Debian: DSA-3548-1: samba security update

    Date13 Apr 2016
    CategoryDebian
    66
    Posted ByLinuxSecurity Advisories
    Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix. The Common Vulnerabilities and Exposures project identifies the following issues:
    
    - -------------------------------------------------------------------------
    Debian Security Advisory DSA-3548-1                   This email address is being protected from spambots. You need JavaScript enabled to view it.
    https://www.debian.org/security/                     Salvatore Bonaccorso
    April 13, 2016                        https://www.debian.org/security/faq
    - -------------------------------------------------------------------------
    
    Package        : samba
    CVE ID         : CVE-2015-5370 CVE-2016-2110 CVE-2016-2111 CVE-2016-2112
                     CVE-2016-2113 CVE-2016-2114 CVE-2016-2115 CVE-2016-2118
    
    Several vulnerabilities have been discovered in Samba, a SMB/CIFS file,
    print, and login server for Unix. The Common Vulnerabilities and
    Exposures project identifies the following issues:
    
    CVE-2015-5370
    
        Jouni Knuutinen from Synopsys discovered flaws in the Samba DCE-RPC
        code which can lead to denial of service (crashes and high cpu
        consumption) and man-in-the-middle attacks.
    
    CVE-2016-2110
    
        Stefan Metzmacher of SerNet and the Samba Team discovered that the
        feature negotiation of NTLMSSP does not protect against downgrade
        attacks.
    
    CVE-2016-2111
    
        When Samba is configured as domain controller, it allows remote
        attackers to spoof the computer name of a secure channel's endpoint,
        and obtain sensitive session information. This flaw corresponds to
        the same vulnerability as CVE-2015-0005 for Windows, discovered by
        Alberto Solino from Core Security.
    
    CVE-2016-2112
    
        Stefan Metzmacher of SerNet and the Samba Team discovered that a
        man-in-the-middle attacker can downgrade LDAP connections to avoid
        integrity protection.
    
    CVE-2016-2113
    
        Stefan Metzmacher of SerNet and the Samba Team discovered that
        man-in-the-middle attacks are possible for client triggered LDAP
        connections and ncacn_http connections.
    
    CVE-2016-2114
    
        Stefan Metzmacher of SerNet and the Samba Team discovered that Samba
        does not enforce required smb signing even if explicitly configured.
    
    CVE-2016-2115
    
        Stefan Metzmacher of SerNet and the Samba Team discovered that SMB
        connections for IPC traffic are not integrity-protected.
    
    CVE-2016-2118
    
        Stefan Metzmacher of SerNet and the Samba Team discovered that a
        man-in-the-middle attacker can intercept any DCERPC traffic between
        a client and a server in order to impersonate the client and obtain
        the same privileges as the authenticated user account.
    
    For the oldstable distribution (wheezy), these problems have been fixed
    in version 2:3.6.6-6+deb7u9. The oldstable distribution is not affected
    by CVE-2016-2113 and CVE-2016-2114.
    
    For the stable distribution (jessie), these problems have been fixed in
    version 2:4.2.10+dfsg-0+deb8u1. The issues were addressed by upgrading
    to the new upstream version 4.2.10, which includes additional changes
    and bugfixes. The depending libraries ldb, talloc, tdb and tevent
    required as well an update to new upstream versions for this update.
    
    For the unstable distribution (sid), these problems have been fixed in
    version 2:4.3.7+dfsg-1.
    
    Please refer to
    
      https://www.samba.org/samba/latest_news.html#4.4.2
      https://www.samba.org/samba/history/samba-4.2.0.html
      https://www.samba.org/samba/history/samba-4.2.10.html
    
    for further details (in particular for new options and defaults).
    
    We'd like to thank Andreas Schneider and Guenther Deschner (Red Hat),
    Stefan Metzmacher and Ralph Boehme (SerNet) and Aurelien Aptel (SUSE)
    for the massive backporting work required to support Samba 3.6 and Samba
    4.2 and Andrew Bartlett (Catalyst), Jelmer Vernooij and Mathieu Parent
    for their help in preparing updates of Samba and the underlying
    infrastructure libraries.
    
    We recommend that you upgrade your samba packages.
    
    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/
    
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"40","type":"x","order":"1","pct":48.78,"resources":[]},{"id":"88","title":"Should be more technical","votes":"13","type":"x","order":"2","pct":15.85,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"29","type":"x","order":"3","pct":35.37,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.