Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 8 articles for you...
98
security advisorycriticalremote code executionRed Hat 5 ELS: RHSA-2017:1272-01 Critical: Samba3x Remote Code Execution
An update for samba3x is now available for Red Hat Enterprise Linux 5 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Important: samba3x security update Advisory ID: RHSA-2017:1272-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:1272 Issue date: 2017-05-24 CVE Names: CVE-2017-7494 ==================================================================== 1. Summary: An update for samba3x is now available for Red Hat Enterprise Linux 5 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server (v. 5 ELS) - i386, s390x, x86_64 3. Description: Samba is an open-source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. Security Fix(es): * A remote code execution flaw was found in Samba. A malicious authenticated samba client, having write access to the samba share, could use this flaw to execute arbitrary code as root. (CVE-2017-7494) Red Hat would like to thank the Samba project for reporting this issue. Upstream acknowledges steelo as the original reporter. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, the smb service will berestarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1450347 - CVE-2017-7494 samba: Loading shared modules from any path in the system leading to RCE 6. Package List: Red Hat Enterprise Linux Server (v. 5 ELS): Source: samba3x-3.6.23-14.el5_11.src.rpm i386: samba3x-3.6.23-14.el5_11.i386.rpm samba3x-client-3.6.23-14.el5_11.i386.rpm samba3x-common-3.6.23-14.el5_11.i386.rpm samba3x-debuginfo-3.6.23-14.el5_11.i386.rpm samba3x-doc-3.6.23-14.el5_11.i386.rpm samba3x-domainjoin-gui-3.6.23-14.el5_11.i386.rpm samba3x-swat-3.6.23-14.el5_11.i386.rpm samba3x-winbind-3.6.23-14.el5_11.i386.rpm samba3x-winbind-devel-3.6.23-14.el5_11.i386.rpm s390x: samba3x-3.6.23-14.el5_11.s390x.rpm samba3x-client-3.6.23-14.el5_11.s390x.rpm samba3x-common-3.6.23-14.el5_11.s390x.rpm samba3x-debuginfo-3.6.23-14.el5_11.s390.rpm samba3x-debuginfo-3.6.23-14.el5_11.s390x.rpm samba3x-doc-3.6.23-14.el5_11.s390x.rpm samba3x-domainjoin-gui-3.6.23-14.el5_11.s390x.rpm samba3x-swat-3.6.23-14.el5_11.s390x.rpm samba3x-winbind-3.6.23-14.el5_11.s390.rpm samba3x-winbind-3.6.23-14.el5_11.s390x.rpm samba3x-winbind-devel-3.6.23-14.el5_11.s390.rpm samba3x-winbind-devel-3.6.23-14.el5_11.s390x.rpm x86_64: samba3x-3.6.23-14.el5_11.x86_64.rpm samba3x-client-3.6.23-14.el5_11.x86_64.rpm samba3x-common-3.6.23-14.el5_11.x86_64.rpm samba3x-debuginfo-3.6.23-14.el5_11.i386.rpm samba3x-debuginfo-3.6.23-14.el5_11.x86_64.rpm samba3x-doc-3.6.23-14.el5_11.x86_64.rpm samba3x-domainjoin-gui-3.6.23-14.el5_11.x86_64.rpm samba3x-swat-3.6.23-14.el5_11.x86_64.rpm samba3x-winbind-3.6.23-14.el5_11.i386.rpm samba3x-winbind-3.6.23-14.el5_11.x86_64.rpm samba3x-winbind-devel-3.6.23-14.el5_11.i386.rpm samba3x-winbind-devel-3.6.23-14.el5_11.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7.References: https://access.redhat.com/security/cve/CVE-2017-7494 https://access.redhat.com/security/updates/classification#important https://access.redhat.com/security/vulnerabilities/27e992a5-7725-4ae8-8d91-dc3fc937552a 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFZJXsvXlSAg2UNWIIRAoAuAJ9Wes7v2YpTfCI2EZoIy+75DEYjRQCeJ6MY uM5BG8IMm9bFtCwhTvcxrI8=/9qH -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list
May 24, 2017
•Important
Red Hat
98
security advisorycriticalremote code executionRed Hat Enterprise Linux: RHSA-2016:0613-01 Critical Samba3x DoS Flaws
An update for samba3x is now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Critical: samba3x security update Advisory ID: RHSA-2016:0613-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2016:0613.html Issue date: 2016-04-12 CVE Names: CVE-2015-5370 CVE-2016-2110 CVE-2016-2111 CVE-2016-2112 CVE-2016-2115 CVE-2016-2118 ==================================================================== 1. Summary: An update for samba3x is now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop Workstation (v. 5 client) - i386, x86_64 3. Description: Samba is an open-source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. Security Fix(es): * Multiple flaws were found in Samba's DCE/RPC protocol implementation. A remote, authenticated attacker could use these flaws to cause a denial of service against the Samba server (high CPU load or a crash) or, possibly, execute arbitrary code with the permissions of the user running Samba (root). This flawcould also be used to downgrade a secure DCE/RPC connection by a man-in-the-middle attacker taking control of an Active Directory (AD) object and compromising the security of a Samba Active Directory Domain Controller (DC). (CVE-2015-5370) Note: While Samba packages as shipped in Red Hat Enterprise Linux do not support running Samba as an AD DC, this flaw applies to all roles Samba implements. * A protocol flaw, publicly referred to as Badlock, was found in the Security Account Manager Remote Protocol (MS-SAMR) and the Local Security Authority (Domain Policy) Remote Protocol (MS-LSAD). Any authenticated DCE/RPC connection that a client initiates against a server could be used by a man-in-the-middle attacker to impersonate the authenticated user against the SAMR or LSA service on the server. As a result, the attacker would be able to get read/write access to the Security Account Manager database, and use this to reveal all passwords or any other potentially sensitive information in that database. (CVE-2016-2118) * Several flaws were found in Samba's implementation of NTLMSSP authentication. An unauthenticated, man-in-the-middle attacker could use this flaw to clear the encryption and integrity flags of a connection, causing data to be transmitted in plain text. The attacker could also force the client or server into sending data in plain text even if encryption was explicitly requested for that connection. (CVE-2016-2110) * It was discovered that Samba configured as a Domain Controller would establish a secure communication channel with a machine using a spoofed computer name. A remote attacker able to observe network traffic could use this flaw to obtain session-related information about the spoofed machine. (CVE-2016-2111) * It was found that Samba's LDAP implementation did not enforce integrity protection for LDAP connections. A man-in-the-middle attacker could use this flaw to downgrade LDAP connections to use no integrity protection, allowing them to hijack such connections. (CVE-2016-2112) * It wasfound that Samba did not enable integrity protection for IPC traffic by default. A man-in-the-middle attacker could use this flaw to view and modify the data sent between a Samba server and a client. (CVE-2016-2115) Red Hat would like to thank the Samba project for reporting these issues. Upstream acknowledges Jouni Knuutinen (Synopsis) as the original reporter of CVE-2015-5370; and Stefan Metzmacher (SerNet) as the original reporter of CVE-2016-2118, CVE-2016-2110, CVE-2016-2112, and CVE-2016-2115. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, the smb service will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1309987 - CVE-2015-5370 samba: crash in dcesrv_auth_bind_ack due to missing error check 1311893 - CVE-2016-2110 samba: Man-in-the-middle attacks possible with NTLMSSP authentication 1311902 - CVE-2016-2111 samba: Spoofing vulnerability when domain controller is configured 1311903 - CVE-2016-2112 samba: Missing downgrade detection 1312084 - CVE-2016-2115 samba: Smb signing not required by default when smb client connection is used for ipc usage 1317990 - CVE-2016-2118 samba: SAMR and LSA man in the middle attacks 6. Package List: Red Hat Enterprise Linux Desktop (v. 5client): Source: samba3x-3.6.23-12.el5_11.src.rpm i386: samba3x-3.6.23-12.el5_11.i386.rpm samba3x-client-3.6.23-12.el5_11.i386.rpm samba3x-common-3.6.23-12.el5_11.i386.rpm samba3x-debuginfo-3.6.23-12.el5_11.i386.rpm samba3x-doc-3.6.23-12.el5_11.i386.rpm samba3x-domainjoin-gui-3.6.23-12.el5_11.i386.rpm samba3x-swat-3.6.23-12.el5_11.i386.rpm samba3x-winbind-3.6.23-12.el5_11.i386.rpm x86_64: samba3x-3.6.23-12.el5_11.x86_64.rpm samba3x-client-3.6.23-12.el5_11.x86_64.rpm samba3x-common-3.6.23-12.el5_11.x86_64.rpm samba3x-debuginfo-3.6.23-12.el5_11.i386.rpm samba3x-debuginfo-3.6.23-12.el5_11.x86_64.rpm samba3x-doc-3.6.23-12.el5_11.x86_64.rpm samba3x-domainjoin-gui-3.6.23-12.el5_11.x86_64.rpm samba3x-swat-3.6.23-12.el5_11.x86_64.rpm samba3x-winbind-3.6.23-12.el5_11.i386.rpm samba3x-winbind-3.6.23-12.el5_11.x86_64.rpm Red Hat Enterprise Linux Desktop Workstation (v. 5 client): Source: samba3x-3.6.23-12.el5_11.src.rpm i386: samba3x-debuginfo-3.6.23-12.el5_11.i386.rpm samba3x-winbind-devel-3.6.23-12.el5_11.i386.rpm x86_64: samba3x-debuginfo-3.6.23-12.el5_11.i386.rpm samba3x-debuginfo-3.6.23-12.el5_11.x86_64.rpm samba3x-winbind-devel-3.6.23-12.el5_11.i386.rpm samba3x-winbind-devel-3.6.23-12.el5_11.x86_64.rpm Red Hat Enterprise Linux (v. 5server): Source: samba3x-3.6.23-12.el5_11.src.rpm i386: samba3x-3.6.23-12.el5_11.i386.rpm samba3x-client-3.6.23-12.el5_11.i386.rpm samba3x-common-3.6.23-12.el5_11.i386.rpm samba3x-debuginfo-3.6.23-12.el5_11.i386.rpm samba3x-doc-3.6.23-12.el5_11.i386.rpm samba3x-domainjoin-gui-3.6.23-12.el5_11.i386.rpm samba3x-swat-3.6.23-12.el5_11.i386.rpm samba3x-winbind-3.6.23-12.el5_11.i386.rpm samba3x-winbind-devel-3.6.23-12.el5_11.i386.rpm ia64: samba3x-3.6.23-12.el5_11.ia64.rpm samba3x-client-3.6.23-12.el5_11.ia64.rpm samba3x-common-3.6.23-12.el5_11.ia64.rpm samba3x-debuginfo-3.6.23-12.el5_11.ia64.rpm samba3x-doc-3.6.23-12.el5_11.ia64.rpm samba3x-domainjoin-gui-3.6.23-12.el5_11.ia64.rpm samba3x-swat-3.6.23-12.el5_11.ia64.rpm samba3x-winbind-3.6.23-12.el5_11.ia64.rpm samba3x-winbind-devel-3.6.23-12.el5_11.ia64.rpm ppc: samba3x-3.6.23-12.el5_11.ppc.rpm samba3x-client-3.6.23-12.el5_11.ppc.rpm samba3x-common-3.6.23-12.el5_11.ppc.rpm samba3x-debuginfo-3.6.23-12.el5_11.ppc.rpm samba3x-debuginfo-3.6.23-12.el5_11.ppc64.rpm samba3x-doc-3.6.23-12.el5_11.ppc.rpm samba3x-domainjoin-gui-3.6.23-12.el5_11.ppc.rpm samba3x-swat-3.6.23-12.el5_11.ppc.rpm samba3x-winbind-3.6.23-12.el5_11.ppc.rpm samba3x-winbind-3.6.23-12.el5_11.ppc64.rpm samba3x-winbind-devel-3.6.23-12.el5_11.ppc.rpm samba3x-winbind-devel-3.6.23-12.el5_11.ppc64.rpm s390x: samba3x-3.6.23-12.el5_11.s390x.rpm samba3x-client-3.6.23-12.el5_11.s390x.rpm samba3x-common-3.6.23-12.el5_11.s390x.rpm samba3x-debuginfo-3.6.23-12.el5_11.s390.rpm samba3x-debuginfo-3.6.23-12.el5_11.s390x.rpm samba3x-doc-3.6.23-12.el5_11.s390x.rpm samba3x-domainjoin-gui-3.6.23-12.el5_11.s390x.rpm samba3x-swat-3.6.23-12.el5_11.s390x.rpm samba3x-winbind-3.6.23-12.el5_11.s390.rpm samba3x-winbind-3.6.23-12.el5_11.s390x.rpm samba3x-winbind-devel-3.6.23-12.el5_11.s390.rpm samba3x-winbind-devel-3.6.23-12.el5_11.s390x.rpm x86_64: samba3x-3.6.23-12.el5_11.x86_64.rpm samba3x-client-3.6.23-12.el5_11.x86_64.rpm samba3x-common-3.6.23-12.el5_11.x86_64.rpm samba3x-debuginfo-3.6.23-12.el5_11.i386.rpm samba3x-debuginfo-3.6.23-12.el5_11.x86_64.rpm samba3x-doc-3.6.23-12.el5_11.x86_64.rpm samba3x-domainjoin-gui-3.6.23-12.el5_11.x86_64.rpm samba3x-swat-3.6.23-12.el5_11.x86_64.rpm samba3x-winbind-3.6.23-12.el5_11.i386.rpm samba3x-winbind-3.6.23-12.el5_11.x86_64.rpm samba3x-winbind-devel-3.6.23-12.el5_11.i386.rpm samba3x-winbind-devel-3.6.23-12.el5_11.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2015-5370 https://access.redhat.com/security/cve/CVE-2016-2110 https://access.redhat.com/security/cve/CVE-2016-2111 https://access.redhat.com/security/cve/CVE-2016-2112 https://access.redhat.com/security/cve/CVE-2016-2115 https://access.redhat.com/security/cve/CVE-2016-2118 https://access.redhat.com/security/updates/classification#critical https://access.redhat.com/security/vulnerabilities/badlock https://access.redhat.com/articles/2253041 https://samba.plus https://access.redhat.com/articles/2243351 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFXDVqdXlSAg2UNWIIRAjMSAKCLFhagJ+je2PAvXLVUFXthhmkeuACdFzNR 1HQ8NO41Ko+xBfVbZj6yDuE=s7iv -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list
Apr 12, 2016
•Critical
Red Hat
200
security advisorydenial of servicesecurity updateScientific Linux: SLSA-2016:0613-1 Critical: samba3x Denial of Service
Critical: samba3x security update. Date: Tue, 12 Apr 2016 21:46:08 -0000 Reply-To: scientific-linux-users@ Sender: Security Errata for Scientific Linux From: Pat Riehecky Subject: Security ERRATA Critical: samba3x on SL5.x i386/x86_64 MIME-Version: 1.0 Message-ID: Synopsis: Critical: samba3x security update Advisory ID: SLSA-2016:0613-1 Issue Date: 2016-04-12 CVE Numbers: CVE-2016-2110 CVE-2016-2111 CVE-2016-2112 CVE-2016-2115 CVE-2016-2118 CVE-2015-5370 -- Security Fix(es): * Multiple flaws were found in Samba's DCE/RPC protocol implementation. A remote, authenticated attacker could use these flaws to cause a denial of service against the Samba server (high CPU load or a crash) or, possibly, execute arbitrary code with the permissions of the user running Samba (root). This flaw could also be used to downgrade a secure DCE/RPC connection by a man-in-the-middle attacker taking control of an Active Directory (AD) object and compromising the security of a Samba Active Directory Domain Controller (DC). (CVE-2015-5370) Note: While Samba packages as shipped in Scientific Linux do not support running Samba as an AD DC, this flaw applies to all roles Samba implements. * A protocol flaw, publicly referred to as Badlock, was found in the Security Account Manager Remote Protocol (MS-SAMR) and the Local Security Authority (Domain Policy) Remote Protocol (MS-LSAD). Any authenticated DCE/RPC connection that a client initiates against a server could be used by a man-in-the-middle attacker to impersonate the authenticated user against the SAMR or LSA service on the server. As a result, the attacker would be able to get read/write access to the Security Account Manager database, and use this to reveal all passwords or any other potentially sensitive information in that database. (CVE-2016-2118) * Several flaws were found in Samba's implementation of NTLMSSP authentication. An unauthenticated, man-in-the-middle attacker could use this flaw to clear the encryption and integrity flags of a connection, causingdata to be transmitted in plain text. The attacker could also force the client or server into sending data in plain text even if encryption was explicitly requested for that connection. (CVE-2016-2110) * It was discovered that Samba configured as a Domain Controller would establish a secure communication channel with a machine using a spoofed computer name. A remote attacker able to observe network traffic could use this flaw to obtain session-related information about the spoofed machine. (CVE-2016-2111) * It was found that Samba's LDAP implementation did not enforce integrity protection for LDAP connections. A man-in-the-middle attacker could use this flaw to downgrade LDAP connections to use no integrity protection, allowing them to hijack such connections. (CVE-2016-2112) * It was found that Samba did not enable integrity protection for IPC traffic by default. A man-in-the-middle attacker could use this flaw to view and modify the data sent between a Samba server and a client. (CVE-2016-2115) -- SL5 x86_64 samba3x-3.6.23-12.el5_11.x86_64.rpm samba3x-client-3.6.23-12.el5_11.x86_64.rpm samba3x-common-3.6.23-12.el5_11.x86_64.rpm samba3x-debuginfo-3.6.23-12.el5_11.i386.rpm samba3x-debuginfo-3.6.23-12.el5_11.x86_64.rpm samba3x-doc-3.6.23-12.el5_11.x86_64.rpm samba3x-domainjoin-gui-3.6.23-12.el5_11.x86_64.rpm samba3x-swat-3.6.23-12.el5_11.x86_64.rpm samba3x-winbind-3.6.23-12.el5_11.i386.rpm samba3x-winbind-3.6.23-12.el5_11.x86_64.rpm samba3x-winbind-devel-3.6.23-12.el5_11.i386.rpm samba3x-winbind-devel-3.6.23-12.el5_11.x86_64.rpm i386 samba3x-3.6.23-12.el5_11.i386.rpm samba3x-client-3.6.23-12.el5_11.i386.rpm samba3x-common-3.6.23-12.el5_11.i386.rpm samba3x-debuginfo-3.6.23-12.el5_11.i386.rpm samba3x-doc-3.6.23-12.el5_11.i386.rpm samba3x-domainjoin-gui-3.6.23-12.el5_11.i386.rpm samba3x-swat-3.6.23-12.el5_11.i386.rpm samba3x-winbind-3.6.23-12.el5_11.i386.rpm samba3x-winbind-devel-3.6.23-12.el5_11.i386.rpm - Scientific Linux Development Team . Important samba3x security patch resolvesvarious vulnerabilities and delivers improvements on Scientific Linux.. Samba3X Critical Update, Security Advisory, Remote Exploit. . Severity: Critical. LinuxSecurity.com Team
Apr 12, 2016
•Critical
Scientific Linux
98
security advisorysecurity issueRed HatRed Hat 5.6 & 5.9 RHSA-2015:0253-01 Critical Samba3x Risk
Updated samba3x packages that fix one security issue are now available for Red Hat Enterprise Linux 5.6 Long Life and Red Hat Enterprise Linux 5.9 Extended Update Support. Red Hat Product Security has rated this update as having Critical security. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Critical: samba3x security update Advisory ID: RHSA-2015:0253-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2015:0253.html Issue date: 2015-02-23 CVE Names: CVE-2015-0240 ==================================================================== 1. Summary: Updated samba3x packages that fix one security issue are now available for Red Hat Enterprise Linux 5.6 Long Life and Red Hat Enterprise Linux 5.9 Extended Update Support. Red Hat Product Security has rated this update as having Critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux EUS (v. 5.9 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux LL (v. 5.6 server) - i386, ia64, x86_64 3. Description: Samba is an open-source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. An uninitialized pointer use flaw was found in the Samba daemon (smbd). A malicious Samba client could send specially crafted netlogon packets that, when processed by smbd, could potentially lead to arbitrary code execution with the privileges of the user running smbd (by default, the root user). (CVE-2015-0240) For additional information about this flaw, see the Knowledgebase article at https://access.redhat.com/articles/1346913 Red Hat would like to thank theSamba project for reporting this issue. Upstream acknowledges Richard van Eeden of Microsoft Vulnerability Research as the original reporter of this issue. All Samba users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, the smb service will be restarted automatically. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1191325 - CVE-2015-0240 samba: talloc free on uninitialized stack pointer in netlogon server could lead to remote-code execution 6. Package List: Red Hat Enterprise Linux LL (v. 5.6server): Source: samba3x-3.5.4-0.70.el5_6.4.src.rpm i386: samba3x-3.5.4-0.70.el5_6.4.i386.rpm samba3x-client-3.5.4-0.70.el5_6.4.i386.rpm samba3x-common-3.5.4-0.70.el5_6.4.i386.rpm samba3x-debuginfo-3.5.4-0.70.el5_6.4.i386.rpm samba3x-doc-3.5.4-0.70.el5_6.4.i386.rpm samba3x-domainjoin-gui-3.5.4-0.70.el5_6.4.i386.rpm samba3x-swat-3.5.4-0.70.el5_6.4.i386.rpm samba3x-winbind-3.5.4-0.70.el5_6.4.i386.rpm samba3x-winbind-devel-3.5.4-0.70.el5_6.4.i386.rpm ia64: samba3x-3.5.4-0.70.el5_6.4.ia64.rpm samba3x-client-3.5.4-0.70.el5_6.4.ia64.rpm samba3x-common-3.5.4-0.70.el5_6.4.ia64.rpm samba3x-debuginfo-3.5.4-0.70.el5_6.4.ia64.rpm samba3x-doc-3.5.4-0.70.el5_6.4.ia64.rpm samba3x-domainjoin-gui-3.5.4-0.70.el5_6.4.ia64.rpm samba3x-swat-3.5.4-0.70.el5_6.4.ia64.rpm samba3x-winbind-3.5.4-0.70.el5_6.4.ia64.rpm samba3x-winbind-devel-3.5.4-0.70.el5_6.4.ia64.rpm x86_64: samba3x-3.5.4-0.70.el5_6.4.x86_64.rpm samba3x-client-3.5.4-0.70.el5_6.4.x86_64.rpm samba3x-common-3.5.4-0.70.el5_6.4.x86_64.rpm samba3x-debuginfo-3.5.4-0.70.el5_6.4.i386.rpm samba3x-debuginfo-3.5.4-0.70.el5_6.4.x86_64.rpm samba3x-doc-3.5.4-0.70.el5_6.4.x86_64.rpm samba3x-domainjoin-gui-3.5.4-0.70.el5_6.4.x86_64.rpm samba3x-swat-3.5.4-0.70.el5_6.4.x86_64.rpm samba3x-winbind-3.5.4-0.70.el5_6.4.i386.rpm samba3x-winbind-3.5.4-0.70.el5_6.4.x86_64.rpm samba3x-winbind-devel-3.5.4-0.70.el5_6.4.i386.rpm samba3x-winbind-devel-3.5.4-0.70.el5_6.4.x86_64.rpm Red Hat Enterprise Linux EUS (v. 5.9server): Source: samba3x-3.6.6-0.131.el5_9.src.rpm i386: samba3x-3.6.6-0.131.el5_9.i386.rpm samba3x-client-3.6.6-0.131.el5_9.i386.rpm samba3x-common-3.6.6-0.131.el5_9.i386.rpm samba3x-debuginfo-3.6.6-0.131.el5_9.i386.rpm samba3x-doc-3.6.6-0.131.el5_9.i386.rpm samba3x-domainjoin-gui-3.6.6-0.131.el5_9.i386.rpm samba3x-swat-3.6.6-0.131.el5_9.i386.rpm samba3x-winbind-3.6.6-0.131.el5_9.i386.rpm samba3x-winbind-devel-3.6.6-0.131.el5_9.i386.rpm ia64: samba3x-3.6.6-0.131.el5_9.ia64.rpm samba3x-client-3.6.6-0.131.el5_9.ia64.rpm samba3x-common-3.6.6-0.131.el5_9.ia64.rpm samba3x-debuginfo-3.6.6-0.131.el5_9.ia64.rpm samba3x-doc-3.6.6-0.131.el5_9.ia64.rpm samba3x-domainjoin-gui-3.6.6-0.131.el5_9.ia64.rpm samba3x-swat-3.6.6-0.131.el5_9.ia64.rpm samba3x-winbind-3.6.6-0.131.el5_9.ia64.rpm samba3x-winbind-devel-3.6.6-0.131.el5_9.ia64.rpm ppc: samba3x-3.6.6-0.131.el5_9.ppc.rpm samba3x-client-3.6.6-0.131.el5_9.ppc.rpm samba3x-common-3.6.6-0.131.el5_9.ppc.rpm samba3x-debuginfo-3.6.6-0.131.el5_9.ppc.rpm samba3x-debuginfo-3.6.6-0.131.el5_9.ppc64.rpm samba3x-doc-3.6.6-0.131.el5_9.ppc.rpm samba3x-domainjoin-gui-3.6.6-0.131.el5_9.ppc.rpm samba3x-swat-3.6.6-0.131.el5_9.ppc.rpm samba3x-winbind-3.6.6-0.131.el5_9.ppc.rpm samba3x-winbind-3.6.6-0.131.el5_9.ppc64.rpm samba3x-winbind-devel-3.6.6-0.131.el5_9.ppc.rpm samba3x-winbind-devel-3.6.6-0.131.el5_9.ppc64.rpm s390x: samba3x-3.6.6-0.131.el5_9.s390x.rpm samba3x-client-3.6.6-0.131.el5_9.s390x.rpm samba3x-common-3.6.6-0.131.el5_9.s390x.rpm samba3x-debuginfo-3.6.6-0.131.el5_9.s390.rpm samba3x-debuginfo-3.6.6-0.131.el5_9.s390x.rpm samba3x-doc-3.6.6-0.131.el5_9.s390x.rpm samba3x-domainjoin-gui-3.6.6-0.131.el5_9.s390x.rpm samba3x-swat-3.6.6-0.131.el5_9.s390x.rpm samba3x-winbind-3.6.6-0.131.el5_9.s390.rpm samba3x-winbind-3.6.6-0.131.el5_9.s390x.rpm samba3x-winbind-devel-3.6.6-0.131.el5_9.s390.rpm samba3x-winbind-devel-3.6.6-0.131.el5_9.s390x.rpm x86_64: samba3x-3.6.6-0.131.el5_9.x86_64.rpm samba3x-client-3.6.6-0.131.el5_9.x86_64.rpm samba3x-common-3.6.6-0.131.el5_9.x86_64.rpm samba3x-debuginfo-3.6.6-0.131.el5_9.i386.rpm samba3x-debuginfo-3.6.6-0.131.el5_9.x86_64.rpm samba3x-doc-3.6.6-0.131.el5_9.x86_64.rpm samba3x-domainjoin-gui-3.6.6-0.131.el5_9.x86_64.rpm samba3x-swat-3.6.6-0.131.el5_9.x86_64.rpm samba3x-winbind-3.6.6-0.131.el5_9.i386.rpm samba3x-winbind-3.6.6-0.131.el5_9.x86_64.rpm samba3x-winbind-devel-3.6.6-0.131.el5_9.i386.rpm samba3x-winbind-devel-3.6.6-0.131.el5_9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2015-0240 https://access.redhat.com/security/updates/classification#critical https://access.redhat.com/articles/1346913 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFU64RDXlSAg2UNWIIRAiyGAJ0Zyo7huKO7VXEO0+9K1TYHNb0rbwCfSABh 34JWwh0WMhR0si18/DyRuys=Ym44 -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list
Feb 23, 2015
•Critical
Red Hat
98
security advisorysecurity updatered hatRed Hat: RHSA-2015-0249-01 Critical: Samba3x Remote Code Execution
Updated samba3x packages that fix one security issue are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Critical: samba3x security update Advisory ID: RHSA-2015:0249-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2015:0249.html Issue date: 2015-02-23 CVE Names: CVE-2015-0240 ==================================================================== 1. Summary: Updated samba3x packages that fix one security issue are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 3. Description: Samba is an open-source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. An uninitialized pointer use flaw was found in the Samba daemon (smbd). A malicious Samba client could send specially crafted netlogon packets that, when processed by smbd, could potentially lead to arbitrary code execution with the privileges of the user running smbd (by default, the root user). (CVE-2015-0240) For additional information about this flaw, see the Knowledgebase article at https://access.redhat.com/articles/1346913 Red Hat would like to thank the Samba project forreporting this issue. Upstream acknowledges Richard van Eeden of Microsoft Vulnerability Research as the original reporter of this issue. All Samba users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, the smb service will be restarted automatically. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1191325 - CVE-2015-0240 samba: talloc free on uninitialized stack pointer in netlogon server could lead to remote-code execution 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: samba3x-3.6.23-9.el5_11.src.rpm i386: samba3x-3.6.23-9.el5_11.i386.rpm samba3x-client-3.6.23-9.el5_11.i386.rpm samba3x-common-3.6.23-9.el5_11.i386.rpm samba3x-debuginfo-3.6.23-9.el5_11.i386.rpm samba3x-doc-3.6.23-9.el5_11.i386.rpm samba3x-domainjoin-gui-3.6.23-9.el5_11.i386.rpm samba3x-swat-3.6.23-9.el5_11.i386.rpm samba3x-winbind-3.6.23-9.el5_11.i386.rpm x86_64: samba3x-3.6.23-9.el5_11.x86_64.rpm samba3x-client-3.6.23-9.el5_11.x86_64.rpm samba3x-common-3.6.23-9.el5_11.x86_64.rpm samba3x-debuginfo-3.6.23-9.el5_11.i386.rpm samba3x-debuginfo-3.6.23-9.el5_11.x86_64.rpm samba3x-doc-3.6.23-9.el5_11.x86_64.rpm samba3x-domainjoin-gui-3.6.23-9.el5_11.x86_64.rpm samba3x-swat-3.6.23-9.el5_11.x86_64.rpm samba3x-winbind-3.6.23-9.el5_11.i386.rpm samba3x-winbind-3.6.23-9.el5_11.x86_64.rpm RHEL Desktop Workstation (v. 5client): Source: samba3x-3.6.23-9.el5_11.src.rpm i386: samba3x-debuginfo-3.6.23-9.el5_11.i386.rpm samba3x-winbind-devel-3.6.23-9.el5_11.i386.rpm x86_64: samba3x-debuginfo-3.6.23-9.el5_11.i386.rpm samba3x-debuginfo-3.6.23-9.el5_11.x86_64.rpm samba3x-winbind-devel-3.6.23-9.el5_11.i386.rpm samba3x-winbind-devel-3.6.23-9.el5_11.x86_64.rpm Red Hat Enterprise Linux (v. 5server): Source: samba3x-3.6.23-9.el5_11.src.rpm i386: samba3x-3.6.23-9.el5_11.i386.rpm samba3x-client-3.6.23-9.el5_11.i386.rpm samba3x-common-3.6.23-9.el5_11.i386.rpm samba3x-debuginfo-3.6.23-9.el5_11.i386.rpm samba3x-doc-3.6.23-9.el5_11.i386.rpm samba3x-domainjoin-gui-3.6.23-9.el5_11.i386.rpm samba3x-swat-3.6.23-9.el5_11.i386.rpm samba3x-winbind-3.6.23-9.el5_11.i386.rpm samba3x-winbind-devel-3.6.23-9.el5_11.i386.rpm ia64: samba3x-3.6.23-9.el5_11.ia64.rpm samba3x-client-3.6.23-9.el5_11.ia64.rpm samba3x-common-3.6.23-9.el5_11.ia64.rpm samba3x-debuginfo-3.6.23-9.el5_11.ia64.rpm samba3x-doc-3.6.23-9.el5_11.ia64.rpm samba3x-domainjoin-gui-3.6.23-9.el5_11.ia64.rpm samba3x-swat-3.6.23-9.el5_11.ia64.rpm samba3x-winbind-3.6.23-9.el5_11.ia64.rpm samba3x-winbind-devel-3.6.23-9.el5_11.ia64.rpm ppc: samba3x-3.6.23-9.el5_11.ppc.rpm samba3x-client-3.6.23-9.el5_11.ppc.rpm samba3x-common-3.6.23-9.el5_11.ppc.rpm samba3x-debuginfo-3.6.23-9.el5_11.ppc.rpm samba3x-debuginfo-3.6.23-9.el5_11.ppc64.rpm samba3x-doc-3.6.23-9.el5_11.ppc.rpm samba3x-domainjoin-gui-3.6.23-9.el5_11.ppc.rpm samba3x-swat-3.6.23-9.el5_11.ppc.rpm samba3x-winbind-3.6.23-9.el5_11.ppc.rpm samba3x-winbind-3.6.23-9.el5_11.ppc64.rpm samba3x-winbind-devel-3.6.23-9.el5_11.ppc.rpm samba3x-winbind-devel-3.6.23-9.el5_11.ppc64.rpm s390x: samba3x-3.6.23-9.el5_11.s390x.rpm samba3x-client-3.6.23-9.el5_11.s390x.rpm samba3x-common-3.6.23-9.el5_11.s390x.rpm samba3x-debuginfo-3.6.23-9.el5_11.s390.rpm samba3x-debuginfo-3.6.23-9.el5_11.s390x.rpm samba3x-doc-3.6.23-9.el5_11.s390x.rpm samba3x-domainjoin-gui-3.6.23-9.el5_11.s390x.rpm samba3x-swat-3.6.23-9.el5_11.s390x.rpm samba3x-winbind-3.6.23-9.el5_11.s390.rpm samba3x-winbind-3.6.23-9.el5_11.s390x.rpm samba3x-winbind-devel-3.6.23-9.el5_11.s390.rpm samba3x-winbind-devel-3.6.23-9.el5_11.s390x.rpm x86_64: samba3x-3.6.23-9.el5_11.x86_64.rpm samba3x-client-3.6.23-9.el5_11.x86_64.rpm samba3x-common-3.6.23-9.el5_11.x86_64.rpm samba3x-debuginfo-3.6.23-9.el5_11.i386.rpm samba3x-debuginfo-3.6.23-9.el5_11.x86_64.rpm samba3x-doc-3.6.23-9.el5_11.x86_64.rpm samba3x-domainjoin-gui-3.6.23-9.el5_11.x86_64.rpm samba3x-swat-3.6.23-9.el5_11.x86_64.rpm samba3x-winbind-3.6.23-9.el5_11.i386.rpm samba3x-winbind-3.6.23-9.el5_11.x86_64.rpm samba3x-winbind-devel-3.6.23-9.el5_11.i386.rpm samba3x-winbind-devel-3.6.23-9.el5_11.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2015-0240 https://access.redhat.com/security/updates/classification#critical https://access.redhat.com/articles/1346913 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFU64N0XlSAg2UNWIIRAiNzAKC9vm4sgsyLhLBmMf/qa/Z4OyD/WQCdE0f0 6IBGxKMXzBmmN4VFjwrrFuQ=CEzD -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list
Feb 23, 2015
•Critical
Red Hat
98
security advisoryRed HatcriticalRed Hat 5.6, 5.9 RHSA-2015:0253-01 Critical: samba3x Remote Code Execution
Updated samba3x packages that fix one security issue are now available for Red Hat Enterprise Linux 5.6 Long Life and Red Hat Enterprise Linux 5.9 Extended Update Support. [More...]. ==================================================================== Red Hat Security Advisory Synopsis: Critical: samba3x security update Advisory ID: RHSA-2015:0253-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2015:0253.html Issue date: 2015-02-23 CVE Names: CVE-2015-0240 ==================================================================== 1. Summary: Updated samba3x packages that fix one security issue are now available for Red Hat Enterprise Linux 5.6 Long Life and Red Hat Enterprise Linux 5.9 Extended Update Support. Red Hat Product Security has rated this update as having Critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux EUS (v. 5.9 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux LL (v. 5.6 server) - i386, ia64, x86_64 3. Description: Samba is an open-source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. An uninitialized pointer use flaw was found in the Samba daemon (smbd). A malicious Samba client could send specially crafted netlogon packets that, when processed by smbd, could potentially lead to arbitrary code execution with the privileges of the user running smbd (by default, the root user). (CVE-2015-0240) For additional information about this flaw, see the Knowledgebase article at https://access.redhat.com/articles/1346913 Red Hat would like to thank the Samba project for reporting this issue. Upstream acknowledges Richard van Eeden of Microsoft VulnerabilityResearch as the original reporter of this issue. All Samba users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, the smb service will be restarted automatically. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1191325 - CVE-2015-0240 samba: talloc free on uninitialized stack pointer in netlogon server could lead to remote-code execution 6. Package List: Red Hat Enterprise Linux LL (v. 5.6server): Source: samba3x-3.5.4-0.70.el5_6.4.src.rpm i386: samba3x-3.5.4-0.70.el5_6.4.i386.rpm samba3x-client-3.5.4-0.70.el5_6.4.i386.rpm samba3x-common-3.5.4-0.70.el5_6.4.i386.rpm samba3x-debuginfo-3.5.4-0.70.el5_6.4.i386.rpm samba3x-doc-3.5.4-0.70.el5_6.4.i386.rpm samba3x-domainjoin-gui-3.5.4-0.70.el5_6.4.i386.rpm samba3x-swat-3.5.4-0.70.el5_6.4.i386.rpm samba3x-winbind-3.5.4-0.70.el5_6.4.i386.rpm samba3x-winbind-devel-3.5.4-0.70.el5_6.4.i386.rpm ia64: samba3x-3.5.4-0.70.el5_6.4.ia64.rpm samba3x-client-3.5.4-0.70.el5_6.4.ia64.rpm samba3x-common-3.5.4-0.70.el5_6.4.ia64.rpm samba3x-debuginfo-3.5.4-0.70.el5_6.4.ia64.rpm samba3x-doc-3.5.4-0.70.el5_6.4.ia64.rpm samba3x-domainjoin-gui-3.5.4-0.70.el5_6.4.ia64.rpm samba3x-swat-3.5.4-0.70.el5_6.4.ia64.rpm samba3x-winbind-3.5.4-0.70.el5_6.4.ia64.rpm samba3x-winbind-devel-3.5.4-0.70.el5_6.4.ia64.rpm x86_64: samba3x-3.5.4-0.70.el5_6.4.x86_64.rpm samba3x-client-3.5.4-0.70.el5_6.4.x86_64.rpm samba3x-common-3.5.4-0.70.el5_6.4.x86_64.rpm samba3x-debuginfo-3.5.4-0.70.el5_6.4.i386.rpm samba3x-debuginfo-3.5.4-0.70.el5_6.4.x86_64.rpm samba3x-doc-3.5.4-0.70.el5_6.4.x86_64.rpm samba3x-domainjoin-gui-3.5.4-0.70.el5_6.4.x86_64.rpm samba3x-swat-3.5.4-0.70.el5_6.4.x86_64.rpm samba3x-winbind-3.5.4-0.70.el5_6.4.i386.rpm samba3x-winbind-3.5.4-0.70.el5_6.4.x86_64.rpm samba3x-winbind-devel-3.5.4-0.70.el5_6.4.i386.rpm samba3x-winbind-devel-3.5.4-0.70.el5_6.4.x86_64.rpm Red Hat Enterprise Linux EUS (v. 5.9server): Source: samba3x-3.6.6-0.131.el5_9.src.rpm i386: samba3x-3.6.6-0.131.el5_9.i386.rpm samba3x-client-3.6.6-0.131.el5_9.i386.rpm samba3x-common-3.6.6-0.131.el5_9.i386.rpm samba3x-debuginfo-3.6.6-0.131.el5_9.i386.rpm samba3x-doc-3.6.6-0.131.el5_9.i386.rpm samba3x-domainjoin-gui-3.6.6-0.131.el5_9.i386.rpm samba3x-swat-3.6.6-0.131.el5_9.i386.rpm samba3x-winbind-3.6.6-0.131.el5_9.i386.rpm samba3x-winbind-devel-3.6.6-0.131.el5_9.i386.rpm ia64: samba3x-3.6.6-0.131.el5_9.ia64.rpm samba3x-client-3.6.6-0.131.el5_9.ia64.rpm samba3x-common-3.6.6-0.131.el5_9.ia64.rpm samba3x-debuginfo-3.6.6-0.131.el5_9.ia64.rpm samba3x-doc-3.6.6-0.131.el5_9.ia64.rpm samba3x-domainjoin-gui-3.6.6-0.131.el5_9.ia64.rpm samba3x-swat-3.6.6-0.131.el5_9.ia64.rpm samba3x-winbind-3.6.6-0.131.el5_9.ia64.rpm samba3x-winbind-devel-3.6.6-0.131.el5_9.ia64.rpm ppc: samba3x-3.6.6-0.131.el5_9.ppc.rpm samba3x-client-3.6.6-0.131.el5_9.ppc.rpm samba3x-common-3.6.6-0.131.el5_9.ppc.rpm samba3x-debuginfo-3.6.6-0.131.el5_9.ppc.rpm samba3x-debuginfo-3.6.6-0.131.el5_9.ppc64.rpm samba3x-doc-3.6.6-0.131.el5_9.ppc.rpm samba3x-domainjoin-gui-3.6.6-0.131.el5_9.ppc.rpm samba3x-swat-3.6.6-0.131.el5_9.ppc.rpm samba3x-winbind-3.6.6-0.131.el5_9.ppc.rpm samba3x-winbind-3.6.6-0.131.el5_9.ppc64.rpm samba3x-winbind-devel-3.6.6-0.131.el5_9.ppc.rpm samba3x-winbind-devel-3.6.6-0.131.el5_9.ppc64.rpm s390x: samba3x-3.6.6-0.131.el5_9.s390x.rpm samba3x-client-3.6.6-0.131.el5_9.s390x.rpm samba3x-common-3.6.6-0.131.el5_9.s390x.rpm samba3x-debuginfo-3.6.6-0.131.el5_9.s390.rpm samba3x-debuginfo-3.6.6-0.131.el5_9.s390x.rpm samba3x-doc-3.6.6-0.131.el5_9.s390x.rpm samba3x-domainjoin-gui-3.6.6-0.131.el5_9.s390x.rpm samba3x-swat-3.6.6-0.131.el5_9.s390x.rpm samba3x-winbind-3.6.6-0.131.el5_9.s390.rpm samba3x-winbind-3.6.6-0.131.el5_9.s390x.rpm samba3x-winbind-devel-3.6.6-0.131.el5_9.s390.rpm samba3x-winbind-devel-3.6.6-0.131.el5_9.s390x.rpm x86_64: samba3x-3.6.6-0.131.el5_9.x86_64.rpm samba3x-client-3.6.6-0.131.el5_9.x86_64.rpm samba3x-common-3.6.6-0.131.el5_9.x86_64.rpm samba3x-debuginfo-3.6.6-0.131.el5_9.i386.rpm samba3x-debuginfo-3.6.6-0.131.el5_9.x86_64.rpm samba3x-doc-3.6.6-0.131.el5_9.x86_64.rpm samba3x-domainjoin-gui-3.6.6-0.131.el5_9.x86_64.rpm samba3x-swat-3.6.6-0.131.el5_9.x86_64.rpm samba3x-winbind-3.6.6-0.131.el5_9.i386.rpm samba3x-winbind-3.6.6-0.131.el5_9.x86_64.rpm samba3x-winbind-devel-3.6.6-0.131.el5_9.i386.rpm samba3x-winbind-devel-3.6.6-0.131.el5_9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2015-0240 https://access.redhat.com/security/updates/classification/#critical https://access.redhat.com/articles/1346913 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. . Critical samba3x security patches for Red Hat versions 5.6 and 5.9 address a significant threat. Update now to protect your infrastructure.. Samba Update, Red Hat Enterprise Linux, Samba Netlogon Flaw, Samba Security Fix. . Severity: Critical. LinuxSecurity.com Team
Feb 23, 2015
•Critical
Red Hat
98
security advisoryupdatered hatRed Hat: RHSA-2014:0866-01 Moderate: Samba DoS Security Update
Updated samba3x and samba packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: samba and samba3x security update Advisory ID: RHSA-2014:0866-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2014:0866.html Issue date: 2014-07-09 CVE Names: CVE-2014-0244 CVE-2014-3493 ==================================================================== 1. Summary: Updated samba3x and samba packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: Samba is an open-source implementation of the ServerMessage Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. A denial of service flaw was found in the way the sys_recvfile() function of nmbd, the NetBIOS message block daemon, processed non-blocking sockets. An attacker could send a specially crafted packet that, when processed, would cause nmbd to enter an infinite loop and consume an excessive amount of CPU time. (CVE-2014-0244) It was discovered that smbd, the Samba file server daemon, did not properly handle certain files that were stored on the disk and used a valid Unicode character in the file name. An attacker able to send an authenticated non-Unicode request that attempted to read such a file could cause smbd to crash. (CVE-2014-3493) Red Hat would like to thank Daniel Berteaud of FIREWALL-SERVICES SARL for reporting CVE-2014-0244, and the Samba project for reporting CVE-2014-3493. The Samba project acknowledges Simon Arlott as the original reporter of CVE-2014-3493. All Samba users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, the smb service will be restarted automatically. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1097815 - CVE-2014-0244 samba: nmbd denial of service 1108748 - CVE-2014-3493 samba: smbd unicode path names denial of service 6. Package List: Red Hat Enterprise Linux Desktop (v. 5client): Source: samba3x-3.6.6-0.140.el5_10.src.rpm i386: samba3x-3.6.6-0.140.el5_10.i386.rpm samba3x-client-3.6.6-0.140.el5_10.i386.rpm samba3x-common-3.6.6-0.140.el5_10.i386.rpm samba3x-debuginfo-3.6.6-0.140.el5_10.i386.rpm samba3x-doc-3.6.6-0.140.el5_10.i386.rpm samba3x-domainjoin-gui-3.6.6-0.140.el5_10.i386.rpm samba3x-swat-3.6.6-0.140.el5_10.i386.rpm samba3x-winbind-3.6.6-0.140.el5_10.i386.rpm x86_64: samba3x-3.6.6-0.140.el5_10.x86_64.rpm samba3x-client-3.6.6-0.140.el5_10.x86_64.rpm samba3x-common-3.6.6-0.140.el5_10.x86_64.rpm samba3x-debuginfo-3.6.6-0.140.el5_10.i386.rpm samba3x-debuginfo-3.6.6-0.140.el5_10.x86_64.rpm samba3x-doc-3.6.6-0.140.el5_10.x86_64.rpm samba3x-domainjoin-gui-3.6.6-0.140.el5_10.x86_64.rpm samba3x-swat-3.6.6-0.140.el5_10.x86_64.rpm samba3x-winbind-3.6.6-0.140.el5_10.i386.rpm samba3x-winbind-3.6.6-0.140.el5_10.x86_64.rpm Red Hat Enterprise Linux Desktop Workstation (v. 5 client): Source: samba3x-3.6.6-0.140.el5_10.src.rpm i386: samba3x-debuginfo-3.6.6-0.140.el5_10.i386.rpm samba3x-winbind-devel-3.6.6-0.140.el5_10.i386.rpm x86_64: samba3x-debuginfo-3.6.6-0.140.el5_10.i386.rpm samba3x-debuginfo-3.6.6-0.140.el5_10.x86_64.rpm samba3x-winbind-devel-3.6.6-0.140.el5_10.i386.rpm samba3x-winbind-devel-3.6.6-0.140.el5_10.x86_64.rpm Red Hat Enterprise Linux (v. 5server): Source: samba3x-3.6.6-0.140.el5_10.src.rpm i386: samba3x-3.6.6-0.140.el5_10.i386.rpm samba3x-client-3.6.6-0.140.el5_10.i386.rpm samba3x-common-3.6.6-0.140.el5_10.i386.rpm samba3x-debuginfo-3.6.6-0.140.el5_10.i386.rpm samba3x-doc-3.6.6-0.140.el5_10.i386.rpm samba3x-domainjoin-gui-3.6.6-0.140.el5_10.i386.rpm samba3x-swat-3.6.6-0.140.el5_10.i386.rpm samba3x-winbind-3.6.6-0.140.el5_10.i386.rpm samba3x-winbind-devel-3.6.6-0.140.el5_10.i386.rpm ia64: samba3x-3.6.6-0.140.el5_10.ia64.rpm samba3x-client-3.6.6-0.140.el5_10.ia64.rpm samba3x-common-3.6.6-0.140.el5_10.ia64.rpm samba3x-debuginfo-3.6.6-0.140.el5_10.ia64.rpm samba3x-doc-3.6.6-0.140.el5_10.ia64.rpm samba3x-domainjoin-gui-3.6.6-0.140.el5_10.ia64.rpm samba3x-swat-3.6.6-0.140.el5_10.ia64.rpm samba3x-winbind-3.6.6-0.140.el5_10.ia64.rpm samba3x-winbind-devel-3.6.6-0.140.el5_10.ia64.rpm ppc: samba3x-3.6.6-0.140.el5_10.ppc.rpm samba3x-client-3.6.6-0.140.el5_10.ppc.rpm samba3x-common-3.6.6-0.140.el5_10.ppc.rpm samba3x-debuginfo-3.6.6-0.140.el5_10.ppc.rpm samba3x-debuginfo-3.6.6-0.140.el5_10.ppc64.rpm samba3x-doc-3.6.6-0.140.el5_10.ppc.rpm samba3x-domainjoin-gui-3.6.6-0.140.el5_10.ppc.rpm samba3x-swat-3.6.6-0.140.el5_10.ppc.rpm samba3x-winbind-3.6.6-0.140.el5_10.ppc.rpm samba3x-winbind-3.6.6-0.140.el5_10.ppc64.rpm samba3x-winbind-devel-3.6.6-0.140.el5_10.ppc.rpm samba3x-winbind-devel-3.6.6-0.140.el5_10.ppc64.rpm s390x: samba3x-3.6.6-0.140.el5_10.s390x.rpm samba3x-client-3.6.6-0.140.el5_10.s390x.rpm samba3x-common-3.6.6-0.140.el5_10.s390x.rpm samba3x-debuginfo-3.6.6-0.140.el5_10.s390.rpm samba3x-debuginfo-3.6.6-0.140.el5_10.s390x.rpm samba3x-doc-3.6.6-0.140.el5_10.s390x.rpm samba3x-domainjoin-gui-3.6.6-0.140.el5_10.s390x.rpm samba3x-swat-3.6.6-0.140.el5_10.s390x.rpm samba3x-winbind-3.6.6-0.140.el5_10.s390.rpm samba3x-winbind-3.6.6-0.140.el5_10.s390x.rpm samba3x-winbind-devel-3.6.6-0.140.el5_10.s390.rpm samba3x-winbind-devel-3.6.6-0.140.el5_10.s390x.rpm x86_64: samba3x-3.6.6-0.140.el5_10.x86_64.rpm samba3x-client-3.6.6-0.140.el5_10.x86_64.rpm samba3x-common-3.6.6-0.140.el5_10.x86_64.rpm samba3x-debuginfo-3.6.6-0.140.el5_10.i386.rpm samba3x-debuginfo-3.6.6-0.140.el5_10.x86_64.rpm samba3x-doc-3.6.6-0.140.el5_10.x86_64.rpm samba3x-domainjoin-gui-3.6.6-0.140.el5_10.x86_64.rpm samba3x-swat-3.6.6-0.140.el5_10.x86_64.rpm samba3x-winbind-3.6.6-0.140.el5_10.i386.rpm samba3x-winbind-3.6.6-0.140.el5_10.x86_64.rpm samba3x-winbind-devel-3.6.6-0.140.el5_10.i386.rpm samba3x-winbind-devel-3.6.6-0.140.el5_10.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 6): Source: samba-3.6.9-169.el6_5.src.rpm i386: libsmbclient-3.6.9-169.el6_5.i686.rpm samba-client-3.6.9-169.el6_5.i686.rpm samba-common-3.6.9-169.el6_5.i686.rpm samba-debuginfo-3.6.9-169.el6_5.i686.rpm samba-winbind-3.6.9-169.el6_5.i686.rpm samba-winbind-clients-3.6.9-169.el6_5.i686.rpm x86_64: libsmbclient-3.6.9-169.el6_5.i686.rpm libsmbclient-3.6.9-169.el6_5.x86_64.rpm samba-client-3.6.9-169.el6_5.x86_64.rpm samba-common-3.6.9-169.el6_5.i686.rpm samba-common-3.6.9-169.el6_5.x86_64.rpm samba-debuginfo-3.6.9-169.el6_5.i686.rpm samba-debuginfo-3.6.9-169.el6_5.x86_64.rpm samba-winbind-3.6.9-169.el6_5.x86_64.rpm samba-winbind-clients-3.6.9-169.el6_5.i686.rpm samba-winbind-clients-3.6.9-169.el6_5.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v.6): Source: samba-3.6.9-169.el6_5.src.rpm i386: libsmbclient-devel-3.6.9-169.el6_5.i686.rpm samba-3.6.9-169.el6_5.i686.rpm samba-debuginfo-3.6.9-169.el6_5.i686.rpm samba-doc-3.6.9-169.el6_5.i686.rpm samba-domainjoin-gui-3.6.9-169.el6_5.i686.rpm samba-swat-3.6.9-169.el6_5.i686.rpm samba-winbind-devel-3.6.9-169.el6_5.i686.rpm samba-winbind-krb5-locator-3.6.9-169.el6_5.i686.rpm x86_64: libsmbclient-devel-3.6.9-169.el6_5.i686.rpm libsmbclient-devel-3.6.9-169.el6_5.x86_64.rpm samba-3.6.9-169.el6_5.x86_64.rpm samba-debuginfo-3.6.9-169.el6_5.i686.rpm samba-debuginfo-3.6.9-169.el6_5.x86_64.rpm samba-doc-3.6.9-169.el6_5.x86_64.rpm samba-domainjoin-gui-3.6.9-169.el6_5.x86_64.rpm samba-swat-3.6.9-169.el6_5.x86_64.rpm samba-winbind-devel-3.6.9-169.el6_5.i686.rpm samba-winbind-devel-3.6.9-169.el6_5.x86_64.rpm samba-winbind-krb5-locator-3.6.9-169.el6_5.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: samba-3.6.9-169.el6_5.src.rpm x86_64: samba-client-3.6.9-169.el6_5.x86_64.rpm samba-common-3.6.9-169.el6_5.i686.rpm samba-common-3.6.9-169.el6_5.x86_64.rpm samba-debuginfo-3.6.9-169.el6_5.i686.rpm samba-debuginfo-3.6.9-169.el6_5.x86_64.rpm samba-winbind-3.6.9-169.el6_5.x86_64.rpm samba-winbind-clients-3.6.9-169.el6_5.i686.rpm samba-winbind-clients-3.6.9-169.el6_5.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: samba-3.6.9-169.el6_5.src.rpm x86_64: libsmbclient-3.6.9-169.el6_5.i686.rpm libsmbclient-3.6.9-169.el6_5.x86_64.rpm libsmbclient-devel-3.6.9-169.el6_5.i686.rpm libsmbclient-devel-3.6.9-169.el6_5.x86_64.rpm samba-3.6.9-169.el6_5.x86_64.rpm samba-debuginfo-3.6.9-169.el6_5.i686.rpm samba-debuginfo-3.6.9-169.el6_5.x86_64.rpm samba-doc-3.6.9-169.el6_5.x86_64.rpm samba-domainjoin-gui-3.6.9-169.el6_5.x86_64.rpm samba-swat-3.6.9-169.el6_5.x86_64.rpm samba-winbind-devel-3.6.9-169.el6_5.i686.rpm samba-winbind-devel-3.6.9-169.el6_5.x86_64.rpm samba-winbind-krb5-locator-3.6.9-169.el6_5.x86_64.rpm Red Hat Enterprise Linux Server (v.6): Source: samba-3.6.9-169.el6_5.src.rpm i386: libsmbclient-3.6.9-169.el6_5.i686.rpm samba-3.6.9-169.el6_5.i686.rpm samba-client-3.6.9-169.el6_5.i686.rpm samba-common-3.6.9-169.el6_5.i686.rpm samba-debuginfo-3.6.9-169.el6_5.i686.rpm samba-winbind-3.6.9-169.el6_5.i686.rpm samba-winbind-clients-3.6.9-169.el6_5.i686.rpm ppc64: libsmbclient-3.6.9-169.el6_5.ppc.rpm libsmbclient-3.6.9-169.el6_5.ppc64.rpm samba-3.6.9-169.el6_5.ppc64.rpm samba-client-3.6.9-169.el6_5.ppc64.rpm samba-common-3.6.9-169.el6_5.ppc.rpm samba-common-3.6.9-169.el6_5.ppc64.rpm samba-debuginfo-3.6.9-169.el6_5.ppc.rpm samba-debuginfo-3.6.9-169.el6_5.ppc64.rpm samba-winbind-3.6.9-169.el6_5.ppc64.rpm samba-winbind-clients-3.6.9-169.el6_5.ppc.rpm samba-winbind-clients-3.6.9-169.el6_5.ppc64.rpm s390x: libsmbclient-3.6.9-169.el6_5.s390.rpm libsmbclient-3.6.9-169.el6_5.s390x.rpm samba-3.6.9-169.el6_5.s390x.rpm samba-client-3.6.9-169.el6_5.s390x.rpm samba-common-3.6.9-169.el6_5.s390.rpm samba-common-3.6.9-169.el6_5.s390x.rpm samba-debuginfo-3.6.9-169.el6_5.s390.rpm samba-debuginfo-3.6.9-169.el6_5.s390x.rpm samba-winbind-3.6.9-169.el6_5.s390x.rpm samba-winbind-clients-3.6.9-169.el6_5.s390.rpm samba-winbind-clients-3.6.9-169.el6_5.s390x.rpm x86_64: libsmbclient-3.6.9-169.el6_5.i686.rpm libsmbclient-3.6.9-169.el6_5.x86_64.rpm samba-3.6.9-169.el6_5.x86_64.rpm samba-client-3.6.9-169.el6_5.x86_64.rpm samba-common-3.6.9-169.el6_5.i686.rpm samba-common-3.6.9-169.el6_5.x86_64.rpm samba-debuginfo-3.6.9-169.el6_5.i686.rpm samba-debuginfo-3.6.9-169.el6_5.x86_64.rpm samba-winbind-3.6.9-169.el6_5.x86_64.rpm samba-winbind-clients-3.6.9-169.el6_5.i686.rpm samba-winbind-clients-3.6.9-169.el6_5.x86_64.rpm Red Hat Enterprise Linux Server Optional (v.6): Source: samba-3.6.9-169.el6_5.src.rpm i386: libsmbclient-devel-3.6.9-169.el6_5.i686.rpm samba-debuginfo-3.6.9-169.el6_5.i686.rpm samba-doc-3.6.9-169.el6_5.i686.rpm samba-domainjoin-gui-3.6.9-169.el6_5.i686.rpm samba-swat-3.6.9-169.el6_5.i686.rpm samba-winbind-devel-3.6.9-169.el6_5.i686.rpm samba-winbind-krb5-locator-3.6.9-169.el6_5.i686.rpm ppc64: libsmbclient-devel-3.6.9-169.el6_5.ppc.rpm libsmbclient-devel-3.6.9-169.el6_5.ppc64.rpm samba-debuginfo-3.6.9-169.el6_5.ppc.rpm samba-debuginfo-3.6.9-169.el6_5.ppc64.rpm samba-doc-3.6.9-169.el6_5.ppc64.rpm samba-domainjoin-gui-3.6.9-169.el6_5.ppc64.rpm samba-swat-3.6.9-169.el6_5.ppc64.rpm samba-winbind-devel-3.6.9-169.el6_5.ppc.rpm samba-winbind-devel-3.6.9-169.el6_5.ppc64.rpm samba-winbind-krb5-locator-3.6.9-169.el6_5.ppc64.rpm s390x: libsmbclient-devel-3.6.9-169.el6_5.s390.rpm libsmbclient-devel-3.6.9-169.el6_5.s390x.rpm samba-debuginfo-3.6.9-169.el6_5.s390.rpm samba-debuginfo-3.6.9-169.el6_5.s390x.rpm samba-doc-3.6.9-169.el6_5.s390x.rpm samba-domainjoin-gui-3.6.9-169.el6_5.s390x.rpm samba-swat-3.6.9-169.el6_5.s390x.rpm samba-winbind-devel-3.6.9-169.el6_5.s390.rpm samba-winbind-devel-3.6.9-169.el6_5.s390x.rpm samba-winbind-krb5-locator-3.6.9-169.el6_5.s390x.rpm x86_64: libsmbclient-devel-3.6.9-169.el6_5.i686.rpm libsmbclient-devel-3.6.9-169.el6_5.x86_64.rpm samba-debuginfo-3.6.9-169.el6_5.i686.rpm samba-debuginfo-3.6.9-169.el6_5.x86_64.rpm samba-doc-3.6.9-169.el6_5.x86_64.rpm samba-domainjoin-gui-3.6.9-169.el6_5.x86_64.rpm samba-swat-3.6.9-169.el6_5.x86_64.rpm samba-winbind-devel-3.6.9-169.el6_5.i686.rpm samba-winbind-devel-3.6.9-169.el6_5.x86_64.rpm samba-winbind-krb5-locator-3.6.9-169.el6_5.x86_64.rpm Red Hat Enterprise Linux Workstation (v.6): Source: samba-3.6.9-169.el6_5.src.rpm i386: libsmbclient-3.6.9-169.el6_5.i686.rpm samba-3.6.9-169.el6_5.i686.rpm samba-client-3.6.9-169.el6_5.i686.rpm samba-common-3.6.9-169.el6_5.i686.rpm samba-debuginfo-3.6.9-169.el6_5.i686.rpm samba-winbind-3.6.9-169.el6_5.i686.rpm samba-winbind-clients-3.6.9-169.el6_5.i686.rpm x86_64: libsmbclient-3.6.9-169.el6_5.i686.rpm libsmbclient-3.6.9-169.el6_5.x86_64.rpm samba-3.6.9-169.el6_5.x86_64.rpm samba-client-3.6.9-169.el6_5.x86_64.rpm samba-common-3.6.9-169.el6_5.i686.rpm samba-common-3.6.9-169.el6_5.x86_64.rpm samba-debuginfo-3.6.9-169.el6_5.i686.rpm samba-debuginfo-3.6.9-169.el6_5.x86_64.rpm samba-winbind-3.6.9-169.el6_5.x86_64.rpm samba-winbind-clients-3.6.9-169.el6_5.i686.rpm samba-winbind-clients-3.6.9-169.el6_5.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: samba-3.6.9-169.el6_5.src.rpm i386: libsmbclient-devel-3.6.9-169.el6_5.i686.rpm samba-debuginfo-3.6.9-169.el6_5.i686.rpm samba-doc-3.6.9-169.el6_5.i686.rpm samba-domainjoin-gui-3.6.9-169.el6_5.i686.rpm samba-swat-3.6.9-169.el6_5.i686.rpm samba-winbind-devel-3.6.9-169.el6_5.i686.rpm samba-winbind-krb5-locator-3.6.9-169.el6_5.i686.rpm x86_64: libsmbclient-devel-3.6.9-169.el6_5.i686.rpm libsmbclient-devel-3.6.9-169.el6_5.x86_64.rpm samba-debuginfo-3.6.9-169.el6_5.i686.rpm samba-debuginfo-3.6.9-169.el6_5.x86_64.rpm samba-doc-3.6.9-169.el6_5.x86_64.rpm samba-domainjoin-gui-3.6.9-169.el6_5.x86_64.rpm samba-swat-3.6.9-169.el6_5.x86_64.rpm samba-winbind-devel-3.6.9-169.el6_5.i686.rpm samba-winbind-devel-3.6.9-169.el6_5.x86_64.rpm samba-winbind-krb5-locator-3.6.9-169.el6_5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://access.redhat.com/security/cve/CVE-2014-0244 https://access.redhat.com/security/cve/CVE-2014-3493 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat securitycontact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTvXxVXlSAg2UNWIIRAr72AJ428d++B/CYCIUR0atiT3bzicKXZACfSlyv 024P8vfdSd9xS/VQyEm2ehg=pLAN -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list
Jul 09, 2014
Red Hat
200
security advisorydenial of servicesecurity updateScientific Linux SL5.x: SLSA-2014:0866-1 Moderate Samba Update
Moderate: samba and samba3x security update. Date: Wed, 9 Jul 2014 18:43:07 +0000 Reply-To: scientific-linux-users@ Sender: Security Errata for Scientific Linux From: Pat Riehecky Subject: Security ERRATA Moderate: samba and samba3x on SL5.x, SL6.x i386/srpm/x86_64 MIME-Version: 1.0 Synopsis: Moderate: samba and samba3x security update Advisory ID: SLSA-2014:0866-1 Issue Date: 2014-07-09 CVE Numbers: CVE-2014-0244 CVE-2014-3493 -- A denial of service flaw was found in the way the sys_recvfile() function of nmbd, the NetBIOS message block daemon, processed non-blocking sockets. An attacker could send a specially crafted packet that, when processed, would cause nmbd to enter an infinite loop and consume an excessive amount of CPU time. (CVE-2014-0244) It was discovered that smbd, the Samba file server daemon, did not properly handle certain files that were stored on the disk and used a valid Unicode character in the file name. An attacker able to send an authenticated non-Unicode request that attempted to read such a file could cause smbd to crash. (CVE-2014-3493) After installing this update, the smb service will be restarted automatically. -- SL5 x86_64 samba3x-3.6.6-0.140.el5_10.x86_64.rpm samba3x-domainjoin-gui-3.6.6-0.140.el5_10.x86_64.rpm samba3x-winbind-3.6.6-0.140.el5_10.i386.rpm samba3x-doc-3.6.6-0.140.el5_10.x86_64.rpm samba3x-client-3.6.6-0.140.el5_10.x86_64.rpm samba3x-winbind-devel-3.6.6-0.140.el5_10.i386.rpm samba3x-common-3.6.6-0.140.el5_10.x86_64.rpm samba3x-winbind-devel-3.6.6-0.140.el5_10.x86_64.rpm samba3x-winbind-3.6.6-0.140.el5_10.x86_64.rpm samba3x-swat-3.6.6-0.140.el5_10.x86_64.rpm samba3x-debuginfo-3.6.6-0.140.el5_10.i386.rpm samba3x-debuginfo-3.6.6-0.140.el5_10.x86_64.rpm i386 samba3x-winbind-3.6.6-0.140.el5_10.i386.rpm samba3x-domainjoin-gui-3.6.6-0.140.el5_10.i386.rpm samba3x-doc-3.6.6-0.140.el5_10.i386.rpm samba3x-winbind-devel-3.6.6-0.140.el5_10.i386.rpm samba3x-3.6.6-0.140.el5_10.i386.rpm samba3x-client-3.6.6-0.140.el5_10.i386.rpm samba3x-swat-3.6.6-0.140.el5_10.i386.rpm samba3x-common-3.6.6-0.140.el5_10.i386.rpm samba3x-debuginfo-3.6.6-0.140.el5_10.i386.rpm srpm samba3x-3.6.6-0.140.el5_10.src.rpm noarch samba3x-debuginfo-3.6.6-0.140.el5_10.x86_64.rpm samba3x-debuginfo-3.6.6-0.140.el5_10.i386.rpm SL6 x86_64 samba-common-3.6.9-169.el6_5.i686.rpm samba-winbind-clients-3.6.9-169.el6_5.x86_64.rpm libsmbclient-devel-3.6.9-169.el6_5.x86_64.rpm samba-doc-3.6.9-169.el6_5.x86_64.rpm samba-3.6.9-169.el6_5.x86_64.rpm libsmbclient-devel-3.6.9-169.el6_5.i686.rpm samba-winbind-3.6.9-169.el6_5.x86_64.rpm libsmbclient-3.6.9-169.el6_5.x86_64.rpm libsmbclient-3.6.9-169.el6_5.i686.rpm samba-domainjoin-gui-3.6.9-169.el6_5.x86_64.rpm samba-swat-3.6.9-169.el6_5.x86_64.rpm samba-client-3.6.9-169.el6_5.x86_64.rpm samba-winbind-krb5-locator-3.6.9-169.el6_5.x86_64.rpm samba-winbind-devel-3.6.9-169.el6_5.x86_64.rpm samba-winbind-clients-3.6.9-169.el6_5.i686.rpm samba-winbind-devel-3.6.9-169.el6_5.i686.rpm samba-common-3.6.9-169.el6_5.x86_64.rpm samba-debuginfo-3.6.9-169.el6_5.i686.rpm samba-debuginfo-3.6.9-169.el6_5.x86_64.rpm srpm samba-3.6.9-169.el6_5.src.rpm i386 samba-common-3.6.9-169.el6_5.i686.rpm samba-3.6.9-169.el6_5.i686.rpm libsmbclient-devel-3.6.9-169.el6_5.i686.rpm samba-doc-3.6.9-169.el6_5.i686.rpm samba-swat-3.6.9-169.el6_5.i686.rpm libsmbclient-3.6.9-169.el6_5.i686.rpm samba-winbind-3.6.9-169.el6_5.i686.rpm samba-winbind-krb5-locator-3.6.9-169.el6_5.i686.rpm samba-winbind-clients-3.6.9-169.el6_5.i686.rpm samba-winbind-devel-3.6.9-169.el6_5.i686.rpm samba-client-3.6.9-169.el6_5.i686.rpm samba-domainjoin-gui-3.6.9-169.el6_5.i686.rpm samba-debuginfo-3.6.9-169.el6_5.i686.rpm noarch samba-debuginfo-3.6.9-169.el6_5.x86_64.rpm samba-debuginfo-3.6.9-169.el6_5.i686.rpm - Scientific Linux Development Team . Stay informed about the recent samba and samba3x security patch that tackles denial of service vulnerabilities and crash problems in Scientific Linux.. samba security advisory, Scientific Linux update,samba3x patch. . Severity: Important. LinuxSecurity.com Team
Jul 09, 2014
•Important
Scientific Linux
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!