[Pkg-samba-maint] Bug#426002: (forw) Re: Bug#426002: Bug#425680: samba: The security fix for CVE-2007-2446 broke Samba

Christian Perrier bubulle at debian.org
Mon May 28 05:24:39 UTC 2007 

Sigh.

I suspect that #426002 could be another bug.....or something specific
in our user's setup

----- Forwarded message from "Jose L. Fernandez Jambrina" <j.fdez.jambrina at gr.ssr.upm.es> -----

Date: Sun, 27 May 2007 20:08:55 +0200 (CEST)
Subject: Re: Bug#426002: Bug#425680: samba: The security fix for 
     CVE-2007-2446 broke Samba
From: "Jose L. Fernandez Jambrina" <j.fdez.jambrina at gr.ssr.upm.es>
To: Christian Perrier <bubulle at debian.org>
X-CRM114-Status: Good  ( pR: 999.99  )

El Dom, 27 de Mayo de 2007, 7:56 am, Christian Perrier escribió:
>> Hi,
>>   I tested it with the exception of samba_3.0.24-6etch3_i386.deb because
>> it depends on libgnutls11 that doesn't exist in etch3.
>
>
> In order to test the packages anyway, you need to add a sources.list
> for sarge in /etc/apt/sources.list:
>
> #  Sarge
> deb http://ftp.debian.org/debian sarge main
>
>
> This way, you can "aptitude install libgnutls11" before installing the
> test packages and they'll work.
>

Hi,
  I tested again with samba_3.0.24-6etch3_i386.deb installed as you
proposed, with the same results

Some users are authenticated:

c411b:~# wbinfo -a LANGROUP\\jambrina%-------
plaintext password authentication succeeded
challenge/response password authentication succeeded

Other no:

c411b:~# wbinfo -a LANGROUP\\lmguest%--------
plaintext password authentication failed
error code was NT_STATUS_NO_LOGON_SERVERS (0xc000005e)
error messsage was: No logon servers
Could not authenticate user LANGROUP\lmguest%-------- with plaintext password
challenge/response password authentication failed
error code was NT_STATUS_NO_LOGON_SERVERS (0xc000005e)
error messsage was: No logon servers
Could not authenticate user LANGROUP\lmguest with challenge/response

But even in this case bad password are detected in some way:

c411b:~# wbinfo -a LANGROUP\\lmguest%------
plaintext password authentication failed
error code was NT_STATUS_WRONG_PASSWORD (0xc000006a)
error messsage was: Wrong Password
Could not authenticate user LANGROUP\lmguest%------ with plaintext password
challenge/response password authentication failed
error code was NT_STATUS_WRONG_PASSWORD (0xc000006a)
error messsage was: Wrong Password
Could not authenticate user LANGROUP\lmguest with challenge/response

So as long as it affects me, the bug is not solved

I would try version 3.0.25-1+b1 but it seems that it will take long to
have it in testing, and it seems cumbersome to move to experimental: now
i'm stable. :(



-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.



 ** CRM114 Whitelisted by: bubulle at debian.org **

----- End forwarded message -----

-- 


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-samba-maint/attachments/20070528/301d2612/attachment.pgp

More information about the Pkg-samba-maint mailing list