Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

openSUSE-SU-2017:1415-1

Опубликовано: 26 мая 2017
Источник: suse-cvrf

Описание

Security update for samba

This update for samba fixes the following issue:

  • An unprivileged user with access to the samba server could cause smbd to load a specially crafted shared library, which then had the ability to execute arbitrary code on the server as 'root'. [CVE-2017-7494, bso#12780, bsc#1038231]

This update was imported from SUSE:SLE-12-SP1:Update project.

NOTE: This update is released in openSUSE Leap 42.1 after its official End Of Life only because of its severity and potential impact for users that have not migrated yet.

Please upgrade your openSUSE Leap 42.1 as soon as possible.

Список пакетов

openSUSE Leap 42.1
ctdb-4.2.4-33.1
ctdb-devel-4.2.4-33.1
ctdb-tests-4.2.4-33.1
libdcerpc-atsvc-devel-4.2.4-33.1
libdcerpc-atsvc0-4.2.4-33.1
libdcerpc-atsvc0-32bit-4.2.4-33.1
libdcerpc-binding0-4.2.4-33.1
libdcerpc-binding0-32bit-4.2.4-33.1
libdcerpc-devel-4.2.4-33.1
libdcerpc-samr-devel-4.2.4-33.1
libdcerpc-samr0-4.2.4-33.1
libdcerpc-samr0-32bit-4.2.4-33.1
libdcerpc0-4.2.4-33.1
libdcerpc0-32bit-4.2.4-33.1
libgensec-devel-4.2.4-33.1
libgensec0-4.2.4-33.1
libgensec0-32bit-4.2.4-33.1
libndr-devel-4.2.4-33.1
libndr-krb5pac-devel-4.2.4-33.1
libndr-krb5pac0-4.2.4-33.1
libndr-krb5pac0-32bit-4.2.4-33.1
libndr-nbt-devel-4.2.4-33.1
libndr-nbt0-4.2.4-33.1
libndr-nbt0-32bit-4.2.4-33.1
libndr-standard-devel-4.2.4-33.1
libndr-standard0-4.2.4-33.1
libndr-standard0-32bit-4.2.4-33.1
libndr0-4.2.4-33.1
libndr0-32bit-4.2.4-33.1
libnetapi-devel-4.2.4-33.1
libnetapi0-4.2.4-33.1
libnetapi0-32bit-4.2.4-33.1
libregistry-devel-4.2.4-33.1
libregistry0-4.2.4-33.1
libregistry0-32bit-4.2.4-33.1
libsamba-credentials-devel-4.2.4-33.1
libsamba-credentials0-4.2.4-33.1
libsamba-credentials0-32bit-4.2.4-33.1
libsamba-hostconfig-devel-4.2.4-33.1
libsamba-hostconfig0-4.2.4-33.1
libsamba-hostconfig0-32bit-4.2.4-33.1
libsamba-passdb-devel-4.2.4-33.1
libsamba-passdb0-4.2.4-33.1
libsamba-passdb0-32bit-4.2.4-33.1
libsamba-policy-devel-4.2.4-33.1
libsamba-policy0-4.2.4-33.1
libsamba-policy0-32bit-4.2.4-33.1
libsamba-util-devel-4.2.4-33.1
libsamba-util0-4.2.4-33.1
libsamba-util0-32bit-4.2.4-33.1
libsamdb-devel-4.2.4-33.1
libsamdb0-4.2.4-33.1
libsamdb0-32bit-4.2.4-33.1
libsmbclient-devel-4.2.4-33.1
libsmbclient-raw-devel-4.2.4-33.1
libsmbclient-raw0-4.2.4-33.1
libsmbclient-raw0-32bit-4.2.4-33.1
libsmbclient0-4.2.4-33.1
libsmbclient0-32bit-4.2.4-33.1
libsmbconf-devel-4.2.4-33.1
libsmbconf0-4.2.4-33.1
libsmbconf0-32bit-4.2.4-33.1
libsmbldap-devel-4.2.4-33.1
libsmbldap0-4.2.4-33.1
libsmbldap0-32bit-4.2.4-33.1
libtevent-util-devel-4.2.4-33.1
libtevent-util0-4.2.4-33.1
libtevent-util0-32bit-4.2.4-33.1
libwbclient-devel-4.2.4-33.1
libwbclient0-4.2.4-33.1
libwbclient0-32bit-4.2.4-33.1
samba-4.2.4-33.1
samba-32bit-4.2.4-33.1
samba-client-4.2.4-33.1
samba-client-32bit-4.2.4-33.1
samba-core-devel-4.2.4-33.1
samba-doc-4.2.4-33.1
samba-libs-4.2.4-33.1
samba-libs-32bit-4.2.4-33.1
samba-pidl-4.2.4-33.1
samba-python-4.2.4-33.1
samba-test-4.2.4-33.1
samba-test-devel-4.2.4-33.1
samba-winbind-4.2.4-33.1
samba-winbind-32bit-4.2.4-33.1

Ссылки

Описание

Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.

Затронутые продукты
openSUSE Leap 42.1:ctdb-4.2.4-33.1
openSUSE Leap 42.1:ctdb-devel-4.2.4-33.1
openSUSE Leap 42.1:ctdb-tests-4.2.4-33.1
openSUSE Leap 42.1:libdcerpc-atsvc-devel-4.2.4-33.1
Ссылки