Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2020:14525-1

Опубликовано: 30 окт. 2020
Источник: suse-cvrf

Описание

Security update for samba

This update for samba fixes the following issues:

  • CVE-2020-14323: Unprivileged user can crash winbind (bsc#1173994).
  • CVE-2020-14318: Missing permissions check in SMB1/2/3 ChangeNotify (bsc#1173902).

Список пакетов

SUSE Linux Enterprise Point of Sale 11 SP3
ldapsmb-1.34b-94.31.1
libldb1-3.6.3-94.31.1
libsmbclient0-3.6.3-94.31.1
libtalloc2-3.6.3-94.31.1
libtdb1-3.6.3-94.31.1
libtevent0-3.6.3-94.31.1
libwbclient0-3.6.3-94.31.1
samba-3.6.3-94.31.1
samba-client-3.6.3-94.31.1
samba-doc-3.6.3-94.31.1
samba-krb-printing-3.6.3-94.31.1
samba-winbind-3.6.3-94.31.1
SUSE Linux Enterprise Server 11 SP4-LTSS
ldapsmb-1.34b-94.31.1
libldb1-3.6.3-94.31.1
libsmbclient0-3.6.3-94.31.1
libsmbclient0-32bit-3.6.3-94.31.1
libtalloc2-3.6.3-94.31.1
libtalloc2-32bit-3.6.3-94.31.1
libtdb1-3.6.3-94.31.1
libtdb1-32bit-3.6.3-94.31.1
libtevent0-3.6.3-94.31.1
libtevent0-32bit-3.6.3-94.31.1
libwbclient0-3.6.3-94.31.1
libwbclient0-32bit-3.6.3-94.31.1
samba-3.6.3-94.31.1
samba-32bit-3.6.3-94.31.1
samba-client-3.6.3-94.31.1
samba-client-32bit-3.6.3-94.31.1
samba-doc-3.6.3-94.31.1
samba-krb-printing-3.6.3-94.31.1
samba-winbind-3.6.3-94.31.1
samba-winbind-32bit-3.6.3-94.31.1

Ссылки

Описание

A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be unavailable to the attacker.

Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:ldapsmb-1.34b-94.31.1
SUSE Linux Enterprise Point of Sale 11 SP3:libldb1-3.6.3-94.31.1
SUSE Linux Enterprise Point of Sale 11 SP3:libsmbclient0-3.6.3-94.31.1
SUSE Linux Enterprise Point of Sale 11 SP3:libtalloc2-3.6.3-94.31.1
Ссылки

Описание

A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1. A local user could use this flaw to crash the winbind service causing denial of service.

Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:ldapsmb-1.34b-94.31.1
SUSE Linux Enterprise Point of Sale 11 SP3:libldb1-3.6.3-94.31.1
SUSE Linux Enterprise Point of Sale 11 SP3:libsmbclient0-3.6.3-94.31.1
SUSE Linux Enterprise Point of Sale 11 SP3:libtalloc2-3.6.3-94.31.1
Ссылки