Alerts This Week
Warning Icon 1 566
Alerts This Week
Warning Icon 1 566

Ubuntu 17.04 USN-3296-1 Critical Samba Remote Code Execution Risk

Calendar May 24, 2017 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory samba system update critical severity ubuntu remote execution risk
Samba could be made to run programs as an administrator. 
=========================================================================Ubuntu Security Notice USN-3296-1
May 24, 2017

samba vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 17.04
- Ubuntu 16.10
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS

Summary:

Samba could be made to run programs as an administrator.

Software Description:
- samba: SMB/CIFS file, print, and login server for Unix

Details:

It was discovered that Samba incorrectly handled shared libraries. A remote
attacker could use this flaw to upload a shared library to a writable share
and execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 17.04:
  samba                           2:4.5.8+dfsg-0ubuntu0.17.04.2

Ubuntu 16.10:
  samba                           2:4.4.5+dfsg-2ubuntu5.6

Ubuntu 16.04 LTS:
  samba                           2:4.3.11+dfsg-0ubuntu0.16.04.7

Ubuntu 14.04 LTS:
  samba                           2:4.3.11+dfsg-0ubuntu0.14.04.8

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-3296-1
  CVE-2017-7494

Package Information:
  https://launchpad.net/ubuntu/+source/samba/2:4.5.8+dfsg-0ubuntu0.17.04.2
  https://launchpad.net/ubuntu/+source/samba/2:4.4.5+dfsg-2ubuntu5.6
  https://launchpad.net/ubuntu/+source/samba/2:4.3.11+dfsg-0ubuntu0.16.04.7
  https://launchpad.net/ubuntu/+source/samba/2:4.3.11+dfsg-0ubuntu0.14.04.8

Ubuntu 17.04 USN-3296-1 Critical Samba Remote Code Execution Risk

ubuntu
Calendar Grey May 24, 2017
Dist Ubuntu Esm H88
Immediate Samba security alert for Ubuntu highlights severe remote execution threats. Make sure to update your system without delay.
Samba could be made to run programs as an administrator.

Summary

Topics%20covered

Topics Covered

security advisory samba system update critical severity ubuntu remote execution risk

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 17.04: samba 2:4.5.8+dfsg-0ubuntu0.17.04.2 Ubuntu 16.10: samba 2:4.4.5+dfsg-2ubuntu5.6 Ubuntu 16.04 LTS: samba 2:4.3.11+dfsg-0ubuntu0.16.04.7 Ubuntu 14.04 LTS: samba 2:4.3.11+dfsg-0ubuntu0.14.04.8 In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-3296-1

CVE-2017-7494

Severity
critical
Lowest
Low
Medium
High
Critical

May 24, 2017

Topics%20covered

Topics Covered

security advisory samba system update critical severity ubuntu remote execution risk

Package Information

https://launchpad.net/ubuntu/+source/samba/2:4.5.8+dfsg-0ubuntu0.17.04.2 https://launchpad.net/ubuntu/+source/samba/2:4.4.5+dfsg-2ubuntu5.6 https://launchpad.net/ubuntu/+source/samba/2:4.3.11+dfsg-0ubuntu0.16.04.7 https://launchpad.net/ubuntu/+source/samba/2:4.3.11+dfsg-0ubuntu0.14.04.8

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here