Описание
Security update for samba
This update for samba provides the following fixes:
Security issues fixed:
- CVE-2016-2125: Don't send delegated credentials to all servers. (bsc#1014441)
- CVE-2016-2126: Prevent denial of service due to a client triggered crash in the winbindd parent process. (bsc#1014442)
Non security issues fixed:
- Allow SESSION KEY setup without signing. (bsc#1009711)
- Fix crash bug in tevent_queue_immediate_trigger(). (bsc#1003731)
- Don't fail when using default domain with user@domain.com format. (bsc#997833)
- Prevent core, make sure response->extra_data.data is always cleared out. (bsc#993692)
- Honor smb.conf socket options in winbind. (bsc#975131)
- Fix crash with net rpc join. (bsc#978898)
- Fix a regression verifying the security trailer. (bsc#978898)
- Fix updating netlogon credentials. (bsc#978898)
Список пакетов
SUSE Linux Enterprise Server 11 SP2-LTSS
Ссылки
- Link for SUSE-SU-2016:3300-1
- E-Mail link for SUSE-SU-2016:3300-1
- SUSE Security Ratings
- SUSE Bug 1003731
- SUSE Bug 1009711
- SUSE Bug 1014441
- SUSE Bug 1014442
- SUSE Bug 975131
- SUSE Bug 978898
- SUSE Bug 993692
- SUSE Bug 997833
- SUSE CVE CVE-2016-2125 page
- SUSE CVE CVE-2016-2126 page
Описание
It was found that Samba before versions 4.5.3, 4.4.8, 4.3.13 always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users.
Затронутые продукты
Ссылки
- CVE-2016-2125
- SUSE Bug 1014441
Описание
Samba version 4.0.0 up to 4.5.2 is vulnerable to privilege elevation due to incorrect handling of the PAC (Privilege Attribute Certificate) checksum. A remote, authenticated, attacker can cause the winbindd process to crash using a legitimate Kerberos ticket. A local service with access to the winbindd privileged pipe can cause winbindd to cache elevated access permissions.
Затронутые продукты
Ссылки
- CVE-2016-2126
- SUSE Bug 1014442