Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -8 articles for you...
202
security advisoryupdateDoSopenSUSE 13.1: 2016:1106-1 Important Samba DoS And MITM
An update that fixes 17 vulnerabilities is now available. An update that fixes 17 vulnerabilities is now available. An update that fixes 17 vulnerabilities is now available.. openSUSE Security Update: Security update for samba ______________________________________________________________________________ Announcement ID: openSUSE-SU-2016:1106-1 Rating: important References: #844720 #849224 #853347 #917376 #936862 #958582 #958583 #958584 #958586 #968222 #971965 #973031 #973032 #973033 #973034 #973035 #973036 Cross-References: CVE-2012-6150 CVE-2013-4408 CVE-2013-4496 CVE-2015-0240 CVE-2015-5252 CVE-2015-5296 CVE-2015-5299 CVE-2015-5330 CVE-2015-5370 CVE-2015-7560 CVE-2016-2110 CVE-2016-2111 CVE-2016-2112 CVE-2016-2113 CVE-2016-2114 CVE-2016-2115 CVE-2016-2118 Affected Products: openSUSE 13.1 ______________________________________________________________________________ An update that fixes 17 vulnerabilities is now available. Description: This update fixes these security vulnerabilities: - CVE-2015-5370: DCERPC server and client were vulnerable to DOS and MITM attacks (bsc#936862). - CVE-2016-2110: A man-in-the-middle could have downgraded NTLMSSP authentication (bsc#973031). - CVE-2016-2111: Domain controller netlogon member computer could have been spoofed (bsc#973032). - CVE-2016-2112: LDAP conenctions were vulnerable to downgrade and MITM attack (bsc#973033). - CVE-2016-2113: TLS certificate validation were missing (bsc#973034). - CVE-2016-2114: "server signing = mandatory" not enforced (bsc#973035). - CVE-2016-2115: Named pipe IPC were vulnerable to MITM attacks (bsc#973036). - CVE-2016-2118: "Badlock" DCERPC impersonation of authenticated account were possible (bsc#971965). The openSUSE 13.1 update also upgrades to samba 4.2.4 as 4.1.x versions areno longer supported by upstream. As a side effect, libpdb0 package was replaced by libsamba-passdb0. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 13.1: zypper in -t patch 2016-490=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 13.1 (i586 x86_64): ctdb-4.2.4-3.54.2 ctdb-debuginfo-4.2.4-3.54.2 ctdb-devel-4.2.4-3.54.2 ctdb-pcp-pmda-4.2.4-3.54.2 ctdb-pcp-pmda-debuginfo-4.2.4-3.54.2 ctdb-tests-4.2.4-3.54.2 ctdb-tests-debuginfo-4.2.4-3.54.2 libdcerpc-atsvc-devel-4.2.4-3.54.2 libdcerpc-atsvc0-4.2.4-3.54.2 libdcerpc-atsvc0-debuginfo-4.2.4-3.54.2 libdcerpc-binding0-4.2.4-3.54.2 libdcerpc-binding0-debuginfo-4.2.4-3.54.2 libdcerpc-devel-4.2.4-3.54.2 libdcerpc-samr-devel-4.2.4-3.54.2 libdcerpc-samr0-4.2.4-3.54.2 libdcerpc-samr0-debuginfo-4.2.4-3.54.2 libdcerpc0-4.2.4-3.54.2 libdcerpc0-debuginfo-4.2.4-3.54.2 libgensec-devel-4.2.4-3.54.2 libgensec0-4.2.4-3.54.2 libgensec0-debuginfo-4.2.4-3.54.2 libndr-devel-4.2.4-3.54.2 libndr-krb5pac-devel-4.2.4-3.54.2 libndr-krb5pac0-4.2.4-3.54.2 libndr-krb5pac0-debuginfo-4.2.4-3.54.2 libndr-nbt-devel-4.2.4-3.54.2 libndr-nbt0-4.2.4-3.54.2 libndr-nbt0-debuginfo-4.2.4-3.54.2 libndr-standard-devel-4.2.4-3.54.2 libndr-standard0-4.2.4-3.54.2 libndr-standard0-debuginfo-4.2.4-3.54.2 libndr0-4.2.4-3.54.2 libndr0-debuginfo-4.2.4-3.54.2 libnetapi-devel-4.2.4-3.54.2 libnetapi0-4.2.4-3.54.2 libnetapi0-debuginfo-4.2.4-3.54.2 libregistry-devel-4.2.4-3.54.2 libregistry0-4.2.4-3.54.2 libregistry0-debuginfo-4.2.4-3.54.2 libsamba-credentials-devel-4.2.4-3.54.2 libsamba-credentials0-4.2.4-3.54.2 libsamba-credentials0-debuginfo-4.2.4-3.54.2 libsamba-hostconfig-devel-4.2.4-3.54.2 libsamba-hostconfig0-4.2.4-3.54.2 libsamba-hostconfig0-debuginfo-4.2.4-3.54.2 libsamba-passdb-devel-4.2.4-3.54.2 libsamba-passdb0-4.2.4-3.54.2 libsamba-passdb0-debuginfo-4.2.4-3.54.2 libsamba-policy-devel-4.2.4-3.54.2 libsamba-policy0-4.2.4-3.54.2 libsamba-policy0-debuginfo-4.2.4-3.54.2 libsamba-util-devel-4.2.4-3.54.2 libsamba-util0-4.2.4-3.54.2 libsamba-util0-debuginfo-4.2.4-3.54.2 libsamdb-devel-4.2.4-3.54.2 libsamdb0-4.2.4-3.54.2 libsamdb0-debuginfo-4.2.4-3.54.2 libsmbclient-devel-4.2.4-3.54.2 libsmbclient-raw-devel-4.2.4-3.54.2 libsmbclient-raw0-4.2.4-3.54.2 libsmbclient-raw0-debuginfo-4.2.4-3.54.2 libsmbclient0-4.2.4-3.54.2 libsmbclient0-debuginfo-4.2.4-3.54.2 libsmbconf-devel-4.2.4-3.54.2 libsmbconf0-4.2.4-3.54.2 libsmbconf0-debuginfo-4.2.4-3.54.2 libsmbldap-devel-4.2.4-3.54.2 libsmbldap0-4.2.4-3.54.2 libsmbldap0-debuginfo-4.2.4-3.54.2 libtevent-util-devel-4.2.4-3.54.2 libtevent-util0-4.2.4-3.54.2 libtevent-util0-debuginfo-4.2.4-3.54.2 libwbclient-devel-4.2.4-3.54.2 libwbclient0-4.2.4-3.54.2 libwbclient0-debuginfo-4.2.4-3.54.2 samba-4.2.4-3.54.2 samba-client-4.2.4-3.54.2 samba-client-debuginfo-4.2.4-3.54.2 samba-core-devel-4.2.4-3.54.2 samba-debuginfo-4.2.4-3.54.2 samba-debugsource-4.2.4-3.54.2 samba-libs-4.2.4-3.54.2 samba-libs-debuginfo-4.2.4-3.54.2 samba-pidl-4.2.4-3.54.2 samba-python-4.2.4-3.54.2 samba-python-debuginfo-4.2.4-3.54.2 samba-test-4.2.4-3.54.2 samba-test-debuginfo-4.2.4-3.54.2 samba-test-devel-4.2.4-3.54.2 samba-winbind-4.2.4-3.54.2 samba-winbind-debuginfo-4.2.4-3.54.2 - openSUSE 13.1 (x86_64): libdcerpc-atsvc0-32bit-4.2.4-3.54.2 libdcerpc-atsvc0-debuginfo-32bit-4.2.4-3.54.2 libdcerpc-binding0-32bit-4.2.4-3.54.2 libdcerpc-binding0-debuginfo-32bit-4.2.4-3.54.2 libdcerpc-samr0-32bit-4.2.4-3.54.2 libdcerpc-samr0-debuginfo-32bit-4.2.4-3.54.2 libdcerpc0-32bit-4.2.4-3.54.2 libdcerpc0-debuginfo-32bit-4.2.4-3.54.2 libgensec0-32bit-4.2.4-3.54.2 libgensec0-debuginfo-32bit-4.2.4-3.54.2 libndr-krb5pac0-32bit-4.2.4-3.54.2 libndr-krb5pac0-debuginfo-32bit-4.2.4-3.54.2 libndr-nbt0-32bit-4.2.4-3.54.2 libndr-nbt0-debuginfo-32bit-4.2.4-3.54.2 libndr-standard0-32bit-4.2.4-3.54.2 libndr-standard0-debuginfo-32bit-4.2.4-3.54.2 libndr0-32bit-4.2.4-3.54.2 libndr0-debuginfo-32bit-4.2.4-3.54.2 libnetapi0-32bit-4.2.4-3.54.2 libnetapi0-debuginfo-32bit-4.2.4-3.54.2 libregistry0-32bit-4.2.4-3.54.2 libregistry0-debuginfo-32bit-4.2.4-3.54.2 libsamba-credentials0-32bit-4.2.4-3.54.2 libsamba-credentials0-debuginfo-32bit-4.2.4-3.54.2 libsamba-hostconfig0-32bit-4.2.4-3.54.2 libsamba-hostconfig0-debuginfo-32bit-4.2.4-3.54.2 libsamba-passdb0-32bit-4.2.4-3.54.2 libsamba-passdb0-debuginfo-32bit-4.2.4-3.54.2 libsamba-policy0-32bit-4.2.4-3.54.2 libsamba-policy0-debuginfo-32bit-4.2.4-3.54.2 libsamba-util0-32bit-4.2.4-3.54.2 libsamba-util0-debuginfo-32bit-4.2.4-3.54.2 libsamdb0-32bit-4.2.4-3.54.2 libsamdb0-debuginfo-32bit-4.2.4-3.54.2 libsmbclient-raw0-32bit-4.2.4-3.54.2 libsmbclient-raw0-debuginfo-32bit-4.2.4-3.54.2 libsmbclient0-32bit-4.2.4-3.54.2 libsmbclient0-debuginfo-32bit-4.2.4-3.54.2 libsmbconf0-32bit-4.2.4-3.54.2 libsmbconf0-debuginfo-32bit-4.2.4-3.54.2 libsmbldap0-32bit-4.2.4-3.54.2 libsmbldap0-debuginfo-32bit-4.2.4-3.54.2 libtevent-util0-32bit-4.2.4-3.54.2 libtevent-util0-debuginfo-32bit-4.2.4-3.54.2 libwbclient0-32bit-4.2.4-3.54.2 libwbclient0-debuginfo-32bit-4.2.4-3.54.2 samba-32bit-4.2.4-3.54.2 samba-client-32bit-4.2.4-3.54.2 samba-client-debuginfo-32bit-4.2.4-3.54.2 samba-debuginfo-32bit-4.2.4-3.54.2 samba-libs-32bit-4.2.4-3.54.2 samba-libs-debuginfo-32bit-4.2.4-3.54.2 samba-winbind-32bit-4.2.4-3.54.2 samba-winbind-debuginfo-32bit-4.2.4-3.54.2 - openSUSE 13.1 (noarch): samba-doc-4.2.4-3.54.2 References: https://www.suse.com/security/cve/CVE-2012-6150.html https://www.suse.com/security/cve/CVE-2013-4408.html https://www.suse.com/security/cve/CVE-2013-4496.html https://www.suse.com/security/cve/CVE-2015-0240.html https://www.suse.com/security/cve/CVE-2015-5252.html https://www.suse.com/security/cve/CVE-2015-5296.html https://www.suse.com/security/cve/CVE-2015-5299.html https://www.suse.com/security/cve/CVE-2015-5330.html https://www.suse.com/security/cve/CVE-2015-5370.html https://www.suse.com/security/cve/CVE-2015-7560.html https://www.suse.com/security/cve/CVE-2016-2110.html https://www.suse.com/security/cve/CVE-2016-2111.html https://www.suse.com/security/cve/CVE-2016-2112.html https://www.suse.com/security/cve/CVE-2016-2113.html https://www.suse.com/security/cve/CVE-2016-2114.html https://www.suse.com/security/cve/CVE-2016-2115.html https://www.suse.com/security/cve/CVE-2016-2118.html https://bugzilla.suse.com/844720 https://bugzilla.suse.com/849224 https://bugzilla.suse.com/853347 https://bugzilla.suse.com/917376 https://bugzilla.suse.com/936862 https://bugzilla.suse.com/958582 https://bugzilla.suse.com/958583 https://bugzilla.suse.com/958584 https://bugzilla.suse.com/958586 https://bugzilla.suse.com/968222 https://bugzilla.suse.com/971965 https://bugzilla.suse.com/973031 https://bugzilla.suse.com/973032 https://bugzilla.suse.com/973033 https://bugzilla.suse.com/973034 https://bugzilla.suse.com/973035 https://bugzilla.suse.com/973036 . Important security patch for Samba in openSUSE addressing multiple vulnerabilities, along with vital guidelines.. samba update, openSUSE security, samba threats, openSUSE update instructions. . Severity: Important. LinuxSecurity.com Team
Apr 20, 2016
•Important
OpenSUSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!