SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (File Transfer/Sharing)  >   Samba Vendors:   Samba.org
(CentOS Issues Fix) Samba Multiple Flaws Let Remote Users Access Data and Files, Obtain Potentially Sensitive Information, and Deny Service
SecurityTracker Alert ID:  1034951
SecurityTracker URL:  http://securitytracker.com/id/1034951
CVE Reference:   CVE-2015-5252, CVE-2015-5296, CVE-2015-5299, CVE-2015-5330   (Links to External Site)
Date:  Feb 8 2016
Impact:   Denial of service via network, Disclosure of system information, Disclosure of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to versions 4.1.22, 4.2.7, 4.3.3
Description:   Multiple vulnerabilities were reported in Samba. A remote user can access data on the target system. A remote user can consume excessive CPU resources on the target system. A remote user can cause the target system to crash. A remote user can obtain files on the target system. A remote user can obtain potentially sensitive information on the target system.

A remote user can send a specially crafted request to the target Samba LDAP server to consume excessive CPU resources on the target system and cause the LDAP server to become unresponsive [CVE-2015-3223]. Versions 4.0.0 through 4.3.2 are affected.

Thilo Uttendorfer of Linux Information Systems AG reported this vulnerability.

The smbd server does not properly verify symbolic links (symlinks). In certain situations, a remote user can access files located outside of the exported share path [CVE-2015-5252]. Versions 3.0.0 through 4.3.2 are affected.

Jan 'Yenya' Kasprzak and the Computer Systems Unit team at Faculty of Informatics, Masaryk University reported this vulnerability.

The system does not properly negotiate signing when establishing an encrypted connection. A remote user that can conduct a man-in-the-middle attack can downgrade the connection and then connect via an unsigned, unencrypted connection [CVE-2015-5296]. Versions 3.2.0 through 4.3.2 are affected.

Stefan Metzmacher of SerNet (www.sernet.com) and the Samba Team reported this vulnerability.

The vfs_shadow_copy2 module does not properly enforce access controls. A remote user without the DIRECTORY_LIST access rights can view the current snapshots [CVE-2015-5299]. Versions 3.2.0 through 4.3.2 are affected.

A remote user can send specially crafted packets to cause the LDAP server in the target samba daemon process to return portions of heap memory [CVE-2015-5330]. Versions 4.0.0 through 4.3.2 are affected.

Douglas Bagnall of Catalyst (www.catalyst.net.nz) reported this vulnerability.

A remote authenticated non-administrative user can bypass the quota limit and create excessive accounts on the target system [CVE-2015-8467]. Versions 4.0.0 through 4.3.2 are affected.

A domain environment with Samba and Windows Active Directory Domain Controllers is affected.

Impact:   A remote user can obtain snapshot data on the target system.

A remote user can consume excessive CPU resources on the target system and cause the target LDAP service to become unresponsive.

A remote user can cause the target system to crash.

A remote user can obtain files on the target system that are located outside of the share path.

A remote user can obtain potentially sensitive information on the target system.

Solution:   CentOS has issued a fix for CVE-2015-5252, CVE-2015-5296, CVE-2015-5299, and CVE-2015-5330.

i386:
7ca98d2bee3389272bb867282645355b35c7a74d9292c7227c1e393da595b287 samba4-4.0.0-67.el6_7.rc4.i686.rpm
e8d3f7be97f616ee6dc5d941468a9d913791eb2b6520dbfa5f47a3b829308615 samba4-client-4.0.0-67.el6_7.rc4.i686.rpm
d5b3ad7f740cb92af258755e352ccd96c96c2da60588a40cf29c500ca274c12e samba4-common-4.0.0-67.el6_7.rc4.i686.rpm
253272266b4176310000df5253b6598c9f69f30491e777d2c9fffa2949eb1636 samba4-dc-4.0.0-67.el6_7.rc4.i686.rpm
2fc4584c496d20c5851b007d089e3a8cf3aa361a80e0ef60672c7eb7668ca710 samba4-dc-libs-4.0.0-67.el6_7.rc4.i686.rpm
4a149d259218aac225b66e5e5c16bbbaf7b333008190da4d7e22e1eb17f7d591 samba4-devel-4.0.0-67.el6_7.rc4.i686.rpm
162a622add15314dbbc438fc8836b6ba887999657b534d66fafb4b34140d9757 samba4-libs-4.0.0-67.el6_7.rc4.i686.rpm
6cc30c5b11a35ce6cfdb03d933424502810fa65f9c2e589fdbe3f5ab4c673171 samba4-pidl-4.0.0-67.el6_7.rc4.i686.rpm
b7578c63be93702e47310bbac10ab47a08c0a643b05239c7832d5fe4445f40b8 samba4-python-4.0.0-67.el6_7.rc4.i686.rpm
b5a970dc5b27c9a28e9bccc11b520cc990b77ecf7fad9fd29cda7b0b49a1a68e samba4-swat-4.0.0-67.el6_7.rc4.i686.rpm
932810bbce222194b4fa580ede6c82603b78648046685553461ddc30376711a0 samba4-test-4.0.0-67.el6_7.rc4.i686.rpm
b1c52dda9353b3fb118c039155ad8ef89c63cb4f59d07ac22233eb1c1ac0f43b samba4-winbind-4.0.0-67.el6_7.rc4.i686.rpm
810e4cb38b22bc0c32de78aba27653697ea4f76cba0832492f3d94536e3064d7 samba4-winbind-clients-4.0.0-67.el6_7.rc4.i686.rpm
4763ed99c694979c4c0e80ca1ee701224701dcf616892420ce0a4528c987b9f5 samba4-winbind-krb5-locator-4.0.0-67.el6_7.rc4.i686.rpm

x86_64:
ba9beee47b117edd5115408e070b8d855ae5f4cd7d7dc3ae9226366a56cf5099 samba4-4.0.0-67.el6_7.rc4.x86_64.rpm
c2c620d84be52f5d89390789b4c45bf0dc0fe36ceaaf1aa92facb6e1abd010c0 samba4-client-4.0.0-67.el6_7.rc4.x86_64.rpm
4b8283592da93b7e45c87cdb505712d70eebe7598c392c71bc2ccc4118b43ad4 samba4-common-4.0.0-67.el6_7.rc4.x86_64.rpm
d376fe057493e9c4fe02f7f69187325b492d20ed84973529d40508648570382b samba4-dc-4.0.0-67.el6_7.rc4.x86_64.rpm
08c643f296aedb1149009c0f149fe4c06cc3a64dfacdf80782443e5b63eecc8a samba4-dc-libs-4.0.0-67.el6_7.rc4.x86_64.rpm
28af2a12763aad03dcf21cb6c269a2fd7d7071b74e1e8285a59bee7b593359e0 samba4-devel-4.0.0-67.el6_7.rc4.x86_64.rpm
2e1fffc743c00a349924a5916651573a7c65c3f70912f968fb330ba8b3f980be samba4-libs-4.0.0-67.el6_7.rc4.x86_64.rpm
73d10a0b6936be630151c30b46ad6973b5f1d543fa53d140191028bac200ae2b samba4-pidl-4.0.0-67.el6_7.rc4.x86_64.rpm
bcba17456a27decbf509c9eb659deb84dfed342b1d57c05232d31e5833004bd7 samba4-python-4.0.0-67.el6_7.rc4.x86_64.rpm
0d8e54d7f45be5b20f4a3a3839f205fe31cccb0f54af30730ff64f1c6966e0b3 samba4-swat-4.0.0-67.el6_7.rc4.x86_64.rpm
266bbf6f3587345691f94578ef092f0f83e44214a832cc07f370e40d6e355aa7 samba4-test-4.0.0-67.el6_7.rc4.x86_64.rpm
b40c91bd1a5e258573728b493c5db0c7bda6e7fed88cc7772e0991ee25c43b32 samba4-winbind-4.0.0-67.el6_7.rc4.x86_64.rpm
5e8d98282bc9c4cbc16fb7168579ecd6462f73f67b533af4a26d2f45c5874f0b samba4-winbind-clients-4.0.0-67.el6_7.rc4.x86_64.rpm
286b8202a1fe27892407841dfe4956e7493098e2cb109757a86e220421084301 samba4-winbind-krb5-locator-4.0.0-67.el6_7.rc4.x86_64.rpm

Source:
2e7526d0bf41a7dad682c386adc1c4f9dcbf6b28a233d33c6c4656a7e3921793 samba4-4.0.0-67.el6_7.rc4.src.rpm

Cause:   Access control error, Resource error
Underlying OS:  Linux (CentOS)
Underlying OS Comments:  6

Message History:   This archive entry is a follow-up to the message listed below.
Dec 18 2015 Samba Multiple Flaws Let Remote Users Access Data and Files, Obtain Potentially Sensitive Information, and Deny Service



 Source Message Contents

Subject:  [CentOS-announce] CESA-2016:0010 Moderate CentOS 6 samba4 Security Update


CentOS Errata and Security Advisory 2016:0010 Moderate

Upstream details at : https://rhn.redhat.com/errata/RHSA-2016-0010.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
7ca98d2bee3389272bb867282645355b35c7a74d9292c7227c1e393da595b287  samba4-4.0.0-67.el6_7.rc4.i686.rpm
e8d3f7be97f616ee6dc5d941468a9d913791eb2b6520dbfa5f47a3b829308615  samba4-client-4.0.0-67.el6_7.rc4.i686.rpm
d5b3ad7f740cb92af258755e352ccd96c96c2da60588a40cf29c500ca274c12e  samba4-common-4.0.0-67.el6_7.rc4.i686.rpm
253272266b4176310000df5253b6598c9f69f30491e777d2c9fffa2949eb1636  samba4-dc-4.0.0-67.el6_7.rc4.i686.rpm
2fc4584c496d20c5851b007d089e3a8cf3aa361a80e0ef60672c7eb7668ca710  samba4-dc-libs-4.0.0-67.el6_7.rc4.i686.rpm
4a149d259218aac225b66e5e5c16bbbaf7b333008190da4d7e22e1eb17f7d591  samba4-devel-4.0.0-67.el6_7.rc4.i686.rpm
162a622add15314dbbc438fc8836b6ba887999657b534d66fafb4b34140d9757  samba4-libs-4.0.0-67.el6_7.rc4.i686.rpm
6cc30c5b11a35ce6cfdb03d933424502810fa65f9c2e589fdbe3f5ab4c673171  samba4-pidl-4.0.0-67.el6_7.rc4.i686.rpm
b7578c63be93702e47310bbac10ab47a08c0a643b05239c7832d5fe4445f40b8  samba4-python-4.0.0-67.el6_7.rc4.i686.rpm
b5a970dc5b27c9a28e9bccc11b520cc990b77ecf7fad9fd29cda7b0b49a1a68e  samba4-swat-4.0.0-67.el6_7.rc4.i686.rpm
932810bbce222194b4fa580ede6c82603b78648046685553461ddc30376711a0  samba4-test-4.0.0-67.el6_7.rc4.i686.rpm
b1c52dda9353b3fb118c039155ad8ef89c63cb4f59d07ac22233eb1c1ac0f43b  samba4-winbind-4.0.0-67.el6_7.rc4.i686.rpm
810e4cb38b22bc0c32de78aba27653697ea4f76cba0832492f3d94536e3064d7  samba4-winbind-clients-4.0.0-67.el6_7.rc4.i686.rpm
4763ed99c694979c4c0e80ca1ee701224701dcf616892420ce0a4528c987b9f5  samba4-winbind-krb5-locator-4.0.0-67.el6_7.rc4.i686.rpm

x86_64:
ba9beee47b117edd5115408e070b8d855ae5f4cd7d7dc3ae9226366a56cf5099  samba4-4.0.0-67.el6_7.rc4.x86_64.rpm
c2c620d84be52f5d89390789b4c45bf0dc0fe36ceaaf1aa92facb6e1abd010c0  samba4-client-4.0.0-67.el6_7.rc4.x86_64.rpm
4b8283592da93b7e45c87cdb505712d70eebe7598c392c71bc2ccc4118b43ad4  samba4-common-4.0.0-67.el6_7.rc4.x86_64.rpm
d376fe057493e9c4fe02f7f69187325b492d20ed84973529d40508648570382b  samba4-dc-4.0.0-67.el6_7.rc4.x86_64.rpm
08c643f296aedb1149009c0f149fe4c06cc3a64dfacdf80782443e5b63eecc8a  samba4-dc-libs-4.0.0-67.el6_7.rc4.x86_64.rpm
28af2a12763aad03dcf21cb6c269a2fd7d7071b74e1e8285a59bee7b593359e0  samba4-devel-4.0.0-67.el6_7.rc4.x86_64.rpm
2e1fffc743c00a349924a5916651573a7c65c3f70912f968fb330ba8b3f980be  samba4-libs-4.0.0-67.el6_7.rc4.x86_64.rpm
73d10a0b6936be630151c30b46ad6973b5f1d543fa53d140191028bac200ae2b  samba4-pidl-4.0.0-67.el6_7.rc4.x86_64.rpm
bcba17456a27decbf509c9eb659deb84dfed342b1d57c05232d31e5833004bd7  samba4-python-4.0.0-67.el6_7.rc4.x86_64.rpm
0d8e54d7f45be5b20f4a3a3839f205fe31cccb0f54af30730ff64f1c6966e0b3  samba4-swat-4.0.0-67.el6_7.rc4.x86_64.rpm
266bbf6f3587345691f94578ef092f0f83e44214a832cc07f370e40d6e355aa7  samba4-test-4.0.0-67.el6_7.rc4.x86_64.rpm
b40c91bd1a5e258573728b493c5db0c7bda6e7fed88cc7772e0991ee25c43b32  samba4-winbind-4.0.0-67.el6_7.rc4.x86_64.rpm
5e8d98282bc9c4cbc16fb7168579ecd6462f73f67b533af4a26d2f45c5874f0b  samba4-winbind-clients-4.0.0-67.el6_7.rc4.x86_64.rpm
286b8202a1fe27892407841dfe4956e7493098e2cb109757a86e220421084301  samba4-winbind-krb5-locator-4.0.0-67.el6_7.rc4.x86_64.rpm

Source:
2e7526d0bf41a7dad682c386adc1c4f9dcbf6b28a233d33c6c4656a7e3921793  samba4-4.0.0-67.el6_7.rc4.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC