SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (File Transfer/Sharing)  >   Samba Vendors:   Samba.org
(CentOS Issues Fix) Samba Multiple Flaws Let Remote Users Hijack Connections and Remote Authenticated Users Obtain Potentially Sensitive Information
SecurityTracker Alert ID:  1039423
SecurityTracker URL:  http://securitytracker.com/id/1039423
CVE Reference:   CVE-2017-12150, CVE-2017-12151, CVE-2017-12163   (Links to External Site)
Date:  Sep 22 2017
Impact:   Disclosure of system information, Disclosure of user information, Modification of system information, Modification of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to versions 4.4.16, 4.5.14, and 4.6.8
Description:   Several vulnerabilities were reported in Samba. A remote user can access data on the target system. A remote user can modify data on the target system. A remote authenticated user can obtain potentially sensitive information on the target system.

The system fails to require SMB signing in certain cases. A remote user can conduct a man-in-the-middle attack to hijack client connections and obtain potentially sensitive information [CVE-2017-12150]. Versions 3.0.25 to 4.6.7 are affected.

The client software does not properly sign and encrypt DFS redirects when the max protocol for the original connection is set as 'SMB3' [CVE-2017-12151]. Versions 4.1.0 to 4.6.7 are affected.

A remote authenticated user can send specially crafted SMB1 data to cause portions of server memory contents to be written to a file on the target Samba share or to a shared printer [CVE-2017-12163].

Yihan Lian and Zhibin Hu, security researchers with Qihoo 360 GearTeam, and Stefan Metzmacher of SerNet (https://samba.plus) reported these vulnerabilities.

Impact:   A remote user can access and modify data communicated between the client and server.

A remote authenticated user can obtain potentially sensitive information from server memory on the target system.

Solution:   CentOS has issued a fix.

x86_64:
caba3f119d5cba32ffe42a769b47aa29f5c3918b2700ce283bc5dcdf56d00a8d ctdb-4.6.2-11.el7_4.x86_64.rpm
a9700b09956c3485efa48b9b72f30dd7986958d4882f7edff777e1c7d8b0e6df ctdb-tests-4.6.2-11.el7_4.x86_64.rpm
c92bc7ea68e289579679bada2a31f9ac1ce8bde5956563614eef91dd84375107 libsmbclient-4.6.2-11.el7_4.i686.rpm
3d38741a74f33d2db9c2d60d304c34a903ceafdb67899f905ce6a823007752b3 libsmbclient-4.6.2-11.el7_4.x86_64.rpm
9343afcf2c447a68bb2bff445884b54466ccdb510614ce064ae0de3756b18666 libsmbclient-devel-4.6.2-11.el7_4.i686.rpm
a537f6b0386e918eca30418025f50dc3927c738edeff4136a5c2ae6e715fee0a libsmbclient-devel-4.6.2-11.el7_4.x86_64.rpm
7e5bc4580705aa15d99932b7c3f240d26a26ea19642ca167269cc9074862a28c libwbclient-4.6.2-11.el7_4.i686.rpm
50c946607f828ac721ac48be15992e9065de14312035cb2cb46036f6163e6404 libwbclient-4.6.2-11.el7_4.x86_64.rpm
6e6da2088bc3c3d27da2a96018b37b22f8b16fd9743fe820285ce20aab677dd7 libwbclient-devel-4.6.2-11.el7_4.i686.rpm
51e0edf6e01407e2bc2f9497cafd701024db85f9181b14984a950360b94a9e16 libwbclient-devel-4.6.2-11.el7_4.x86_64.rpm
ba47b501512978d111761ff19dab144507c97062c936373b303c83a0a7cbe4c9 samba-4.6.2-11.el7_4.x86_64.rpm
1ea2818d608caebd3aab9d9fc4dc41617c15b608ab7bac79fc342730588bd9b5 samba-client-4.6.2-11.el7_4.x86_64.rpm
6a64a3576fc40d1dc3f827bd20153491e2fdcf15dd3362e817d032c7432fc51b samba-client-libs-4.6.2-11.el7_4.i686.rpm
b218c017ffb84660bcf327f47a504c44ee042527f609ef1a43b8354d1a5116de samba-client-libs-4.6.2-11.el7_4.x86_64.rpm
c4422f65f1fe3716b765170afa36e4250fc3637421a3bfa3fb4c5a32b5727873 samba-common-4.6.2-11.el7_4.noarch.rpm
856e39494bb2207b6100ada647419c378b578f5e51882c64da3b3caf2224a6c0 samba-common-libs-4.6.2-11.el7_4.x86_64.rpm
ce205fac1766b8e47a6e0650a89806192b3ad4bc2660bced20ae0be9d92e2fb3 samba-common-tools-4.6.2-11.el7_4.x86_64.rpm
6d9ee1bc0fe413822f48daf29b9512dac4eddc146983637fbaa077f5f4280b86 samba-dc-4.6.2-11.el7_4.x86_64.rpm
2fa6a2ec3f02c6417dfaea930ad80e51b7675765610338d60d1bc5bc41c9e9ce samba-dc-libs-4.6.2-11.el7_4.x86_64.rpm
1ca2778392b20854f7393a708236b9f540de48858317453c4c2b604b9bc94fec samba-devel-4.6.2-11.el7_4.i686.rpm
08b878ef5c4aeaa5cbb12daf99c6fefe39df84b17fa5b94353ca7a7de7143bf5 samba-devel-4.6.2-11.el7_4.x86_64.rpm
c3e27385cecd6b7d78c38ae7fbb3693e547f0c4db7bae05b39ab8e6defbbb262 samba-krb5-printing-4.6.2-11.el7_4.x86_64.rpm
12841d68047b9038e53e21566b6ab00f9cdf8f8fd94e81c012a9376f62bc8999 samba-libs-4.6.2-11.el7_4.i686.rpm
1a04433b8a39dd670c149ecf0e0f83a39c3c0fb7d8bb9133a56fa1b2adf2f998 samba-libs-4.6.2-11.el7_4.x86_64.rpm
7ce137a14fb0b3bd7063a71630590dede4134c7e9197a4aa6e7f01af09f33bfb samba-pidl-4.6.2-11.el7_4.noarch.rpm
36ba02cfff0c5d04a576c645add308bce2ac730c4f10847eba52802f831ae0c6 samba-python-4.6.2-11.el7_4.x86_64.rpm
a4c456ba9f710f08a73a57acf0aaaf0dfb89c1d4c90ad7c18803936535a7a92d samba-test-4.6.2-11.el7_4.x86_64.rpm
b5c80a2c3bed6d70f7a97bf37aa5c8c4de1f05b039e29ad9da14bc3a6be16345 samba-test-libs-4.6.2-11.el7_4.i686.rpm
c73694995c0304dc02a6f6f7e84a6dae9faab941d83db8d9c268f073674775c7 samba-test-libs-4.6.2-11.el7_4.x86_64.rpm
762977f43d1bd19a0f21ca76748038a4139ed8f83a080dac98773f6c74273276 samba-vfs-glusterfs-4.6.2-11.el7_4.x86_64.rpm
f1551403f32e0e488f4ad71de0ea2ee50c53509851c41e33ed5ea310dcf82328 samba-winbind-4.6.2-11.el7_4.x86_64.rpm
c421ddee28dfb0c03ca00682a6609379615c856128558143a50fddf1c20d3565 samba-winbind-clients-4.6.2-11.el7_4.x86_64.rpm
842a4154f78bd7fd123ea3a463f0e3f7a72ffefd3147377b715b02fc73fcc113 samba-winbind-krb5-locator-4.6.2-11.el7_4.x86_64.rpm
aa6e74223be5ce46d48e9e279fc49bc4b01b7faae114b5a862db98876270bbc1 samba-winbind-modules-4.6.2-11.el7_4.i686.rpm
034e2a59161d188fb0f023a05d8ccd8815908fd83a1806c24c907b90c0dba62c samba-winbind-modules-4.6.2-11.el7_4.x86_64.rpm

Source:
f3c3cdfa0bd76ab38a298bf0f4f5a2e9e727312f23e1d010c95dc924c54a6057 samba-4.6.2-11.el7_4.src.rpm

Cause:   Access control error, Authentication error
Underlying OS:  Linux (CentOS)
Underlying OS Comments:  7

Message History:   This archive entry is a follow-up to the message listed below.
Sep 21 2017 Samba Multiple Flaws Let Remote Users Hijack Connections and Remote Authenticated Users Obtain Potentially Sensitive Information



 Source Message Contents

Subject:  [CentOS-announce] CESA-2017:2790 Moderate CentOS 7 samba Security Update


CentOS Errata and Security Advisory 2017:2790 Moderate

Upstream details at : https://access.redhat.com/errata/RHSA-2017:2790

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

x86_64:
caba3f119d5cba32ffe42a769b47aa29f5c3918b2700ce283bc5dcdf56d00a8d  ctdb-4.6.2-11.el7_4.x86_64.rpm
a9700b09956c3485efa48b9b72f30dd7986958d4882f7edff777e1c7d8b0e6df  ctdb-tests-4.6.2-11.el7_4.x86_64.rpm
c92bc7ea68e289579679bada2a31f9ac1ce8bde5956563614eef91dd84375107  libsmbclient-4.6.2-11.el7_4.i686.rpm
3d38741a74f33d2db9c2d60d304c34a903ceafdb67899f905ce6a823007752b3  libsmbclient-4.6.2-11.el7_4.x86_64.rpm
9343afcf2c447a68bb2bff445884b54466ccdb510614ce064ae0de3756b18666  libsmbclient-devel-4.6.2-11.el7_4.i686.rpm
a537f6b0386e918eca30418025f50dc3927c738edeff4136a5c2ae6e715fee0a  libsmbclient-devel-4.6.2-11.el7_4.x86_64.rpm
7e5bc4580705aa15d99932b7c3f240d26a26ea19642ca167269cc9074862a28c  libwbclient-4.6.2-11.el7_4.i686.rpm
50c946607f828ac721ac48be15992e9065de14312035cb2cb46036f6163e6404  libwbclient-4.6.2-11.el7_4.x86_64.rpm
6e6da2088bc3c3d27da2a96018b37b22f8b16fd9743fe820285ce20aab677dd7  libwbclient-devel-4.6.2-11.el7_4.i686.rpm
51e0edf6e01407e2bc2f9497cafd701024db85f9181b14984a950360b94a9e16  libwbclient-devel-4.6.2-11.el7_4.x86_64.rpm
ba47b501512978d111761ff19dab144507c97062c936373b303c83a0a7cbe4c9  samba-4.6.2-11.el7_4.x86_64.rpm
1ea2818d608caebd3aab9d9fc4dc41617c15b608ab7bac79fc342730588bd9b5  samba-client-4.6.2-11.el7_4.x86_64.rpm
6a64a3576fc40d1dc3f827bd20153491e2fdcf15dd3362e817d032c7432fc51b  samba-client-libs-4.6.2-11.el7_4.i686.rpm
b218c017ffb84660bcf327f47a504c44ee042527f609ef1a43b8354d1a5116de  samba-client-libs-4.6.2-11.el7_4.x86_64.rpm
c4422f65f1fe3716b765170afa36e4250fc3637421a3bfa3fb4c5a32b5727873  samba-common-4.6.2-11.el7_4.noarch.rpm
856e39494bb2207b6100ada647419c378b578f5e51882c64da3b3caf2224a6c0  samba-common-libs-4.6.2-11.el7_4.x86_64.rpm
ce205fac1766b8e47a6e0650a89806192b3ad4bc2660bced20ae0be9d92e2fb3  samba-common-tools-4.6.2-11.el7_4.x86_64.rpm
6d9ee1bc0fe413822f48daf29b9512dac4eddc146983637fbaa077f5f4280b86  samba-dc-4.6.2-11.el7_4.x86_64.rpm
2fa6a2ec3f02c6417dfaea930ad80e51b7675765610338d60d1bc5bc41c9e9ce  samba-dc-libs-4.6.2-11.el7_4.x86_64.rpm
1ca2778392b20854f7393a708236b9f540de48858317453c4c2b604b9bc94fec  samba-devel-4.6.2-11.el7_4.i686.rpm
08b878ef5c4aeaa5cbb12daf99c6fefe39df84b17fa5b94353ca7a7de7143bf5  samba-devel-4.6.2-11.el7_4.x86_64.rpm
c3e27385cecd6b7d78c38ae7fbb3693e547f0c4db7bae05b39ab8e6defbbb262  samba-krb5-printing-4.6.2-11.el7_4.x86_64.rpm
12841d68047b9038e53e21566b6ab00f9cdf8f8fd94e81c012a9376f62bc8999  samba-libs-4.6.2-11.el7_4.i686.rpm
1a04433b8a39dd670c149ecf0e0f83a39c3c0fb7d8bb9133a56fa1b2adf2f998  samba-libs-4.6.2-11.el7_4.x86_64.rpm
7ce137a14fb0b3bd7063a71630590dede4134c7e9197a4aa6e7f01af09f33bfb  samba-pidl-4.6.2-11.el7_4.noarch.rpm
36ba02cfff0c5d04a576c645add308bce2ac730c4f10847eba52802f831ae0c6  samba-python-4.6.2-11.el7_4.x86_64.rpm
a4c456ba9f710f08a73a57acf0aaaf0dfb89c1d4c90ad7c18803936535a7a92d  samba-test-4.6.2-11.el7_4.x86_64.rpm
b5c80a2c3bed6d70f7a97bf37aa5c8c4de1f05b039e29ad9da14bc3a6be16345  samba-test-libs-4.6.2-11.el7_4.i686.rpm
c73694995c0304dc02a6f6f7e84a6dae9faab941d83db8d9c268f073674775c7  samba-test-libs-4.6.2-11.el7_4.x86_64.rpm
762977f43d1bd19a0f21ca76748038a4139ed8f83a080dac98773f6c74273276  samba-vfs-glusterfs-4.6.2-11.el7_4.x86_64.rpm
f1551403f32e0e488f4ad71de0ea2ee50c53509851c41e33ed5ea310dcf82328  samba-winbind-4.6.2-11.el7_4.x86_64.rpm
c421ddee28dfb0c03ca00682a6609379615c856128558143a50fddf1c20d3565  samba-winbind-clients-4.6.2-11.el7_4.x86_64.rpm
842a4154f78bd7fd123ea3a463f0e3f7a72ffefd3147377b715b02fc73fcc113  samba-winbind-krb5-locator-4.6.2-11.el7_4.x86_64.rpm
aa6e74223be5ce46d48e9e279fc49bc4b01b7faae114b5a862db98876270bbc1  samba-winbind-modules-4.6.2-11.el7_4.i686.rpm
034e2a59161d188fb0f023a05d8ccd8815908fd83a1806c24c907b90c0dba62c  samba-winbind-modules-4.6.2-11.el7_4.x86_64.rpm

Source:
f3c3cdfa0bd76ab38a298bf0f4f5a2e9e727312f23e1d010c95dc924c54a6057  samba-4.6.2-11.el7_4.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC