Описание
ELSA-2014-1009: samba4 security update (IMPORTANT)
[4.0.0-63.rc4]
- resolves: #1126011 - CVE-2014-3560: remote code execution in nmbd.
[4.0.0-62.rc4]
- resolves: #1105501 - CVE-2014-0244: DoS in nmbd.
- resolves: #1108842 - CVE-2014-3493: DoS in smbd with unicode path names.
- resolves: #1105571 - CVE-2014-0178: Uninitialized memory exposure.
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
samba4
4.0.0-63.el6_5.rc4
samba4-client
4.0.0-63.el6_5.rc4
samba4-common
4.0.0-63.el6_5.rc4
samba4-dc
4.0.0-63.el6_5.rc4
samba4-dc-libs
4.0.0-63.el6_5.rc4
samba4-devel
4.0.0-63.el6_5.rc4
samba4-libs
4.0.0-63.el6_5.rc4
samba4-pidl
4.0.0-63.el6_5.rc4
samba4-python
4.0.0-63.el6_5.rc4
samba4-swat
4.0.0-63.el6_5.rc4
samba4-test
4.0.0-63.el6_5.rc4
samba4-winbind
4.0.0-63.el6_5.rc4
samba4-winbind-clients
4.0.0-63.el6_5.rc4
samba4-winbind-krb5-locator
4.0.0-63.el6_5.rc4
Oracle Linux i686
samba4
4.0.0-63.el6_5.rc4
samba4-client
4.0.0-63.el6_5.rc4
samba4-common
4.0.0-63.el6_5.rc4
samba4-dc
4.0.0-63.el6_5.rc4
samba4-dc-libs
4.0.0-63.el6_5.rc4
samba4-devel
4.0.0-63.el6_5.rc4
samba4-libs
4.0.0-63.el6_5.rc4
samba4-pidl
4.0.0-63.el6_5.rc4
samba4-python
4.0.0-63.el6_5.rc4
samba4-swat
4.0.0-63.el6_5.rc4
samba4-test
4.0.0-63.el6_5.rc4
samba4-winbind
4.0.0-63.el6_5.rc4
samba4-winbind-clients
4.0.0-63.el6_5.rc4
samba4-winbind-krb5-locator
4.0.0-63.el6_5.rc4
Связанные CVE
Связанные уязвимости
NetBIOS name services daemon (nmbd) in Samba 4.0.x before 4.0.21 and 4.1.x before 4.1.11 allows remote attackers to execute arbitrary code via unspecified vectors that modify heap memory, involving a sizeof operation on an incorrect variable in the unstrcpy macro in string_wrappers.h.
NetBIOS name services daemon (nmbd) in Samba 4.0.x before 4.0.21 and 4.1.x before 4.1.11 allows remote attackers to execute arbitrary code via unspecified vectors that modify heap memory, involving a sizeof operation on an incorrect variable in the unstrcpy macro in string_wrappers.h.
NetBIOS name services daemon (nmbd) in Samba 4.0.x before 4.0.21 and 4.1.x before 4.1.11 allows remote attackers to execute arbitrary code via unspecified vectors that modify heap memory, involving a sizeof operation on an incorrect variable in the unstrcpy macro in string_wrappers.h.
NetBIOS name services daemon (nmbd) in Samba 4.0.x before 4.0.21 and 4 ...
NetBIOS name services daemon (nmbd) in Samba 4.0.x before 4.0.21 and 4.1.x before 4.1.11 allows remote attackers to execute arbitrary code via unspecified vectors that modify heap memory, involving a sizeof operation on an incorrect variable in the unstrcpy macro in string_wrappers.h.