Описание
Security update for samba
This update for samba fixes the following issues:
Security issues fixed:
- CVE-2016-2125: Don't send delegated credentials to all servers. (bsc#1014441).
- CVE-2016-2126: Denial of service due to a client triggered crash in the winbindd parent process. (bsc#1014442).
- CVE-2016-2123: Heap-based Buffer Overflow Remote Code Execution Vulnerability. (bsc#1014437). This component is not built into our packages, so we are not affected.
Non security issues fixed:
- s3/client: obey 'disable netbios' smb.conf param, don't connect via NBT port; (bsc#1009085)
Список пакетов
SUSE Linux Enterprise Desktop 12 SP2
libdcerpc-binding0-4.4.2-31.1
libdcerpc-binding0-32bit-4.4.2-31.1
libdcerpc0-4.4.2-31.1
libdcerpc0-32bit-4.4.2-31.1
libndr-krb5pac0-4.4.2-31.1
libndr-krb5pac0-32bit-4.4.2-31.1
libndr-nbt0-4.4.2-31.1
libndr-nbt0-32bit-4.4.2-31.1
libndr-standard0-4.4.2-31.1
libndr-standard0-32bit-4.4.2-31.1
libndr0-4.4.2-31.1
libndr0-32bit-4.4.2-31.1
libnetapi0-4.4.2-31.1
libnetapi0-32bit-4.4.2-31.1
libsamba-credentials0-4.4.2-31.1
libsamba-credentials0-32bit-4.4.2-31.1
libsamba-errors0-4.4.2-31.1
libsamba-errors0-32bit-4.4.2-31.1
libsamba-hostconfig0-4.4.2-31.1
libsamba-hostconfig0-32bit-4.4.2-31.1
libsamba-passdb0-4.4.2-31.1
libsamba-passdb0-32bit-4.4.2-31.1
libsamba-util0-4.4.2-31.1
libsamba-util0-32bit-4.4.2-31.1
libsamdb0-4.4.2-31.1
libsamdb0-32bit-4.4.2-31.1
libsmbclient0-4.4.2-31.1
libsmbclient0-32bit-4.4.2-31.1
libsmbconf0-4.4.2-31.1
libsmbconf0-32bit-4.4.2-31.1
libsmbldap0-4.4.2-31.1
libsmbldap0-32bit-4.4.2-31.1
libtevent-util0-4.4.2-31.1
libtevent-util0-32bit-4.4.2-31.1
libwbclient0-4.4.2-31.1
libwbclient0-32bit-4.4.2-31.1
samba-4.4.2-31.1
samba-client-4.4.2-31.1
samba-client-32bit-4.4.2-31.1
samba-doc-4.4.2-31.1
samba-libs-4.4.2-31.1
samba-libs-32bit-4.4.2-31.1
samba-winbind-4.4.2-31.1
samba-winbind-32bit-4.4.2-31.1
SUSE Linux Enterprise High Availability Extension 12 SP2
ctdb-4.4.2-31.1
SUSE Linux Enterprise Server 12 SP2
libdcerpc-binding0-4.4.2-31.1
libdcerpc-binding0-32bit-4.4.2-31.1
libdcerpc0-4.4.2-31.1
libdcerpc0-32bit-4.4.2-31.1
libndr-krb5pac0-4.4.2-31.1
libndr-krb5pac0-32bit-4.4.2-31.1
libndr-nbt0-4.4.2-31.1
libndr-nbt0-32bit-4.4.2-31.1
libndr-standard0-4.4.2-31.1
libndr-standard0-32bit-4.4.2-31.1
libndr0-4.4.2-31.1
libndr0-32bit-4.4.2-31.1
libnetapi0-4.4.2-31.1
libnetapi0-32bit-4.4.2-31.1
libsamba-credentials0-4.4.2-31.1
libsamba-credentials0-32bit-4.4.2-31.1
libsamba-errors0-4.4.2-31.1
libsamba-errors0-32bit-4.4.2-31.1
libsamba-hostconfig0-4.4.2-31.1
libsamba-hostconfig0-32bit-4.4.2-31.1
libsamba-passdb0-4.4.2-31.1
libsamba-passdb0-32bit-4.4.2-31.1
libsamba-util0-4.4.2-31.1
libsamba-util0-32bit-4.4.2-31.1
libsamdb0-4.4.2-31.1
libsamdb0-32bit-4.4.2-31.1
libsmbclient0-4.4.2-31.1
libsmbclient0-32bit-4.4.2-31.1
libsmbconf0-4.4.2-31.1
libsmbconf0-32bit-4.4.2-31.1
libsmbldap0-4.4.2-31.1
libsmbldap0-32bit-4.4.2-31.1
libtevent-util0-4.4.2-31.1
libtevent-util0-32bit-4.4.2-31.1
libwbclient0-4.4.2-31.1
libwbclient0-32bit-4.4.2-31.1
samba-4.4.2-31.1
samba-client-4.4.2-31.1
samba-client-32bit-4.4.2-31.1
samba-doc-4.4.2-31.1
samba-libs-4.4.2-31.1
samba-libs-32bit-4.4.2-31.1
samba-winbind-4.4.2-31.1
samba-winbind-32bit-4.4.2-31.1
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
libdcerpc-binding0-4.4.2-31.1
libdcerpc0-4.4.2-31.1
libndr-krb5pac0-4.4.2-31.1
libndr-nbt0-4.4.2-31.1
libndr-standard0-4.4.2-31.1
libndr0-4.4.2-31.1
libnetapi0-4.4.2-31.1
libsamba-credentials0-4.4.2-31.1
libsamba-errors0-4.4.2-31.1
libsamba-hostconfig0-4.4.2-31.1
libsamba-passdb0-4.4.2-31.1
libsamba-util0-4.4.2-31.1
libsamdb0-4.4.2-31.1
libsmbclient0-4.4.2-31.1
libsmbconf0-4.4.2-31.1
libsmbldap0-4.4.2-31.1
libtevent-util0-4.4.2-31.1
libwbclient0-4.4.2-31.1
samba-4.4.2-31.1
samba-client-4.4.2-31.1
samba-doc-4.4.2-31.1
samba-libs-4.4.2-31.1
samba-winbind-4.4.2-31.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2
libdcerpc-binding0-4.4.2-31.1
libdcerpc-binding0-32bit-4.4.2-31.1
libdcerpc0-4.4.2-31.1
libdcerpc0-32bit-4.4.2-31.1
libndr-krb5pac0-4.4.2-31.1
libndr-krb5pac0-32bit-4.4.2-31.1
libndr-nbt0-4.4.2-31.1
libndr-nbt0-32bit-4.4.2-31.1
libndr-standard0-4.4.2-31.1
libndr-standard0-32bit-4.4.2-31.1
libndr0-4.4.2-31.1
libndr0-32bit-4.4.2-31.1
libnetapi0-4.4.2-31.1
libnetapi0-32bit-4.4.2-31.1
libsamba-credentials0-4.4.2-31.1
libsamba-credentials0-32bit-4.4.2-31.1
libsamba-errors0-4.4.2-31.1
libsamba-errors0-32bit-4.4.2-31.1
libsamba-hostconfig0-4.4.2-31.1
libsamba-hostconfig0-32bit-4.4.2-31.1
libsamba-passdb0-4.4.2-31.1
libsamba-passdb0-32bit-4.4.2-31.1
libsamba-util0-4.4.2-31.1
libsamba-util0-32bit-4.4.2-31.1
libsamdb0-4.4.2-31.1
libsamdb0-32bit-4.4.2-31.1
libsmbclient0-4.4.2-31.1
libsmbclient0-32bit-4.4.2-31.1
libsmbconf0-4.4.2-31.1
libsmbconf0-32bit-4.4.2-31.1
libsmbldap0-4.4.2-31.1
libsmbldap0-32bit-4.4.2-31.1
libtevent-util0-4.4.2-31.1
libtevent-util0-32bit-4.4.2-31.1
libwbclient0-4.4.2-31.1
libwbclient0-32bit-4.4.2-31.1
samba-4.4.2-31.1
samba-client-4.4.2-31.1
samba-client-32bit-4.4.2-31.1
samba-doc-4.4.2-31.1
samba-libs-4.4.2-31.1
samba-libs-32bit-4.4.2-31.1
samba-winbind-4.4.2-31.1
samba-winbind-32bit-4.4.2-31.1
SUSE Linux Enterprise Software Development Kit 12 SP2
libsmbclient-devel-4.4.2-31.1
libwbclient-devel-4.4.2-31.1
Ссылки
- Link for SUSE-SU-2016:3271-1
- E-Mail link for SUSE-SU-2016:3271-1
- SUSE Security Ratings
- SUSE Bug 1009085
- SUSE Bug 1014437
- SUSE Bug 1014441
- SUSE Bug 1014442
- SUSE CVE CVE-2016-2123 page
- SUSE CVE CVE-2016-2125 page
- SUSE CVE CVE-2016-2126 page
Описание
A flaw was found in samba versions 4.0.0 to 4.5.2. The Samba routine ndr_pull_dnsp_name contains an integer wrap problem, leading to an attacker-controlled memory overwrite. ndr_pull_dnsp_name parses data from the Samba Active Directory ldb database. Any user who can write to the dnsRecord attribute over LDAP can trigger this memory corruption. By default, all authenticated LDAP users can write to the dnsRecord attribute on new DNS objects. This makes the defect a remote privilege escalation.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libdcerpc-binding0-32bit-4.4.2-31.1
SUSE Linux Enterprise Desktop 12 SP2:libdcerpc-binding0-4.4.2-31.1
SUSE Linux Enterprise Desktop 12 SP2:libdcerpc0-32bit-4.4.2-31.1
SUSE Linux Enterprise Desktop 12 SP2:libdcerpc0-4.4.2-31.1
Ссылки
- CVE-2016-2123
- SUSE Bug 1014437
Описание
It was found that Samba before versions 4.5.3, 4.4.8, 4.3.13 always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libdcerpc-binding0-32bit-4.4.2-31.1
SUSE Linux Enterprise Desktop 12 SP2:libdcerpc-binding0-4.4.2-31.1
SUSE Linux Enterprise Desktop 12 SP2:libdcerpc0-32bit-4.4.2-31.1
SUSE Linux Enterprise Desktop 12 SP2:libdcerpc0-4.4.2-31.1
Ссылки
- CVE-2016-2125
- SUSE Bug 1014441
Описание
Samba version 4.0.0 up to 4.5.2 is vulnerable to privilege elevation due to incorrect handling of the PAC (Privilege Attribute Certificate) checksum. A remote, authenticated, attacker can cause the winbindd process to crash using a legitimate Kerberos ticket. A local service with access to the winbindd privileged pipe can cause winbindd to cache elevated access permissions.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libdcerpc-binding0-32bit-4.4.2-31.1
SUSE Linux Enterprise Desktop 12 SP2:libdcerpc-binding0-4.4.2-31.1
SUSE Linux Enterprise Desktop 12 SP2:libdcerpc0-32bit-4.4.2-31.1
SUSE Linux Enterprise Desktop 12 SP2:libdcerpc0-4.4.2-31.1
Ссылки
- CVE-2016-2126
- SUSE Bug 1014442