ELSA-2016-0449

Опубликовано: 15 мар. 2016

Источник: oracle-oval

Платформа: Oracle Linux 6

Описание

ELSA-2016-0449: samba4 security update (MODERATE)

[4.0.0-68.rc4]

resolves: #1314670 - Fix CVE-2015-7560

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

samba4

4.0.0-68.el6_7.rc4

samba4-client

4.0.0-68.el6_7.rc4

samba4-common

4.0.0-68.el6_7.rc4

samba4-dc

4.0.0-68.el6_7.rc4

samba4-dc-libs

4.0.0-68.el6_7.rc4

samba4-devel

4.0.0-68.el6_7.rc4

samba4-libs

4.0.0-68.el6_7.rc4

samba4-pidl

4.0.0-68.el6_7.rc4

samba4-python

4.0.0-68.el6_7.rc4

samba4-swat

4.0.0-68.el6_7.rc4

samba4-test

4.0.0-68.el6_7.rc4

samba4-winbind

4.0.0-68.el6_7.rc4

samba4-winbind-clients

4.0.0-68.el6_7.rc4

samba4-winbind-krb5-locator

4.0.0-68.el6_7.rc4

Oracle Linux i686

samba4

4.0.0-68.el6_7.rc4

samba4-client

4.0.0-68.el6_7.rc4

samba4-common

4.0.0-68.el6_7.rc4

samba4-dc

4.0.0-68.el6_7.rc4

samba4-dc-libs

4.0.0-68.el6_7.rc4

samba4-devel

4.0.0-68.el6_7.rc4

samba4-libs

4.0.0-68.el6_7.rc4

samba4-pidl

4.0.0-68.el6_7.rc4

samba4-python

4.0.0-68.el6_7.rc4

samba4-swat

4.0.0-68.el6_7.rc4

samba4-test

4.0.0-68.el6_7.rc4

samba4-winbind

4.0.0-68.el6_7.rc4

samba4-winbind-clients

4.0.0-68.el6_7.rc4

samba4-winbind-krb5-locator

4.0.0-68.el6_7.rc4

Связанные CVE

CVE-2015-7560

Ссылки на источники

Связанные уязвимости

CVE-2015-7560

CVSS3: 6.5

ubuntu

больше 9 лет назад

The SMB1 implementation in smbd in Samba 3.x and 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4 allows remote authenticated users to modify arbitrary ACLs by using a UNIX SMB1 call to create a symlink, and then using a non-UNIX SMB1 call to write to the ACL content.