Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

Red Hat 6: RHSA-2013:1807-01 Important: OpenSSL Security Flaw

red hat
Calendar Grey December 10, 2013
Dist Redhat Esm H88
Important samba revision tackling buffer overrun and unauthorized access issues for Red Hat Enterprise Linux. Full information provided.
Updated samba3x and samba packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively

Solution

Before applying this update, make sure all previously-released errata relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258

Summary

Samba is an open-source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information.
A heap-based buffer overflow flaw was found in the DCE-RPC client code in Samba. A specially crafted DCE-RPC packet could cause various Samba programs to crash or, possibly, execute arbitrary code when parsed. A malicious or compromised Active Directory Domain Controller could use this flaw to compromise the winbindd daemon running with root privileges. (CVE-2013-4408)
A flaw was found in the way Samba performed ACL checks on alternate file and directory data streams. An attacker able to access a CIFS share with alternate stream support enabled could access alternate data streams regardless of the underlying file or directory ACL permissions. (CVE-2013-4475)
Red Hat would like to thank the Samba project for reporting CVE-2013-4408. Upstream acknowledges Stefan Metzmacher and Michael Adam of SerNet as the original reporters of this issue.
All users of Samba are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, the smb service will be restarted automatically.

Topics%20covered

Topics Covered

security advisory Red Hat buffer overflow critical samba access flaw important

References

https://access.redhat.com/security/cve/CVE-2013-4408 https://access.redhat.com/security/cve/CVE-2013-4475 https://access.redhat.com/security/updates/classification/#important

Package List

Red Hat Enterprise Linux Desktop (v. 5 client):
Source:
i386: samba3x-3.6.6-0.138.el5_10.i386.rpm samba3x-client-3.6.6-0.138.el5_10.i386.rpm samba3x-common-3.6.6-0.138.el5_10.i386.rpm samba3x-debuginfo-3.6.6-0.138.el5_10.i386.rpm samba3x-doc-3.6.6-0.138.el5_10.i386.rpm samba3x-domainjoin-gui-3.6.6-0.138.el5_10.i386.rpm samba3x-swat-3.6.6-0.138.el5_10.i386.rpm samba3x-winbind-3.6.6-0.138.el5_10.i386.rpm
x86_64: samba3x-3.6.6-0.138.el5_10.x86_64.rpm samba3x-client-3.6.6-0.138.el5_10.x86_64.rpm samba3x-common-3.6.6-0.138.el5_10.x86_64.rpm samba3x-debuginfo-3.6.6-0.138.el5_10.i386.rpm samba3x-debuginfo-3.6.6-0.138.el5_10.x86_64.rpm samba3x-doc-3.6.6-0.138.el5_10.x86_64.rpm samba3x-domainjoin-gui-3.6.6-0.138.el5_10.x86_64.rpm samba3x-swat-3.6.6-0.138.el5_10.x86_64.rpm samba3x-winbind-3.6.6-0.138.el5_10.i386.rpm samba3x-winbind-3.6.6-0.138.el5_10.x86_64.rpm
RHEL Desktop Workstation (v. 5 client):
Source:
i386: samba3x-debuginfo-3.6.6-0.138.el5_10.i386.rpm samba3x-winbind-devel-3.6.6-0.138.el5_10.i386.rpm
x86_64: samba3x-debuginfo-3.6.6-0.138.el5_10.i386.rpm samba3x-debuginfo-3.6.6-0.138.el5_10.x86_64.rpm samba3x-winbind-devel-3.6.6-0.138.el5_10.i386.rpm samba3x-winbind-devel-3.6.6-0.138.el5_10.x86_64.rpm
Red Hat Enterprise Linux (v. 5 server):
Source:
i386:

Read the Full Advisory


Severity
important
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2013:1806-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2013:1806.html
Issue date: 2013-12-09

Topic

Updated samba3x and samba packages that fix two security issues are nowavailable for Red Hat Enterprise Linux 5 and 6 respectively.The Red Hat Security Response Team has rated this update as havingimportant security impact. Common Vulnerability Scoring System (CVSS) basescores, which give detailed severity ratings, are available for eachvulnerability from the CVE links in the References section.

Topics%20covered

Topics Covered

security advisory Red Hat buffer overflow critical samba access flaw important

Relevant Releases Architectures

Red Hat Enterprise Linux HPC Node (v. 6) - x86_64

RHEL Desktop Workstation (v. 5 client) - i386, x86_64

Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64

Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64

Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64

Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64

Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64

Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64

Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64

Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64

Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64

Bugs Fixed

1018032 - CVE-2013-4408 samba: Heap-based buffer overflow due to incorrect DCE-RPC fragment length field check

1024542 - CVE-2013-4475 samba: no access check verification on stream files

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here