SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (File Transfer/Sharing)  >   Samba Vendors:   Samba.org
(CentOS Issues Fix) Samba Lets Remote Users Downgrade SMB Signing Security Protections on the Target System
SecurityTracker Alert ID:  1036453
SecurityTracker URL:  http://securitytracker.com/id/1036453
CVE Reference:   CVE-2016-2119   (Links to External Site)
Date:  Jul 27 2016
Impact:   Disclosure of system information, Disclosure of user information, Modification of system information, Modification of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 4.0.0 to 4.4.4
Description:   A vulnerability was reported in Samba. A remote user can downgrade client signing security controls on the target system.

A remote user that can conduct a man-in-the-middle attack can inject the SMB2_SESSION_FLAG_IS_GUEST or SMB2_SESSION_FLAG_IS_NULL flags to downgrade the client's configuration-required signing protections for SMB2 or SMB3 client connections and impersonate the target server.

Clients that are configured to use SMB signing are affected.

Management tools (e.g., net, samba-tool, rpcclient) that use DCERPC over SMB2/3 connections are also affected.

Stefan Metzmacher of SerNet (https://samba.plus) and the Samba Team (https://www.samba.org) reported this vulnerability.

Impact:   A remote user that can conduct a man-in-the-middle attack can downgrade client signing security controls on the target system.
Solution:   CentOS has issued a fix.

i386:
15ca4750033d29a32719504ad067bb3805160d450ddf7b02700e65c947cabbb5 samba4-4.2.10-7.el6_8.i686.rpm
9a2b1aaa5d71e4c97b5c0a39eab87f3b4da78fe092a1a628a3968095853dfc2b samba4-client-4.2.10-7.el6_8.i686.rpm
123b5d516da53b7f51f1ae20ee5405d8945ae5fe517bce96fc15d8e16dd10d04 samba4-common-4.2.10-7.el6_8.i686.rpm
c614eabb0e29080218b4b2e9b44327fdd49d8db55c56902d6c2674721468fca3 samba4-dc-4.2.10-7.el6_8.i686.rpm
ad13e18c084b6e732cd3d1f31217f9a22529e7d18885272c5c50ba359d918a58 samba4-dc-libs-4.2.10-7.el6_8.i686.rpm
684ef297850f61cc20784f73cb6de83cc30d9e5b7ccf43e404ef774ffc25d2a9 samba4-devel-4.2.10-7.el6_8.i686.rpm
43bb61576a448b2f60db213590286ea77028fad675c334f7b3493e1fa1dd6eec samba4-libs-4.2.10-7.el6_8.i686.rpm
ed4eef4ce872eb656966c4b9f9b699831e49373fc92256fea881a6b053abca75 samba4-pidl-4.2.10-7.el6_8.i686.rpm
a5d8a4f6791cc610a943d0beac34e9af3e66200a53d4b4d54c93ff8ffd5b8af3 samba4-python-4.2.10-7.el6_8.i686.rpm
8315a57e03b24438c0ee707fe11886679822d1b892e430a1670f430ffc018248 samba4-test-4.2.10-7.el6_8.i686.rpm
c0a862d6481de5fa9168ea63a3b3339e6173bd04dc32edef60d20f3f9e4aab54 samba4-winbind-4.2.10-7.el6_8.i686.rpm
23dada0999a40a86bb66737af5475cf520f636c750031e3101a8e96bb6b3a6f7 samba4-winbind-clients-4.2.10-7.el6_8.i686.rpm
a59f9ab48aca42c498978f60efc81142f79aac9b1f65ff03a257e178f4a58ba9 samba4-winbind-krb5-locator-4.2.10-7.el6_8.i686.rpm

x86_64:
b6dc22d385573d976b7497562654427dbf7c68e9a353d00f85281f10cf94f284 samba4-4.2.10-7.el6_8.x86_64.rpm
873205cd2c05747991f348491aed2520c1fbb10290ec7dfd83efa40c57abbff4 samba4-client-4.2.10-7.el6_8.x86_64.rpm
d3ecbf5c375999735d6a72681b1e02dd866b2d097c8f958ef05c2f265df85e74 samba4-common-4.2.10-7.el6_8.x86_64.rpm
1ee374da3e6d9997e3213f77632c67760002d2349fe967a98021014d84f7bd65 samba4-dc-4.2.10-7.el6_8.x86_64.rpm
47d7e7079c2540d4029022ca6a7f90886172e005c079ef8dcc3636106ea9d695 samba4-dc-libs-4.2.10-7.el6_8.x86_64.rpm
dae07ad1fbfbf17f6586d2b21f573227a0c295fc60bce4ed7064c5c76d31b05f samba4-devel-4.2.10-7.el6_8.x86_64.rpm
99191c51f9f48b05a5689e2ef32506a10206c15cccf6f76bc5cdf969b314e839 samba4-libs-4.2.10-7.el6_8.x86_64.rpm
7471a4a94c3527e359ffcb781aead43c42453dfc5ce59670ba8dffd1c1b052ad samba4-pidl-4.2.10-7.el6_8.x86_64.rpm
6022b996f92b9f89ca75ebf66a132e5f08e304b340169f51c43dc0b4d9280d52 samba4-python-4.2.10-7.el6_8.x86_64.rpm
1da80174aa99318d2dcea3040ff32e4f259b5c10ce866fde1b09e0ad3018e11d samba4-test-4.2.10-7.el6_8.x86_64.rpm
983f26cc1cfdc61ab632caf169dcf813f037fb728770af91bae6f6aca334dbda samba4-winbind-4.2.10-7.el6_8.x86_64.rpm
f7e48ee612915fb163557534eae43a77d5a3cc8ab889f98fb0f1b978ab1f3aaf samba4-winbind-clients-4.2.10-7.el6_8.x86_64.rpm
6d7cc5c92847f1299e6235c1657c4832c91b921e1ae65ea4d797f223d0b38719 samba4-winbind-krb5-locator-4.2.10-7.el6_8.x86_64.rpm

Source:
92590118ebb6c8d0ca75215616607dd793aedb2eb52b0c3caf1e9ee5cca2f489 samba4-4.2.10-7.el6_8.src.rpm

Cause:   State error
Underlying OS:  Linux (CentOS)
Underlying OS Comments:  6

Message History:   This archive entry is a follow-up to the message listed below.
Jul 7 2016 Samba Lets Remote Users Downgrade SMB Signing Security Protections on the Target System



 Source Message Contents

Subject:  [CentOS-announce] CESA-2016:1487 Moderate CentOS 6 samba4 Security Update


CentOS Errata and Security Advisory 2016:1487 Moderate

Upstream details at : https://rhn.redhat.com/errata/RHSA-2016-1487.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
15ca4750033d29a32719504ad067bb3805160d450ddf7b02700e65c947cabbb5  samba4-4.2.10-7.el6_8.i686.rpm
9a2b1aaa5d71e4c97b5c0a39eab87f3b4da78fe092a1a628a3968095853dfc2b  samba4-client-4.2.10-7.el6_8.i686.rpm
123b5d516da53b7f51f1ae20ee5405d8945ae5fe517bce96fc15d8e16dd10d04  samba4-common-4.2.10-7.el6_8.i686.rpm
c614eabb0e29080218b4b2e9b44327fdd49d8db55c56902d6c2674721468fca3  samba4-dc-4.2.10-7.el6_8.i686.rpm
ad13e18c084b6e732cd3d1f31217f9a22529e7d18885272c5c50ba359d918a58  samba4-dc-libs-4.2.10-7.el6_8.i686.rpm
684ef297850f61cc20784f73cb6de83cc30d9e5b7ccf43e404ef774ffc25d2a9  samba4-devel-4.2.10-7.el6_8.i686.rpm
43bb61576a448b2f60db213590286ea77028fad675c334f7b3493e1fa1dd6eec  samba4-libs-4.2.10-7.el6_8.i686.rpm
ed4eef4ce872eb656966c4b9f9b699831e49373fc92256fea881a6b053abca75  samba4-pidl-4.2.10-7.el6_8.i686.rpm
a5d8a4f6791cc610a943d0beac34e9af3e66200a53d4b4d54c93ff8ffd5b8af3  samba4-python-4.2.10-7.el6_8.i686.rpm
8315a57e03b24438c0ee707fe11886679822d1b892e430a1670f430ffc018248  samba4-test-4.2.10-7.el6_8.i686.rpm
c0a862d6481de5fa9168ea63a3b3339e6173bd04dc32edef60d20f3f9e4aab54  samba4-winbind-4.2.10-7.el6_8.i686.rpm
23dada0999a40a86bb66737af5475cf520f636c750031e3101a8e96bb6b3a6f7  samba4-winbind-clients-4.2.10-7.el6_8.i686.rpm
a59f9ab48aca42c498978f60efc81142f79aac9b1f65ff03a257e178f4a58ba9  samba4-winbind-krb5-locator-4.2.10-7.el6_8.i686.rpm

x86_64:
b6dc22d385573d976b7497562654427dbf7c68e9a353d00f85281f10cf94f284  samba4-4.2.10-7.el6_8.x86_64.rpm
873205cd2c05747991f348491aed2520c1fbb10290ec7dfd83efa40c57abbff4  samba4-client-4.2.10-7.el6_8.x86_64.rpm
d3ecbf5c375999735d6a72681b1e02dd866b2d097c8f958ef05c2f265df85e74  samba4-common-4.2.10-7.el6_8.x86_64.rpm
1ee374da3e6d9997e3213f77632c67760002d2349fe967a98021014d84f7bd65  samba4-dc-4.2.10-7.el6_8.x86_64.rpm
47d7e7079c2540d4029022ca6a7f90886172e005c079ef8dcc3636106ea9d695  samba4-dc-libs-4.2.10-7.el6_8.x86_64.rpm
dae07ad1fbfbf17f6586d2b21f573227a0c295fc60bce4ed7064c5c76d31b05f  samba4-devel-4.2.10-7.el6_8.x86_64.rpm
99191c51f9f48b05a5689e2ef32506a10206c15cccf6f76bc5cdf969b314e839  samba4-libs-4.2.10-7.el6_8.x86_64.rpm
7471a4a94c3527e359ffcb781aead43c42453dfc5ce59670ba8dffd1c1b052ad  samba4-pidl-4.2.10-7.el6_8.x86_64.rpm
6022b996f92b9f89ca75ebf66a132e5f08e304b340169f51c43dc0b4d9280d52  samba4-python-4.2.10-7.el6_8.x86_64.rpm
1da80174aa99318d2dcea3040ff32e4f259b5c10ce866fde1b09e0ad3018e11d  samba4-test-4.2.10-7.el6_8.x86_64.rpm
983f26cc1cfdc61ab632caf169dcf813f037fb728770af91bae6f6aca334dbda  samba4-winbind-4.2.10-7.el6_8.x86_64.rpm
f7e48ee612915fb163557534eae43a77d5a3cc8ab889f98fb0f1b978ab1f3aaf  samba4-winbind-clients-4.2.10-7.el6_8.x86_64.rpm
6d7cc5c92847f1299e6235c1657c4832c91b921e1ae65ea4d797f223d0b38719  samba4-winbind-krb5-locator-4.2.10-7.el6_8.x86_64.rpm

Source:
92590118ebb6c8d0ca75215616607dd793aedb2eb52b0c3caf1e9ee5cca2f489  samba4-4.2.10-7.el6_8.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC