Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2016:1028-1

Опубликовано: 13 апр. 2016
Источник: suse-cvrf

Описание

Security update for samba

samba was updated to fix seven security issues.

These security issues were fixed:

  • CVE-2015-5370: DCERPC server and client were vulnerable to DOS and MITM attacks (bsc#936862).
  • CVE-2016-2110: A man-in-the-middle could have downgraded NTLMSSP authentication (bsc#973031).
  • CVE-2016-2111: Domain controller netlogon member computer could have been spoofed (bsc#973032).
  • CVE-2016-2112: LDAP conenctions were vulnerable to downgrade and MITM attack (bsc#973033).
  • CVE-2016-2113: TLS certificate validation were missing (bsc#973034).
  • CVE-2016-2115: Named pipe IPC were vulnerable to MITM attacks (bsc#973036).
  • CVE-2016-2118: 'Badlock' DCERPC impersonation of authenticated account were possible (bsc#971965).

These non-security issues were fixed:

  • bsc#967017: Fix leaking memory in libsmbclient in cli_set_mntpoint function
  • Getting and setting Windows ACLs on symlinks can change permissions on link

Список пакетов

SUSE Linux Enterprise Server 11 SP2-LTSS
ldapsmb-1.34b-52.1
libldb1-3.6.3-52.1
libsmbclient0-3.6.3-52.1
libsmbclient0-32bit-3.6.3-52.1
libtalloc2-3.6.3-52.1
libtalloc2-32bit-3.6.3-52.1
libtdb1-3.6.3-52.1
libtdb1-32bit-3.6.3-52.1
libtevent0-3.6.3-52.1
libtevent0-32bit-3.6.3-52.1
libwbclient0-3.6.3-52.1
libwbclient0-32bit-3.6.3-52.1
samba-3.6.3-52.1
samba-32bit-3.6.3-52.1
samba-client-3.6.3-52.1
samba-client-32bit-3.6.3-52.1
samba-doc-3.6.3-52.1
samba-krb-printing-3.6.3-52.1
samba-winbind-3.6.3-52.1
samba-winbind-32bit-3.6.3-52.1

Ссылки

Описание

Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not properly implement the DCE-RPC layer, which allows remote attackers to perform protocol-downgrade attacks, cause a denial of service (application crash or CPU consumption), or possibly execute arbitrary code on a client system via unspecified vectors.

Затронутые продукты
SUSE Linux Enterprise Server 11 SP2-LTSS:ldapsmb-1.34b-52.1
SUSE Linux Enterprise Server 11 SP2-LTSS:libldb1-3.6.3-52.1
SUSE Linux Enterprise Server 11 SP2-LTSS:libsmbclient0-3.6.3-52.1
SUSE Linux Enterprise Server 11 SP2-LTSS:libsmbclient0-32bit-3.6.3-52.1
Ссылки

Описание

The NTLMSSP authentication implementation in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 allows man-in-the-middle attackers to perform protocol-downgrade attacks by modifying the client-server data stream to remove application-layer flags or encryption settings, as demonstrated by clearing the NTLMSSP_NEGOTIATE_SEAL or NTLMSSP_NEGOTIATE_SIGN option to disrupt LDAP security.

Затронутые продукты
SUSE Linux Enterprise Server 11 SP2-LTSS:ldapsmb-1.34b-52.1
SUSE Linux Enterprise Server 11 SP2-LTSS:libldb1-3.6.3-52.1
SUSE Linux Enterprise Server 11 SP2-LTSS:libsmbclient0-3.6.3-52.1
SUSE Linux Enterprise Server 11 SP2-LTSS:libsmbclient0-32bit-3.6.3-52.1
Ссылки

Описание

The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2, when a domain controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by running a crafted application and leveraging the ability to sniff network traffic, a related issue to CVE-2015-0005.

Затронутые продукты
SUSE Linux Enterprise Server 11 SP2-LTSS:ldapsmb-1.34b-52.1
SUSE Linux Enterprise Server 11 SP2-LTSS:libldb1-3.6.3-52.1
SUSE Linux Enterprise Server 11 SP2-LTSS:libsmbclient0-3.6.3-52.1
SUSE Linux Enterprise Server 11 SP2-LTSS:libsmbclient0-32bit-3.6.3-52.1
Ссылки

Описание

The bundled LDAP client library in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the "client ldap sasl wrapping" setting, which allows man-in-the-middle attackers to perform LDAP protocol-downgrade attacks by modifying the client-server data stream.

Затронутые продукты
SUSE Linux Enterprise Server 11 SP2-LTSS:ldapsmb-1.34b-52.1
SUSE Linux Enterprise Server 11 SP2-LTSS:libldb1-3.6.3-52.1
SUSE Linux Enterprise Server 11 SP2-LTSS:libsmbclient0-3.6.3-52.1
SUSE Linux Enterprise Server 11 SP2-LTSS:libsmbclient0-32bit-3.6.3-52.1
Ссылки

Описание

Samba 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not verify X.509 certificates from TLS servers, which allows man-in-the-middle attackers to spoof LDAPS and HTTPS servers and obtain sensitive information via a crafted certificate.

Затронутые продукты
SUSE Linux Enterprise Server 11 SP2-LTSS:ldapsmb-1.34b-52.1
SUSE Linux Enterprise Server 11 SP2-LTSS:libldb1-3.6.3-52.1
SUSE Linux Enterprise Server 11 SP2-LTSS:libsmbclient0-3.6.3-52.1
SUSE Linux Enterprise Server 11 SP2-LTSS:libsmbclient0-32bit-3.6.3-52.1
Ссылки

Описание

Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not require SMB signing within a DCERPC session over ncacn_np, which allows man-in-the-middle attackers to spoof SMB clients by modifying the client-server data stream.

Затронутые продукты
SUSE Linux Enterprise Server 11 SP2-LTSS:ldapsmb-1.34b-52.1
SUSE Linux Enterprise Server 11 SP2-LTSS:libldb1-3.6.3-52.1
SUSE Linux Enterprise Server 11 SP2-LTSS:libsmbclient0-3.6.3-52.1
SUSE Linux Enterprise Server 11 SP2-LTSS:libsmbclient0-32bit-3.6.3-52.1
Ссылки

Описание

The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream, aka "BADLOCK."

Затронутые продукты
SUSE Linux Enterprise Server 11 SP2-LTSS:ldapsmb-1.34b-52.1
SUSE Linux Enterprise Server 11 SP2-LTSS:libldb1-3.6.3-52.1
SUSE Linux Enterprise Server 11 SP2-LTSS:libsmbclient0-3.6.3-52.1
SUSE Linux Enterprise Server 11 SP2-LTSS:libsmbclient0-32bit-3.6.3-52.1
Ссылки
Уязвимость SUSE-SU-2016:1028-1