Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 454
Alerts This Week
Warning Icon 1 454

Scientific Linux 7: SLSA-2015:0252-1 Critical Samba Remote Code Execution

Scientific Large Esm H446
Critical: samba security update
Date: Mon, 23 Feb 2015 22:42:21 +0000
Reply-To: scientific-linux-users@
Sender: Security Errata for Scientific Linux
 
From: Pat Riehecky 
Subject: Security ERRATA Critical: samba on SL7.x x86_64
MIME-Version: 1.0

Synopsis: Critical: samba security update
Advisory ID: SLSA-2015:0252-1
Issue Date: 2015-02-23
CVE Numbers: CVE-2015-0240
--

An uninitialized pointer use flaw was found in the Samba daemon (smbd). A
malicious Samba client could send specially crafted netlogon packets that,
when processed by smbd, could potentially lead to arbitrary code execution
with the privileges of the user running smbd (by default, the root user).
(CVE-2015-0240)

After installing this update, the smb service will be restarted
automatically.
--

SL7
 x86_64
 libsmbclient-4.1.1-38.el7_0.i686.rpm
 libsmbclient-4.1.1-38.el7_0.x86_64.rpm
 libwbclient-4.1.1-38.el7_0.i686.rpm
 libwbclient-4.1.1-38.el7_0.x86_64.rpm
 samba-client-4.1.1-38.el7_0.x86_64.rpm
 samba-common-4.1.1-38.el7_0.x86_64.rpm
 samba-debuginfo-4.1.1-38.el7_0.i686.rpm
 samba-debuginfo-4.1.1-38.el7_0.x86_64.rpm
 samba-libs-4.1.1-38.el7_0.i686.rpm
 samba-libs-4.1.1-38.el7_0.x86_64.rpm
 samba-winbind-4.1.1-38.el7_0.x86_64.rpm
 samba-winbind-modules-4.1.1-38.el7_0.i686.rpm
 samba-winbind-modules-4.1.1-38.el7_0.x86_64.rpm

- Scientific Linux Development Team