SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (File Transfer/Sharing)  >   Samba Vendors:   Samba.org
(CentOS Issues Fix) Samba Multiple Flaws Let Remote Users Access Data and Files, Obtain Potentially Sensitive Information, and Deny Service
SecurityTracker Alert ID:  1034953
SecurityTracker URL:  http://securitytracker.com/id/1034953
CVE Reference:   CVE-2015-3223, CVE-2015-5252, CVE-2015-5296, CVE-2015-5299, CVE-2015-5330   (Links to External Site)
Date:  Feb 8 2016
Impact:   Denial of service via network, Disclosure of system information, Disclosure of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to versions 4.1.22, 4.2.7, 4.3.3
Description:   Multiple vulnerabilities were reported in Samba. A remote user can access data on the target system. A remote user can consume excessive CPU resources on the target system. A remote user can cause the target system to crash. A remote user can obtain files on the target system. A remote user can obtain potentially sensitive information on the target system.

A remote user can send a specially crafted request to the target Samba LDAP server to consume excessive CPU resources on the target system and cause the LDAP server to become unresponsive [CVE-2015-3223]. Versions 4.0.0 through 4.3.2 are affected.

Thilo Uttendorfer of Linux Information Systems AG reported this vulnerability.

The smbd server does not properly verify symbolic links (symlinks). In certain situations, a remote user can access files located outside of the exported share path [CVE-2015-5252]. Versions 3.0.0 through 4.3.2 are affected.

Jan 'Yenya' Kasprzak and the Computer Systems Unit team at Faculty of Informatics, Masaryk University reported this vulnerability.

The system does not properly negotiate signing when establishing an encrypted connection. A remote user that can conduct a man-in-the-middle attack can downgrade the connection and then connect via an unsigned, unencrypted connection [CVE-2015-5296]. Versions 3.2.0 through 4.3.2 are affected.

Stefan Metzmacher of SerNet (www.sernet.com) and the Samba Team reported this vulnerability.

The vfs_shadow_copy2 module does not properly enforce access controls. A remote user without the DIRECTORY_LIST access rights can view the current snapshots [CVE-2015-5299]. Versions 3.2.0 through 4.3.2 are affected.

A remote user can send specially crafted packets to cause the LDAP server in the target samba daemon process to return portions of heap memory [CVE-2015-5330]. Versions 4.0.0 through 4.3.2 are affected.

Douglas Bagnall of Catalyst (www.catalyst.net.nz) reported this vulnerability.

A remote authenticated non-administrative user can bypass the quota limit and create excessive accounts on the target system [CVE-2015-8467]. Versions 4.0.0 through 4.3.2 are affected.

A domain environment with Samba and Windows Active Directory Domain Controllers is affected.

Impact:   A remote user can obtain snapshot data on the target system.

A remote user can consume excessive CPU resources on the target system and cause the target LDAP service to become unresponsive.

A remote user can cause the target system to crash.

A remote user can obtain files on the target system that are located outside of the share path.

A remote user can obtain potentially sensitive information on the target system.

Solution:   CentOS has issued a fix for CVE-2015-3223, CVE-2015-5252, CVE-2015-5296, CVE-2015-5299, and CVE-2015-5330.

x86_64:
31f1dd0fe437e35f2f1ccb56a6baf9da6cb2227582f405506097437826c5651a ctdb-4.2.3-11.el7_2.x86_64.rpm
613a0b00ba99fbb49359f8c9019ae19558c24c626933b1d0ca81befa690ff43a ctdb-devel-4.2.3-11.el7_2.i686.rpm
43e4fdc1a46baa1cb8e3273bf038cfeea3c9e6a388608270e36260d6d5c47d61 ctdb-devel-4.2.3-11.el7_2.x86_64.rpm
229413855785b560572e4f2f0d10752957c0ab84111d0ac7337fd85da368ce96 ctdb-tests-4.2.3-11.el7_2.x86_64.rpm
a97df6431916d011c07fc84553a4626d5bfd49553f85fb653a8b9fd76daedc13 libsmbclient-4.2.3-11.el7_2.i686.rpm
31c1c7b270d3ecfdb475a35eadc1480334914200d7ec0f3c3dad9101f6f43bb7 libsmbclient-4.2.3-11.el7_2.x86_64.rpm
78f4e5552232cecdb3987dc479e462bde21f86dba1cd980064ddeb32d733a9a1 libsmbclient-devel-4.2.3-11.el7_2.i686.rpm
a402d6438e652317c8dd10639b7b37d47b16daad5f6fbc650a612cb3ee67ed6c libsmbclient-devel-4.2.3-11.el7_2.x86_64.rpm
560b4a261121d8d0fe0f4dfc14e5dd95effddd7cb8935ed9aded2cef08990230 libwbclient-4.2.3-11.el7_2.i686.rpm
dc5f34bcb30ef361baa69fec728a64ce14843099aabb7559829e0ae16d982ee0 libwbclient-4.2.3-11.el7_2.x86_64.rpm
5d9816fa522d3e98e93f189e32a984fc9c81675b2144e1589112244556136445 libwbclient-devel-4.2.3-11.el7_2.i686.rpm
650316b6a5c46926093f4ce5e88c2642f2783cabe8da4299a08749692f0184ce libwbclient-devel-4.2.3-11.el7_2.x86_64.rpm
ffaadc5bc21682a4e8192516e407e7ee7662afe20c90730166c0db51c15add9f samba-4.2.3-11.el7_2.x86_64.rpm
bbe8e9c185a570386068a04b341e09a4083d0c203c6d21e8922b8367d4a3f287 samba-client-4.2.3-11.el7_2.x86_64.rpm
a0dca1fb7a953f3b5771243cabf2dae6fed823be4b2a65da7e9cd7eec49518a9 samba-client-libs-4.2.3-11.el7_2.i686.rpm
fc0df3d77060f8492e60fc111ea10eddcbe72c0a6927b492220f8d51a6fc1030 samba-client-libs-4.2.3-11.el7_2.x86_64.rpm
d85fd0d9f12486b5b7b5de953d770b8d23606c0f283c9091b2cc14fb3fd641ed samba-common-4.2.3-11.el7_2.noarch.rpm
27597fdc27b0293578507e1f6a9eebff94e9550a843dde1e0e8acb1edd8e9584 samba-common-libs-4.2.3-11.el7_2.x86_64.rpm
16438f741d490077a039e1fcb9a22229c864c8d3e72f91d0f41fff04833e684f samba-common-tools-4.2.3-11.el7_2.x86_64.rpm
8635622cb60e64c9a8962eafc21254b78e4b1363e9e6beee6ff4b9b9aee7b29a samba-dc-4.2.3-11.el7_2.x86_64.rpm
f705cf779f2312e92c7e39d26ff73bc13d46eded78f6b2fa9c080579b4abcd40 samba-dc-libs-4.2.3-11.el7_2.x86_64.rpm
0d065bef6502350f563612e7fecf53f52a65cb4a83dc081116398554711d0441 samba-devel-4.2.3-11.el7_2.i686.rpm
230ab035da775bd0c866c4aacc340b83696b85193471994c0d3810e08d293045 samba-devel-4.2.3-11.el7_2.x86_64.rpm
e7ef17a0b2182dfdeab643992c9f98e5e2bb0f4f5a866fc1d5e816e3641a27eb samba-libs-4.2.3-11.el7_2.i686.rpm
f8eb8dc9526bd1f6efabcc621cbc7d7c4462e116aae5b788c1d6999c91823305 samba-libs-4.2.3-11.el7_2.x86_64.rpm
95b603628751b5f28a57957aa91e38bf706585db020193786a30d9056af84daa samba-pidl-4.2.3-11.el7_2.noarch.rpm
6c654c1484b4e7441b1fbe2dd1de7be6a58a844d352b5f237bf064e79d83c087 samba-python-4.2.3-11.el7_2.x86_64.rpm
c5db9eef396b994023b153285e43075fd8a2a5a95a99f87c4ac6919bf4b43de0 samba-test-4.2.3-11.el7_2.x86_64.rpm
d3d782884fc4c39bdd75a6624540edf9cc78c0ad67711c50d4d104647e60a260 samba-test-devel-4.2.3-11.el7_2.x86_64.rpm
934fa556b2d4bd5a5213f53d5684c414f91d28d5d026ff9f80a9145e17a3c902 samba-test-libs-4.2.3-11.el7_2.i686.rpm
3c62ed3fd12748da7b71c975e522f0ad88e2224da90aa1c36c2459925b9a71ce samba-test-libs-4.2.3-11.el7_2.x86_64.rpm
e8f1d053dc60043ae3c8303b629a9b7418d5c0d66a9b18177c2337f0ff3aa789 samba-vfs-glusterfs-4.2.3-11.el7_2.x86_64.rpm
50a32e849a59c8d37b6a14c03c871b84bca6ec3e60530c99d0dd25b5e47ba7cf samba-winbind-4.2.3-11.el7_2.x86_64.rpm
e0e6f969c14a76325343b5553fc789e42607b215a60ee37e98c536b93333d267 samba-winbind-clients-4.2.3-11.el7_2.x86_64.rpm
ccfc5400d72e49fe149194f55107802c5714adf8c6b3be8df62d5f196313afcb samba-winbind-krb5-locator-4.2.3-11.el7_2.x86_64.rpm
8e8246004804ad91e409cdee754081ea53ebd9c836d72015e151602f79797e5a samba-winbind-modules-4.2.3-11.el7_2.i686.rpm
e00fe8c9f71d375fa0b59303e9e0037ebef9f4f79ed12afd502dc05091cea172 samba-winbind-modules-4.2.3-11.el7_2.x86_64.rpm

Source:
cca08a13c7d243458519459259cef4150cb41a980dbab672bf03e30105bb23d2 samba-4.2.3-11.el7_2.src.rpm

Cause:   Access control error, Resource error
Underlying OS:  Linux (CentOS)
Underlying OS Comments:  7

Message History:   This archive entry is a follow-up to the message listed below.
Dec 18 2015 Samba Multiple Flaws Let Remote Users Access Data and Files, Obtain Potentially Sensitive Information, and Deny Service



 Source Message Contents

Subject:  [CentOS-announce] CESA-2016:0006 Moderate CentOS 7 samba Security Update


CentOS Errata and Security Advisory 2016:0006 Moderate

Upstream details at : https://rhn.redhat.com/errata/RHSA-2016-0006.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

x86_64:
31f1dd0fe437e35f2f1ccb56a6baf9da6cb2227582f405506097437826c5651a  ctdb-4.2.3-11.el7_2.x86_64.rpm
613a0b00ba99fbb49359f8c9019ae19558c24c626933b1d0ca81befa690ff43a  ctdb-devel-4.2.3-11.el7_2.i686.rpm
43e4fdc1a46baa1cb8e3273bf038cfeea3c9e6a388608270e36260d6d5c47d61  ctdb-devel-4.2.3-11.el7_2.x86_64.rpm
229413855785b560572e4f2f0d10752957c0ab84111d0ac7337fd85da368ce96  ctdb-tests-4.2.3-11.el7_2.x86_64.rpm
a97df6431916d011c07fc84553a4626d5bfd49553f85fb653a8b9fd76daedc13  libsmbclient-4.2.3-11.el7_2.i686.rpm
31c1c7b270d3ecfdb475a35eadc1480334914200d7ec0f3c3dad9101f6f43bb7  libsmbclient-4.2.3-11.el7_2.x86_64.rpm
78f4e5552232cecdb3987dc479e462bde21f86dba1cd980064ddeb32d733a9a1  libsmbclient-devel-4.2.3-11.el7_2.i686.rpm
a402d6438e652317c8dd10639b7b37d47b16daad5f6fbc650a612cb3ee67ed6c  libsmbclient-devel-4.2.3-11.el7_2.x86_64.rpm
560b4a261121d8d0fe0f4dfc14e5dd95effddd7cb8935ed9aded2cef08990230  libwbclient-4.2.3-11.el7_2.i686.rpm
dc5f34bcb30ef361baa69fec728a64ce14843099aabb7559829e0ae16d982ee0  libwbclient-4.2.3-11.el7_2.x86_64.rpm
5d9816fa522d3e98e93f189e32a984fc9c81675b2144e1589112244556136445  libwbclient-devel-4.2.3-11.el7_2.i686.rpm
650316b6a5c46926093f4ce5e88c2642f2783cabe8da4299a08749692f0184ce  libwbclient-devel-4.2.3-11.el7_2.x86_64.rpm
ffaadc5bc21682a4e8192516e407e7ee7662afe20c90730166c0db51c15add9f  samba-4.2.3-11.el7_2.x86_64.rpm
bbe8e9c185a570386068a04b341e09a4083d0c203c6d21e8922b8367d4a3f287  samba-client-4.2.3-11.el7_2.x86_64.rpm
a0dca1fb7a953f3b5771243cabf2dae6fed823be4b2a65da7e9cd7eec49518a9  samba-client-libs-4.2.3-11.el7_2.i686.rpm
fc0df3d77060f8492e60fc111ea10eddcbe72c0a6927b492220f8d51a6fc1030  samba-client-libs-4.2.3-11.el7_2.x86_64.rpm
d85fd0d9f12486b5b7b5de953d770b8d23606c0f283c9091b2cc14fb3fd641ed  samba-common-4.2.3-11.el7_2.noarch.rpm
27597fdc27b0293578507e1f6a9eebff94e9550a843dde1e0e8acb1edd8e9584  samba-common-libs-4.2.3-11.el7_2.x86_64.rpm
16438f741d490077a039e1fcb9a22229c864c8d3e72f91d0f41fff04833e684f  samba-common-tools-4.2.3-11.el7_2.x86_64.rpm
8635622cb60e64c9a8962eafc21254b78e4b1363e9e6beee6ff4b9b9aee7b29a  samba-dc-4.2.3-11.el7_2.x86_64.rpm
f705cf779f2312e92c7e39d26ff73bc13d46eded78f6b2fa9c080579b4abcd40  samba-dc-libs-4.2.3-11.el7_2.x86_64.rpm
0d065bef6502350f563612e7fecf53f52a65cb4a83dc081116398554711d0441  samba-devel-4.2.3-11.el7_2.i686.rpm
230ab035da775bd0c866c4aacc340b83696b85193471994c0d3810e08d293045  samba-devel-4.2.3-11.el7_2.x86_64.rpm
e7ef17a0b2182dfdeab643992c9f98e5e2bb0f4f5a866fc1d5e816e3641a27eb  samba-libs-4.2.3-11.el7_2.i686.rpm
f8eb8dc9526bd1f6efabcc621cbc7d7c4462e116aae5b788c1d6999c91823305  samba-libs-4.2.3-11.el7_2.x86_64.rpm
95b603628751b5f28a57957aa91e38bf706585db020193786a30d9056af84daa  samba-pidl-4.2.3-11.el7_2.noarch.rpm
6c654c1484b4e7441b1fbe2dd1de7be6a58a844d352b5f237bf064e79d83c087  samba-python-4.2.3-11.el7_2.x86_64.rpm
c5db9eef396b994023b153285e43075fd8a2a5a95a99f87c4ac6919bf4b43de0  samba-test-4.2.3-11.el7_2.x86_64.rpm
d3d782884fc4c39bdd75a6624540edf9cc78c0ad67711c50d4d104647e60a260  samba-test-devel-4.2.3-11.el7_2.x86_64.rpm
934fa556b2d4bd5a5213f53d5684c414f91d28d5d026ff9f80a9145e17a3c902  samba-test-libs-4.2.3-11.el7_2.i686.rpm
3c62ed3fd12748da7b71c975e522f0ad88e2224da90aa1c36c2459925b9a71ce  samba-test-libs-4.2.3-11.el7_2.x86_64.rpm
e8f1d053dc60043ae3c8303b629a9b7418d5c0d66a9b18177c2337f0ff3aa789  samba-vfs-glusterfs-4.2.3-11.el7_2.x86_64.rpm
50a32e849a59c8d37b6a14c03c871b84bca6ec3e60530c99d0dd25b5e47ba7cf  samba-winbind-4.2.3-11.el7_2.x86_64.rpm
e0e6f969c14a76325343b5553fc789e42607b215a60ee37e98c536b93333d267  samba-winbind-clients-4.2.3-11.el7_2.x86_64.rpm
ccfc5400d72e49fe149194f55107802c5714adf8c6b3be8df62d5f196313afcb  samba-winbind-krb5-locator-4.2.3-11.el7_2.x86_64.rpm
8e8246004804ad91e409cdee754081ea53ebd9c836d72015e151602f79797e5a  samba-winbind-modules-4.2.3-11.el7_2.i686.rpm
e00fe8c9f71d375fa0b59303e9e0037ebef9f4f79ed12afd502dc05091cea172  samba-winbind-modules-4.2.3-11.el7_2.x86_64.rpm

Source:
cca08a13c7d243458519459259cef4150cb41a980dbab672bf03e30105bb23d2  samba-4.2.3-11.el7_2.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC