SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (File Transfer/Sharing)  >   Samba Vendors:   Samba.org
Samba Multiple Flaws Let Remote Users Hijack Connections and Remote Authenticated Users Obtain Potentially Sensitive Information
SecurityTracker Alert ID:  1039401
SecurityTracker URL:  http://securitytracker.com/id/1039401
CVE Reference:   CVE-2017-12150, CVE-2017-12151, CVE-2017-12163   (Links to External Site)
Date:  Sep 21 2017
Impact:   Disclosure of system information, Disclosure of user information, Modification of system information, Modification of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to versions 4.4.16, 4.5.14, and 4.6.8
Description:   Several vulnerabilities were reported in Samba. A remote user can access data on the target system. A remote user can modify data on the target system. A remote authenticated user can obtain potentially sensitive information on the target system.

The system fails to require SMB signing in certain cases. A remote user can conduct a man-in-the-middle attack to hijack client connections and obtain potentially sensitive information [CVE-2017-12150]. Versions 3.0.25 to 4.6.7 are affected.

The client software does not properly sign and encrypt DFS redirects when the max protocol for the original connection is set as 'SMB3' [CVE-2017-12151]. Versions 4.1.0 to 4.6.7 are affected.

A remote authenticated user can send specially crafted SMB1 data to cause portions of server memory contents to be written to a file on the target Samba share or to a shared printer [CVE-2017-12163].

Yihan Lian and Zhibin Hu, security researchers with Qihoo 360 GearTeam, and Stefan Metzmacher of SerNet (https://samba.plus) reported these vulnerabilities.

Impact:   A remote user can access and modify data communicated between the client and server.

A remote authenticated user can obtain potentially sensitive information from server memory on the target system.

Solution:   The vendor has issued a fix (4.4.16, 4.5.14, 4.6.8).

The vendor advisories are available at:

https://www.samba.org/samba/security/CVE-2017-12150.html
https://www.samba.org/samba/security/CVE-2017-12151.html
https://www.samba.org/samba/security/CVE-2017-12163.html

Vendor URL:  www.samba.org/samba/security/CVE-2017-12150.html (Links to External Site)
Cause:   Access control error, Authentication error
Underlying OS:  Linux (Any), UNIX (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Sep 21 2017 (HPE Issues Fix for HPE NonStop Server) Samba Multiple Flaws Let Remote Users Hijack Connections and Remote Authenticated Users Obtain Potentially Sensitive Information
HPE has issued a fix for HPE NonStop Server.
Sep 21 2017 (Red Hat Issues Fix) Samba Multiple Flaws Let Remote Users Hijack Connections and Remote Authenticated Users Obtain Potentially Sensitive Information
Red Hat has issued a fix for Red Hat Enterprise Linux 7.
Sep 21 2017 (Red Hat Issues Fix) Samba Multiple Flaws Let Remote Users Hijack Connections and Remote Authenticated Users Obtain Potentially Sensitive Information
Red Hat has issued a fix for Red Hat Enterprise Linux 6.
Sep 21 2017 (Red Hat Issues Fix) Samba Multiple Flaws Let Remote Users Hijack Connections and Remote Authenticated Users Obtain Potentially Sensitive Information
Red Hat has issued a fix for Red Hat Enterprise Linux 6.
Sep 21 2017 (Ubuntu Issues Fix) Samba Multiple Flaws Let Remote Users Hijack Connections and Remote Authenticated Users Obtain Potentially Sensitive Information
Ubuntu has issued a fix for Ubuntu Linux 14.04 LTS, 16.04 LTS, and 17.04.
Sep 22 2017 (CentOS Issues Fix) Samba Multiple Flaws Let Remote Users Hijack Connections and Remote Authenticated Users Obtain Potentially Sensitive Information
CentOS has issued a fix for CentOS 7.
Sep 22 2017 (CentOS Issues Fix) Samba Multiple Flaws Let Remote Users Hijack Connections and Remote Authenticated Users Obtain Potentially Sensitive Information
CentOS has issued a fix for CentOS 6.
Sep 26 2017 (Oracle Issues Fix for Oracle Linux) Samba Multiple Flaws Let Remote Users Hijack Connections and Remote Authenticated Users Obtain Potentially Sensitive Information
Oracle has issued a fix for Oracle Linux 7.
Sep 28 2017 (Oracle Issues Fix for Oracle Linux) Samba Multiple Flaws Let Remote Users Hijack Connections and Remote Authenticated Users Obtain Potentially Sensitive Information
Oracle has issued a fix for Oracle Linux 6.
Oct 4 2017 (Red Hat Issues Revised Fix for Red Hat Gluster Storage) Samba Multiple Flaws Let Remote Users Hijack Connections and Remote Authenticated Users Obtain Potentially Sensitive Information
Red Hat has issued a revised fix for Red Hat Gluster Storage for Red Hat Enterprise Linux.
Nov 3 2017 (Ubuntu Issues Fix) Samba Multiple Flaws Let Remote Users Hijack Connections and Remote Authenticated Users Obtain Potentially Sensitive Information
Ubuntu has issued a fix for Ubuntu Linux 12.04 ESM.
Mar 14 2018 (HPE Issues Fix for HP-UX) Samba Multiple Flaws Let Remote Users Hijack Connections and Remote Authenticated Users Obtain Potentially Sensitive Information
HPE has issued a fix for HP-UX.



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC