available)

-- debconf information:
* samba/run_mode: daemons
  samba/tdbsam: false
* samba/generate_smbpasswd: true




Tags added: confirmed, upstream Request was from Steve Langasek <vorlon@debian.org> to control@bugs.debian.org. (Sun, 24 Aug 2008 00:54:02 GMT) (full text, mbox, link).


Severity set to `important' from `normal' Request was from Steve Langasek <vorlon@debian.org> to control@bugs.debian.org. (Sun, 24 Aug 2008 00:54:02 GMT) (full text, mbox, link).


Tags added: security Request was from Steve Langasek <vorlon@debian.org> to control@bugs.debian.org. (Sun, 24 Aug 2008 01:12:02 GMT) (full text, mbox, link).


Noted your statement that Bug has been forwarded to https://bugzilla.samba.org/show_bug.cgi?id=5715. Request was from Steve Langasek <vorlon@debian.org> to control@bugs.debian.org. (Sun, 24 Aug 2008 01:12:03 GMT) (full text, mbox, link).


Information forwarded to debian-bugs-dist@lists.debian.org, Debian Samba Maintainers <pkg-samba-maint@lists.alioth.debian.org>:
Bug#496073; Package samba. (full text, mbox, link).


Acknowledgement sent to Julien Cristau <jcristau@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian Samba Maintainers <pkg-samba-maint@lists.alioth.debian.org>. (full text, mbox, link).


Message #18 received at 496073@bugs.debian.org (full text, mbox, reply):

From: Julien Cristau <jcristau@debian.org>
To: 496073@bugs.debian.org
Subject: Re: [Pkg-samba-maint] Bug#496073: samba: group_mapping.ldb created world writeable after manual deletion
Date: Tue, 26 Aug 2008 16:18:22 +0200
On Fri, Aug 22, 2008 at 15:54:21 +0200, Sascha Herrmann wrote:

> After removing the group_mapping.tdb file in /var/lib/samba, samba recreates
> this file with the permissions set to 0666, allowing everybody with access
> to the system to modify this file. I think this isn't a good idea. I removed
> this file on a system I cloned from a working system because I wanted to be
> sure there are no cached informations of the domain the original system was
> a member of.
> 
This has been assigned CVE-2008-3789, FWIW.

Cheers,
Julien




Information forwarded to debian-bugs-dist@lists.debian.org, Debian Samba Maintainers <pkg-samba-maint@lists.alioth.debian.org>:
Bug#496073; Package samba. (full text, mbox, link).


Acknowledgement sent to Thijs Kinkhorst <thijs@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian Samba Maintainers <pkg-samba-maint@lists.alioth.debian.org>. (full text, mbox, link).


Message #23 received at 496073@bugs.debian.org (full text, mbox, reply):

From: Thijs Kinkhorst <thijs@debian.org>
To: 496073@bugs.debian.org
Subject: samba: CVE name assigned
Date: Tue, 26 Aug 2008 16:20:04 +0200
[Message part 1 (text/plain, inline)]
This is CVE-2008-3789. Please mention it in the changelog when uploading.
Perhaps someone can add it to the upstream bug, as I'm not allowed to access 
that.


Thijs
[Message part 2 (application/pgp-signature, inline)]

Tags added: pending Request was from vorlon@alioth.debian.org to control@bugs.debian.org. (Wed, 27 Aug 2008 07:48:06 GMT) (full text, mbox, link).


Tags added: pending Request was from vorlon@alioth.debian.org to control@bugs.debian.org. (Wed, 27 Aug 2008 18:24:03 GMT) (full text, mbox, link).


Reply sent to Steve Langasek <vorlon@debian.org>:
You have taken responsibility. (full text, mbox, link).


Notification sent to Sascha Herrmann <sh_bugs@nttcable.de>:
Bug acknowledged by developer. (full text, mbox, link).


Message #32 received at 496073-close@bugs.debian.org (full text, mbox, reply):

From: Steve Langasek <vorlon@debian.org>
To: 496073-close@bugs.debian.org
Subject: Bug#496073: fixed in samba 2:3.2.3-1
Date: Wed, 27 Aug 2008 19:32:09 +0000
Source: samba
Source-Version: 2:3.2.3-1

We believe that the bug you reported is fixed in the latest version of
samba, which is due to be installed in the Debian FTP archive:

libpam-smbpass_3.2.3-1_amd64.deb
  to pool/main/s/samba/libpam-smbpass_3.2.3-1_amd64.deb
libsmbclient-dev_3.2.3-1_amd64.deb
  to pool/main/s/samba/libsmbclient-dev_3.2.3-1_amd64.deb
libsmbclient_3.2.3-1_amd64.deb
  to pool/main/s/samba/libsmbclient_3.2.3-1_amd64.deb
libwbclient0_3.2.3-1_amd64.deb
  to pool/main/s/samba/libwbclient0_3.2.3-1_amd64.deb
samba-common_3.2.3-1_amd64.deb
  to pool/main/s/samba/samba-common_3.2.3-1_amd64.deb
samba-dbg_3.2.3-1_amd64.deb
  to pool/main/s/samba/samba-dbg_3.2.3-1_amd64.deb
samba-doc-pdf_3.2.3-1_all.deb
  to pool/main/s/samba/samba-doc-pdf_3.2.3-1_all.deb
samba-doc_3.2.3-1_all.deb
  to pool/main/s/samba/samba-doc_3.2.3-1_all.deb
samba-tools_3.2.3-1_amd64.deb
  to pool/main/s/samba/samba-tools_3.2.3-1_amd64.deb
samba_3.2.3-1.diff.gz
  to pool/main/s/samba/samba_3.2.3-1.diff.gz
samba_3.2.3-1.dsc
  to pool/main/s/samba/samba_3.2.3-1.dsc
samba_3.2.3-1_amd64.deb
  to pool/main/s/samba/samba_3.2.3-1_amd64.deb
samba_3.2.3.orig.tar.gz
  to pool/main/s/samba/samba_3.2.3.orig.tar.gz
smbclient_3.2.3-1_amd64.deb
  to pool/main/s/samba/smbclient_3.2.3-1_amd64.deb
smbfs_3.2.3-1_amd64.deb
  to pool/main/s/samba/smbfs_3.2.3-1_amd64.deb
swat_3.2.3-1_amd64.deb
  to pool/main/s/samba/swat_3.2.3-1_amd64.deb
winbind_3.2.3-1_amd64.deb
  to pool/main/s/samba/winbind_3.2.3-1_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 496073@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Steve Langasek <vorlon@debian.org> (supplier of updated samba package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Wed, 27 Aug 2008 10:19:59 -0700
Source: samba
Binary: samba samba-common samba-tools smbclient swat samba-doc samba-doc-pdf smbfs libpam-smbpass libsmbclient libsmbclient-dev winbind samba-dbg libwbclient0
Architecture: source all amd64
Version: 2:3.2.3-1
Distribution: unstable
Urgency: high
Maintainer: Debian Samba Maintainers <pkg-samba-maint@lists.alioth.debian.org>
Changed-By: Steve Langasek <vorlon@debian.org>
Description: 
 libpam-smbpass - pluggable authentication module for SMB/CIFS password database
 libsmbclient - shared library that allows applications to talk to SMB/CIFS serve
 libsmbclient-dev - libsmbclient static libraries and headers
 libwbclient0 - client library for interfacing with winbind service
 samba      - a LanManager-like file and printer server for Unix
 samba-common - Samba common files used by both the server and the client
 samba-dbg  - Samba debugging symbols
 samba-doc  - Samba documentation
 samba-doc-pdf - Samba documentation (PDF format)
 samba-tools - tools provided by the Samba suite
 smbclient  - a LanManager-like simple client for Unix
 smbfs      - mount and umount commands for the smbfs (for kernels >= than 2.2.
 swat       - Samba Web Administration Tool
 winbind    - service to resolve user and group information from Windows NT ser
Closes: 491881 496073
Changes: 
 samba (2:3.2.3-1) unstable; urgency=high
 .
   * High-urgency upload for security fix
   * New upstream release
     - Fix "/usr/lib/cups/backend/smb does not try port 139 anymore by default"
       Closes: #491881
     - Fix the default permissions on ldb databases.  Addresses
       CVE-2008-3789; closes: #496073.
     - debian/rules, debian/smbfs.files: build with cifs.upcall,
       newly introduced to replace cifs.spnego
     - debian/rules: no more need to rename libsmbclient.so to
       libsmbclient.so.0, or libwbclient.so to libwbclient.so.0
 .
   [ Noèl Köthe ]
   * fixing lintian warning "build-depends-on-1-revision"
Checksums-Sha1: 
 8fab7280e167deb055e19a489f047d164f471bfb 1774 samba_3.2.3-1.dsc
 f6117a2da69d158cdcd76e27ea85801f2700450e 23704996 samba_3.2.3.orig.tar.gz
 dacc9b5c37a352ab3d3bc288ed1a91cafc0920d6 216136 samba_3.2.3-1.diff.gz
 80df837ca65e8d49afbf7c3b796004d73db9dbb2 7943980 samba-doc_3.2.3-1_all.deb
 d5971435e0ce73a80b27c76a1b3506c20e2caa22 6251740 samba-doc-pdf_3.2.3-1_all.deb
 f625d07dba5908c50284545311b2107459e308dc 4773376 samba_3.2.3-1_amd64.deb
 358e1d4655ff8ce519416b005eb1d0c11f916546 3724886 samba-common_3.2.3-1_amd64.deb
 dfa8bb2350e0553984d196cd3dc3495b8f44b9d6 5646560 samba-tools_3.2.3-1_amd64.deb
 f7c07f28e28067d4574d52b54bc7f50fb383ac91 7007790 smbclient_3.2.3-1_amd64.deb
 3bd1eb81992732e8d814826b853dc38bd69b470c 1082516 swat_3.2.3-1_amd64.deb
 987afc612a27c84352a9c6d4aa79d3d130dad1c8 1491144 smbfs_3.2.3-1_amd64.deb
 be7b5e504a9dbf0878134c796d68e78c05159e9d 626332 libpam-smbpass_3.2.3-1_amd64.deb
 26f0228418bd0c69cb1539b395adb24b0475736d 1357500 libsmbclient_3.2.3-1_amd64.deb
 952283aa4110fd1cea337b76294de5fee5906d70 1952558 libsmbclient-dev_3.2.3-1_amd64.deb
 04990e1967e3e37fcf6dbb4cb61b09e44adb8459 3275356 winbind_3.2.3-1_amd64.deb
 f213f0f3b5b11d5982be7ff41b3a56e79fe87d9c 1992298 samba-dbg_3.2.3-1_amd64.deb
 896e7c820dda20a24ddf2f46685f69c6ddfa801c 78860 libwbclient0_3.2.3-1_amd64.deb
Checksums-Sha256: 
 85fd16a58b8c69f53e519b8d696064d9b07163d09ca5f57c71c21a15feb7b36f 1774 samba_3.2.3-1.dsc
 40dfa61815b0c9f6ef9ae98ef40883cff81555467b7f11b836ce5a2f307d4c64 23704996 samba_3.2.3.orig.tar.gz
 c9fc468649ec023a7696dab199202816ee5f8799118fd6789023aaa850f523ee 216136 samba_3.2.3-1.diff.gz
 f50d87c9bd1f44e441bc8e59653b072d2d71cf564b9bc5e84942ba2b7e3b324e 7943980 samba-doc_3.2.3-1_all.deb
 eaef55704140c683292eec5415117534e54ce8d3a56742e409d9ddbae6c57091 6251740 samba-doc-pdf_3.2.3-1_all.deb
 e6f9ce145ece00e2a1123acb50b2f5d19a4dad3f60c3833ed2c7348a32ef613d 4773376 samba_3.2.3-1_amd64.deb
 7472931e938c8358d2cf609a9ed931869038a0cea344c3c6bb7b588649529212 3724886 samba-common_3.2.3-1_amd64.deb
 c1137218d4d5c2e5ef970ccb6a953bce5be9dfd63e8475bfb6f97b8c968dd128 5646560 samba-tools_3.2.3-1_amd64.deb
 aa9e5873ae9871454e10e66d8cce579931adc91c7e13e4071e0471a3e46715e1 7007790 smbclient_3.2.3-1_amd64.deb
 07551f617ec4518648265576e6f6f09b200b802d1c3a9a7a797b7b5a51453bca 1082516 swat_3.2.3-1_amd64.deb
 4ed6b64f7c4d39e4092f1727045eaba6485174eabfcc7befd3dd93952d1d12ce 1491144 smbfs_3.2.3-1_amd64.deb
 9311f8f78e036593305c6c829c5f6995da6087c52f6551f3f6f9add65b957b0d 626332 libpam-smbpass_3.2.3-1_amd64.deb
 9254da8a2ba3d478990e8dc6e64052b8361cad40f87c845e3bcf6be24b01edaa 1357500 libsmbclient_3.2.3-1_amd64.deb
 eed643ec70f8f8525015c0d43d70a2ed58d7965ea1cf2181568f965ea054f3e5 1952558 libsmbclient-dev_3.2.3-1_amd64.deb
 1a415b53fe8a475261ecd5c3b8940e35cc3f34001c8635e9d4dcafc20182dfb9 3275356 winbind_3.2.3-1_amd64.deb
 e06453ea026aa1faf170965fd8c663c3b22e303ccd723f61eb23f54d0a51c725 1992298 samba-dbg_3.2.3-1_amd64.deb
 3352fd20c148829b1d65254a75e2072f8cf28d5491cbc3374337c2ef462dca27 78860 libwbclient0_3.2.3-1_amd64.deb
Files: 
 2c39be94df39ec00cedfdc5a8d102ae3 1774 net optional samba_3.2.3-1.dsc
 c1630a57ac0ec24bc364c6d11c93ec35 23704996 net optional samba_3.2.3.orig.tar.gz
 2e85d87d4d25be557c622cb1995b3ff3 216136 net optional samba_3.2.3-1.diff.gz
 db87bf9dcb28296a1b95b139ef1b09b9 7943980 doc optional samba-doc_3.2.3-1_all.deb
 66a1ed547847dff2c9ba8d708b973917 6251740 doc optional samba-doc-pdf_3.2.3-1_all.deb
 b329f4f5f287b6212612c959a254dc14 4773376 net optional samba_3.2.3-1_amd64.deb
 df2728a8d20df1bd48baaf4efc11d469 3724886 net optional samba-common_3.2.3-1_amd64.deb
 da5eefed4bb9711e1be61ea4f27e0ece 5646560 net optional samba-tools_3.2.3-1_amd64.deb
 b8892b7569da98b88727826f92d7013b 7007790 net optional smbclient_3.2.3-1_amd64.deb
 71be9545f2d093dbda2cb3456b701440 1082516 net optional swat_3.2.3-1_amd64.deb
 b30540365a09b81210a1120df8c256e2 1491144 otherosfs optional smbfs_3.2.3-1_amd64.deb
 094f51ce91bffcce675309b8cbb0b881 626332 admin extra libpam-smbpass_3.2.3-1_amd64.deb
 aff16820177aa8fd29ae48719a20c022 1357500 libs optional libsmbclient_3.2.3-1_amd64.deb
 1b70e2288f4637ebe3abf276748c9924 1952558 libdevel extra libsmbclient-dev_3.2.3-1_amd64.deb
 7849792ee87df6cac99738657ef1dc5a 3275356 net optional winbind_3.2.3-1_amd64.deb
 bca2a00df3d22c99fe302b1bff02205d 1992298 devel extra samba-dbg_3.2.3-1_amd64.deb
 f7c28863ea5e564137fe7d030914b066 78860 libs optional libwbclient0_3.2.3-1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFItZ8HKN6ufymYLloRAizfAKCCUR6FZp6ioxMfW93dgNhfixJbHACfekVF
+U50giDRJK7xSPkd08cCncQ=
=RqAb
-----END PGP SIGNATURE-----





Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Sun, 28 Sep 2008 07:30:09 GMT) (full text, mbox, link).


Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Sat Apr 19 07:40:33 2025; Machine Name: buxtehude

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU General Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.