SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (File Transfer/Sharing)  >   Samba Vendors:   Samba.org
(CentOS Issues Fix) Samba SMB1 Use-After-Free Memory Error Lets Remote Users Execute Arbitrary Code on the Target System
SecurityTracker Alert ID:  1039976
SecurityTracker URL:  http://securitytracker.com/id/1039976
CVE Reference:   CVE-2017-14746   (Links to External Site)
Date:  Dec 7 2017
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 4.0.0 and after
Description:   A vulnerability was reported in Samba. A remote user can execute arbitrary code on the target system.

A remote user can send specially crafted SMB1 requests to trigger a use-after-free memory error and execute arbitrary code on the target system. The code will run with the privileges of the target service.

Yihan Lian and Zhibin Hu of Qihoo 360 GearTeam reported this vulnerability.

Impact:   A remote user can execute arbitrary code on the target system.
Solution:   CentOS has issued a fix.

i386:
7d9829553295a968d06bb84eae803714038365e64b7f9d8051689aa4ff442c48 samba4-4.2.10-12.el6_9.i686.rpm
3a872107613ff75a7028438c2cb89b9c95e47b9b40606eec7a35476ba040f201 samba4-client-4.2.10-12.el6_9.i686.rpm
91c72a494e0d15d912d933360cc5228be79701d64d610ecd25f835ebcfe32686 samba4-common-4.2.10-12.el6_9.i686.rpm
d9c01b0229ded2cc7a8584f0853454b38599315e6cb6222c6fe9fc5f1030a8cd samba4-dc-4.2.10-12.el6_9.i686.rpm
2de0def968af53478f22312a978832293c16abebb0fba832e0891def67cc0b4f samba4-dc-libs-4.2.10-12.el6_9.i686.rpm
1a68772a35214e87a1ae86657c951f00388a405925f590aa17d3064876cc0e38 samba4-devel-4.2.10-12.el6_9.i686.rpm
49350c8b86c3afb56e68341b65174b6cb71f2df5d4a9f32fa18f1b1dae06826c samba4-libs-4.2.10-12.el6_9.i686.rpm
02994c04b40fb1c3562618e3e77b2aa6b11ee2cd32e5d0abd7d6885bdc8cc10e samba4-pidl-4.2.10-12.el6_9.i686.rpm
7e4f3d3ac219ee50100fbad8ef7cba3722bbfcd5e522f8fda89da492429eddb1 samba4-python-4.2.10-12.el6_9.i686.rpm
862adc0c52318d7db17e635b5f740591734440c469f6510ba991cecba4881770 samba4-test-4.2.10-12.el6_9.i686.rpm
2b7198f251f01d4a644fd555af9d713f431591e4a709653a3fb422341ebf47c5 samba4-winbind-4.2.10-12.el6_9.i686.rpm
efbc1b1ae4eca6b07298803bcd76acf9782fc481e7d2d974203ab82c3ea23715 samba4-winbind-clients-4.2.10-12.el6_9.i686.rpm
1debf9ff0842214b215f69aa55ecf8749932597a98be0e2d4e61118d61334917 samba4-winbind-krb5-locator-4.2.10-12.el6_9.i686.rpm

x86_64:
a23a735bfd9f91fec7481ead3b7f737a7e9e4347dac578296286a2b80063c036 samba4-4.2.10-12.el6_9.x86_64.rpm
259a8998395281abe2c1b58a6df1923f18f43525bb6b9f46ef115c06c9227ede samba4-client-4.2.10-12.el6_9.x86_64.rpm
80dfbabbcb725bf9f0527dd695dfbae3ef85df560d695a9028e6de4816d683dc samba4-common-4.2.10-12.el6_9.x86_64.rpm
88ef55eb07690a64ac9c7b8313bb781332b9d0d530299b60f7cacaa61a7de9b8 samba4-dc-4.2.10-12.el6_9.x86_64.rpm
a41cca312a313d6897c65e6be15e1e5cf07cbccfbed2469f3dc8411ec18a6001 samba4-dc-libs-4.2.10-12.el6_9.x86_64.rpm
68ae710292c856a7f037ddc9497c412cb6d83f1e1751c034a79a97f4e19817f2 samba4-devel-4.2.10-12.el6_9.x86_64.rpm
b54adbd7416b8f4defb69a2a9437ef720b96e0d388cea45fa31c7fc62e55fad0 samba4-libs-4.2.10-12.el6_9.x86_64.rpm
8b2342c31200dedd48f4b3f8663b0ebc8f36ea79ba83bac30f733545440be7f5 samba4-pidl-4.2.10-12.el6_9.x86_64.rpm
aac0d607a823792673f9d382d67359684f0512f1fb866f9fdb6c8ae9ff7da4df samba4-python-4.2.10-12.el6_9.x86_64.rpm
e12fa88c49c8d9a52c2566afc61d0010c0fdaa17c558ef2b5ad212782cbd401a samba4-test-4.2.10-12.el6_9.x86_64.rpm
f9247caaea35acdef7263627f55bbe1216764538e0ca0aa34493269f965eda3e samba4-winbind-4.2.10-12.el6_9.x86_64.rpm
53c527825df823b3a7aee472a3af154d4ebb2bbe0275485745dbd7fba5bfd22e samba4-winbind-clients-4.2.10-12.el6_9.x86_64.rpm
0bec2014a8c69d09c793d73d67e0f1df19d1005012e9577b4fc1e44388a57323 samba4-winbind-krb5-locator-4.2.10-12.el6_9.x86_64.rpm

Source:
510d133515ab5e041ca4a00df1074ac2725cc6c45b573ddcbaf112959fbb1284 samba4-4.2.10-12.el6_9.src.rpm

Cause:   Access control error
Underlying OS:  Linux (CentOS)
Underlying OS Comments:  6

Message History:   This archive entry is a follow-up to the message listed below.
Nov 21 2017 Samba SMB1 Use-After-Free Memory Error Lets Remote Users Execute Arbitrary Code on the Target System



 Source Message Contents

Subject:  [CentOS-announce] CESA-2017:3278 Important CentOS 6 samba4 Security Update


CentOS Errata and Security Advisory 2017:3278 Important

Upstream details at : https://access.redhat.com/errata/RHSA-2017:3278

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
7d9829553295a968d06bb84eae803714038365e64b7f9d8051689aa4ff442c48  samba4-4.2.10-12.el6_9.i686.rpm
3a872107613ff75a7028438c2cb89b9c95e47b9b40606eec7a35476ba040f201  samba4-client-4.2.10-12.el6_9.i686.rpm
91c72a494e0d15d912d933360cc5228be79701d64d610ecd25f835ebcfe32686  samba4-common-4.2.10-12.el6_9.i686.rpm
d9c01b0229ded2cc7a8584f0853454b38599315e6cb6222c6fe9fc5f1030a8cd  samba4-dc-4.2.10-12.el6_9.i686.rpm
2de0def968af53478f22312a978832293c16abebb0fba832e0891def67cc0b4f  samba4-dc-libs-4.2.10-12.el6_9.i686.rpm
1a68772a35214e87a1ae86657c951f00388a405925f590aa17d3064876cc0e38  samba4-devel-4.2.10-12.el6_9.i686.rpm
49350c8b86c3afb56e68341b65174b6cb71f2df5d4a9f32fa18f1b1dae06826c  samba4-libs-4.2.10-12.el6_9.i686.rpm
02994c04b40fb1c3562618e3e77b2aa6b11ee2cd32e5d0abd7d6885bdc8cc10e  samba4-pidl-4.2.10-12.el6_9.i686.rpm
7e4f3d3ac219ee50100fbad8ef7cba3722bbfcd5e522f8fda89da492429eddb1  samba4-python-4.2.10-12.el6_9.i686.rpm
862adc0c52318d7db17e635b5f740591734440c469f6510ba991cecba4881770  samba4-test-4.2.10-12.el6_9.i686.rpm
2b7198f251f01d4a644fd555af9d713f431591e4a709653a3fb422341ebf47c5  samba4-winbind-4.2.10-12.el6_9.i686.rpm
efbc1b1ae4eca6b07298803bcd76acf9782fc481e7d2d974203ab82c3ea23715  samba4-winbind-clients-4.2.10-12.el6_9.i686.rpm
1debf9ff0842214b215f69aa55ecf8749932597a98be0e2d4e61118d61334917  samba4-winbind-krb5-locator-4.2.10-12.el6_9.i686.rpm

x86_64:
a23a735bfd9f91fec7481ead3b7f737a7e9e4347dac578296286a2b80063c036  samba4-4.2.10-12.el6_9.x86_64.rpm
259a8998395281abe2c1b58a6df1923f18f43525bb6b9f46ef115c06c9227ede  samba4-client-4.2.10-12.el6_9.x86_64.rpm
80dfbabbcb725bf9f0527dd695dfbae3ef85df560d695a9028e6de4816d683dc  samba4-common-4.2.10-12.el6_9.x86_64.rpm
88ef55eb07690a64ac9c7b8313bb781332b9d0d530299b60f7cacaa61a7de9b8  samba4-dc-4.2.10-12.el6_9.x86_64.rpm
a41cca312a313d6897c65e6be15e1e5cf07cbccfbed2469f3dc8411ec18a6001  samba4-dc-libs-4.2.10-12.el6_9.x86_64.rpm
68ae710292c856a7f037ddc9497c412cb6d83f1e1751c034a79a97f4e19817f2  samba4-devel-4.2.10-12.el6_9.x86_64.rpm
b54adbd7416b8f4defb69a2a9437ef720b96e0d388cea45fa31c7fc62e55fad0  samba4-libs-4.2.10-12.el6_9.x86_64.rpm
8b2342c31200dedd48f4b3f8663b0ebc8f36ea79ba83bac30f733545440be7f5  samba4-pidl-4.2.10-12.el6_9.x86_64.rpm
aac0d607a823792673f9d382d67359684f0512f1fb866f9fdb6c8ae9ff7da4df  samba4-python-4.2.10-12.el6_9.x86_64.rpm
e12fa88c49c8d9a52c2566afc61d0010c0fdaa17c558ef2b5ad212782cbd401a  samba4-test-4.2.10-12.el6_9.x86_64.rpm
f9247caaea35acdef7263627f55bbe1216764538e0ca0aa34493269f965eda3e  samba4-winbind-4.2.10-12.el6_9.x86_64.rpm
53c527825df823b3a7aee472a3af154d4ebb2bbe0275485745dbd7fba5bfd22e  samba4-winbind-clients-4.2.10-12.el6_9.x86_64.rpm
0bec2014a8c69d09c793d73d67e0f1df19d1005012e9577b4fc1e44388a57323  samba4-winbind-krb5-locator-4.2.10-12.el6_9.x86_64.rpm

Source:
510d133515ab5e041ca4a00df1074ac2725cc6c45b573ddcbaf112959fbb1284  samba4-4.2.10-12.el6_9.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC