Описание
ELSA-2013-1806: samba and samba3x security update (IMPORTANT)
[3.6.9-167]
- resolves: #1018037 - Fix CVE-2013-4408.
[3.6.9-165]
- resolves: #1028086 - Fix CVE-2013-4475.
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
libsmbclient
3.6.9-167.el6_5
libsmbclient-devel
3.6.9-167.el6_5
samba
3.6.9-167.el6_5
samba-client
3.6.9-167.el6_5
samba-common
3.6.9-167.el6_5
samba-doc
3.6.9-167.el6_5
samba-domainjoin-gui
3.6.9-167.el6_5
samba-swat
3.6.9-167.el6_5
samba-winbind
3.6.9-167.el6_5
samba-winbind-clients
3.6.9-167.el6_5
samba-winbind-devel
3.6.9-167.el6_5
samba-winbind-krb5-locator
3.6.9-167.el6_5
Oracle Linux i686
libsmbclient
3.6.9-167.el6_5
libsmbclient-devel
3.6.9-167.el6_5
samba
3.6.9-167.el6_5
samba-client
3.6.9-167.el6_5
samba-common
3.6.9-167.el6_5
samba-doc
3.6.9-167.el6_5
samba-domainjoin-gui
3.6.9-167.el6_5
samba-swat
3.6.9-167.el6_5
samba-winbind
3.6.9-167.el6_5
samba-winbind-clients
3.6.9-167.el6_5
samba-winbind-devel
3.6.9-167.el6_5
samba-winbind-krb5-locator
3.6.9-167.el6_5
Oracle Linux 5
Oracle Linux ia64
samba3x
3.6.6-0.138.el5_10
samba3x-client
3.6.6-0.138.el5_10
samba3x-common
3.6.6-0.138.el5_10
samba3x-doc
3.6.6-0.138.el5_10
samba3x-domainjoin-gui
3.6.6-0.138.el5_10
samba3x-swat
3.6.6-0.138.el5_10
samba3x-winbind
3.6.6-0.138.el5_10
samba3x-winbind-devel
3.6.6-0.138.el5_10
Oracle Linux x86_64
samba3x
3.6.6-0.138.el5_10
samba3x-client
3.6.6-0.138.el5_10
samba3x-common
3.6.6-0.138.el5_10
samba3x-doc
3.6.6-0.138.el5_10
samba3x-domainjoin-gui
3.6.6-0.138.el5_10
samba3x-swat
3.6.6-0.138.el5_10
samba3x-winbind
3.6.6-0.138.el5_10
samba3x-winbind-devel
3.6.6-0.138.el5_10
Oracle Linux i386
samba3x
3.6.6-0.138.el5_10
samba3x-client
3.6.6-0.138.el5_10
samba3x-common
3.6.6-0.138.el5_10
samba3x-doc
3.6.6-0.138.el5_10
samba3x-domainjoin-gui
3.6.6-0.138.el5_10
samba3x-swat
3.6.6-0.138.el5_10
samba3x-winbind
3.6.6-0.138.el5_10
samba3x-winbind-devel
3.6.6-0.138.el5_10
Связанные CVE
Связанные уязвимости
Samba 3.2.x through 3.6.x before 3.6.20, 4.0.x before 4.0.11, and 4.1.x before 4.1.1, when vfs_streams_depot or vfs_streams_xattr is enabled, allows remote attackers to bypass intended file restrictions by leveraging ACL differences between a file and an associated alternate data stream (ADS).
Samba 3.2.x through 3.6.x before 3.6.20, 4.0.x before 4.0.11, and 4.1.x before 4.1.1, when vfs_streams_depot or vfs_streams_xattr is enabled, allows remote attackers to bypass intended file restrictions by leveraging ACL differences between a file and an associated alternate data stream (ADS).
Samba 3.2.x through 3.6.x before 3.6.20, 4.0.x before 4.0.11, and 4.1.x before 4.1.1, when vfs_streams_depot or vfs_streams_xattr is enabled, allows remote attackers to bypass intended file restrictions by leveraging ACL differences between a file and an associated alternate data stream (ADS).
Samba 3.2.x through 3.6.x before 3.6.20, 4.0.x before 4.0.11, and 4.1. ...