Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

openSUSE-SU-2017:3143-1

Опубликовано: 29 нояб. 2017
Источник: suse-cvrf

Описание

Security update for samba

This update for samba fixes the following issues:

Security issues fixed:

  • CVE-2017-14746: Use-after-free vulnerability (bsc#1060427).
  • CVE-2017-15275: Server heap memory information leak (bsc#1063008).
  • CVE-2017-12163: Prevent client short SMB1 write from writing server memory to file (bsc#1058624).
  • CVE-2017-12151: Keep required encryption across SMB3 dfs redirects (bsc#1058565).
  • CVE-2017-12150: Some code path don't enforce smb signing when they should (bsc#1058565).

Bug fixes:

This update was imported from the SUSE:SLE-12-SP3:Update update project.

Список пакетов

openSUSE Leap 42.3
ctdb-4.6.9+git.59.c2cff9cea4c-9.1
ctdb-tests-4.6.9+git.59.c2cff9cea4c-9.1
libdcerpc-binding0-4.6.9+git.59.c2cff9cea4c-9.1
libdcerpc-binding0-32bit-4.6.9+git.59.c2cff9cea4c-9.1
libdcerpc-devel-4.6.9+git.59.c2cff9cea4c-9.1
libdcerpc-samr-devel-4.6.9+git.59.c2cff9cea4c-9.1
libdcerpc-samr0-4.6.9+git.59.c2cff9cea4c-9.1
libdcerpc-samr0-32bit-4.6.9+git.59.c2cff9cea4c-9.1
libdcerpc0-4.6.9+git.59.c2cff9cea4c-9.1
libdcerpc0-32bit-4.6.9+git.59.c2cff9cea4c-9.1
libndr-devel-4.6.9+git.59.c2cff9cea4c-9.1
libndr-krb5pac-devel-4.6.9+git.59.c2cff9cea4c-9.1
libndr-krb5pac0-4.6.9+git.59.c2cff9cea4c-9.1
libndr-krb5pac0-32bit-4.6.9+git.59.c2cff9cea4c-9.1
libndr-nbt-devel-4.6.9+git.59.c2cff9cea4c-9.1
libndr-nbt0-4.6.9+git.59.c2cff9cea4c-9.1
libndr-nbt0-32bit-4.6.9+git.59.c2cff9cea4c-9.1
libndr-standard-devel-4.6.9+git.59.c2cff9cea4c-9.1
libndr-standard0-4.6.9+git.59.c2cff9cea4c-9.1
libndr-standard0-32bit-4.6.9+git.59.c2cff9cea4c-9.1
libndr0-4.6.9+git.59.c2cff9cea4c-9.1
libndr0-32bit-4.6.9+git.59.c2cff9cea4c-9.1
libnetapi-devel-4.6.9+git.59.c2cff9cea4c-9.1
libnetapi0-4.6.9+git.59.c2cff9cea4c-9.1
libnetapi0-32bit-4.6.9+git.59.c2cff9cea4c-9.1
libsamba-credentials-devel-4.6.9+git.59.c2cff9cea4c-9.1
libsamba-credentials0-4.6.9+git.59.c2cff9cea4c-9.1
libsamba-credentials0-32bit-4.6.9+git.59.c2cff9cea4c-9.1
libsamba-errors-devel-4.6.9+git.59.c2cff9cea4c-9.1
libsamba-errors0-4.6.9+git.59.c2cff9cea4c-9.1
libsamba-errors0-32bit-4.6.9+git.59.c2cff9cea4c-9.1
libsamba-hostconfig-devel-4.6.9+git.59.c2cff9cea4c-9.1
libsamba-hostconfig0-4.6.9+git.59.c2cff9cea4c-9.1
libsamba-hostconfig0-32bit-4.6.9+git.59.c2cff9cea4c-9.1
libsamba-passdb-devel-4.6.9+git.59.c2cff9cea4c-9.1
libsamba-passdb0-4.6.9+git.59.c2cff9cea4c-9.1
libsamba-passdb0-32bit-4.6.9+git.59.c2cff9cea4c-9.1
libsamba-policy-devel-4.6.9+git.59.c2cff9cea4c-9.1
libsamba-policy0-4.6.9+git.59.c2cff9cea4c-9.1
libsamba-policy0-32bit-4.6.9+git.59.c2cff9cea4c-9.1
libsamba-util-devel-4.6.9+git.59.c2cff9cea4c-9.1
libsamba-util0-4.6.9+git.59.c2cff9cea4c-9.1
libsamba-util0-32bit-4.6.9+git.59.c2cff9cea4c-9.1
libsamdb-devel-4.6.9+git.59.c2cff9cea4c-9.1
libsamdb0-4.6.9+git.59.c2cff9cea4c-9.1
libsamdb0-32bit-4.6.9+git.59.c2cff9cea4c-9.1
libsmbclient-devel-4.6.9+git.59.c2cff9cea4c-9.1
libsmbclient0-4.6.9+git.59.c2cff9cea4c-9.1
libsmbclient0-32bit-4.6.9+git.59.c2cff9cea4c-9.1
libsmbconf-devel-4.6.9+git.59.c2cff9cea4c-9.1
libsmbconf0-4.6.9+git.59.c2cff9cea4c-9.1
libsmbconf0-32bit-4.6.9+git.59.c2cff9cea4c-9.1
libsmbldap-devel-4.6.9+git.59.c2cff9cea4c-9.1
libsmbldap0-4.6.9+git.59.c2cff9cea4c-9.1
libsmbldap0-32bit-4.6.9+git.59.c2cff9cea4c-9.1
libtevent-util-devel-4.6.9+git.59.c2cff9cea4c-9.1
libtevent-util0-4.6.9+git.59.c2cff9cea4c-9.1
libtevent-util0-32bit-4.6.9+git.59.c2cff9cea4c-9.1
libwbclient-devel-4.6.9+git.59.c2cff9cea4c-9.1
libwbclient0-4.6.9+git.59.c2cff9cea4c-9.1
libwbclient0-32bit-4.6.9+git.59.c2cff9cea4c-9.1
samba-4.6.9+git.59.c2cff9cea4c-9.1
samba-ceph-4.6.9+git.59.c2cff9cea4c-9.1
samba-client-4.6.9+git.59.c2cff9cea4c-9.1
samba-client-32bit-4.6.9+git.59.c2cff9cea4c-9.1
samba-core-devel-4.6.9+git.59.c2cff9cea4c-9.1
samba-doc-4.6.9+git.59.c2cff9cea4c-9.1
samba-libs-4.6.9+git.59.c2cff9cea4c-9.1
samba-libs-32bit-4.6.9+git.59.c2cff9cea4c-9.1
samba-pidl-4.6.9+git.59.c2cff9cea4c-9.1
samba-python-4.6.9+git.59.c2cff9cea4c-9.1
samba-test-4.6.9+git.59.c2cff9cea4c-9.1
samba-winbind-4.6.9+git.59.c2cff9cea4c-9.1
samba-winbind-32bit-4.6.9+git.59.c2cff9cea4c-9.1

Ссылки

Описание

It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text.

Затронутые продукты
openSUSE Leap 42.3:ctdb-4.6.9+git.59.c2cff9cea4c-9.1
openSUSE Leap 42.3:ctdb-tests-4.6.9+git.59.c2cff9cea4c-9.1
openSUSE Leap 42.3:libdcerpc-binding0-32bit-4.6.9+git.59.c2cff9cea4c-9.1
openSUSE Leap 42.3:libdcerpc-binding0-4.6.9+git.59.c2cff9cea4c-9.1
Ссылки

Описание

A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3. The connection could lose the requirement for signing and encrypting to any DFS redirects, allowing an attacker to read or alter the contents of the connection via a man-in-the-middle attack.

Затронутые продукты
openSUSE Leap 42.3:ctdb-4.6.9+git.59.c2cff9cea4c-9.1
openSUSE Leap 42.3:ctdb-tests-4.6.9+git.59.c2cff9cea4c-9.1
openSUSE Leap 42.3:libdcerpc-binding0-32bit-4.6.9+git.59.c2cff9cea4c-9.1
openSUSE Leap 42.3:libdcerpc-binding0-4.6.9+git.59.c2cff9cea4c-9.1
Ссылки

Описание

An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server memory cannot be controlled by the attacker.

Затронутые продукты
openSUSE Leap 42.3:ctdb-4.6.9+git.59.c2cff9cea4c-9.1
openSUSE Leap 42.3:ctdb-tests-4.6.9+git.59.c2cff9cea4c-9.1
openSUSE Leap 42.3:libdcerpc-binding0-32bit-4.6.9+git.59.c2cff9cea4c-9.1
openSUSE Leap 42.3:libdcerpc-binding0-4.6.9+git.59.c2cff9cea4c-9.1
Ссылки

Описание

Use-after-free vulnerability in Samba 4.x before 4.7.3 allows remote attackers to execute arbitrary code via a crafted SMB1 request.

Затронутые продукты
openSUSE Leap 42.3:ctdb-4.6.9+git.59.c2cff9cea4c-9.1
openSUSE Leap 42.3:ctdb-tests-4.6.9+git.59.c2cff9cea4c-9.1
openSUSE Leap 42.3:libdcerpc-binding0-32bit-4.6.9+git.59.c2cff9cea4c-9.1
openSUSE Leap 42.3:libdcerpc-binding0-4.6.9+git.59.c2cff9cea4c-9.1
Ссылки

Описание

Samba before 4.7.3 might allow remote attackers to obtain sensitive information by leveraging failure of the server to clear allocated heap memory.

Затронутые продукты
openSUSE Leap 42.3:ctdb-4.6.9+git.59.c2cff9cea4c-9.1
openSUSE Leap 42.3:ctdb-tests-4.6.9+git.59.c2cff9cea4c-9.1
openSUSE Leap 42.3:libdcerpc-binding0-32bit-4.6.9+git.59.c2cff9cea4c-9.1
openSUSE Leap 42.3:libdcerpc-binding0-4.6.9+git.59.c2cff9cea4c-9.1
Ссылки
Уязвимость openSUSE-SU-2017:3143-1