Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

Ubuntu 17.04 USN-3353-2 Critical: Samba Denial Of Service Threat

ubuntu
Calendar Grey July 14, 2017
Dist Ubuntu Esm H88
A critical flaw in Samba on Ubuntu enables unauthorized access to network resources. Immediate updates suggested for user protection.
Samba could allow unintended access to network services.

Summary

Samba could allow unintended access to network services.

Software Description:

- samba: SMB/CIFS file, print, and login server for Unix

Details:

USN-3353-1 fixed a vulnerability in Heimdal. This update provides

the corresponding update for Samba.

Jeffrey Altman, Viktor Dukhovni, and Nicolas Williams discovered

that Samba clients incorrectly trusted unauthenticated portions of

Kerberos tickets. A remote attacker could use this to impersonate

trusted network servers or perform other attacks.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 17.04:
  samba-libs                      2:4.5.8+dfsg-0ubuntu0.17.04.4

Ubuntu 16.10:
  samba-libs                      2:4.4.5+dfsg-2ubuntu5.8

Ubuntu 16.04 LTS:
  samba-libs                      2:4.3.11+dfsg-0ubuntu0.16.04.9

Ubuntu 14.04 LTS:
  samba-libs                      2:4.3.11+dfsg-0ubuntu0.14.04.10

In general, a standard system update will make all the necessary changes.

References

CVE-2017-11103

Severity
critical
Lowest
Low
Medium
High
Critical

July 14, 2017

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here