Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

openSUSE-SU-2018:2400-1

Опубликовано: 17 авг. 2018
Источник: suse-cvrf

Описание

Security update for samba

This update for samba fixes the following issues:

The following security vulnerabilities were fixed:

  • CVE-2018-1139: Disable NTLMv1 auth if smb.conf doesn't allow it; (bsc#1095048)
  • CVE-2018-1140: ldbsearch '(distinguishedName=abc)' and DNS query with escapes crashes; (bsc#1095056)
  • CVE-2018-10919: Confidential attribute disclosure via substring search; (bsc#1095057)
  • CVE-2018-10858: smbc_urlencode helper function is a subject to buffer overflow; (bsc#1103411)
  • CVE-2018-10918: Fix NULL ptr dereference in DsCrackNames on a user without a SPN; (bsc#1103414)

This update was imported from the SUSE:SLE-15:Update update project.

Список пакетов

openSUSE Leap 15.0
ctdb-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
ctdb-pcp-pmda-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
ctdb-tests-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libdcerpc-binding0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libdcerpc-binding0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libdcerpc-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libdcerpc-samr-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libdcerpc-samr0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libdcerpc-samr0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libdcerpc0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libdcerpc0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libndr-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libndr-krb5pac-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libndr-krb5pac0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libndr-krb5pac0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libndr-nbt-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libndr-nbt0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libndr-nbt0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libndr-standard-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libndr-standard0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libndr-standard0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libndr0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libndr0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libnetapi-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libnetapi0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libnetapi0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libsamba-credentials-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libsamba-credentials0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libsamba-credentials0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libsamba-errors-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libsamba-errors0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libsamba-errors0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libsamba-hostconfig-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libsamba-hostconfig0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libsamba-hostconfig0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libsamba-passdb-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libsamba-passdb0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libsamba-passdb0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libsamba-policy-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libsamba-policy0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libsamba-policy0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libsamba-util-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libsamba-util0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libsamba-util0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libsamdb-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libsamdb0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libsamdb0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libsmbclient-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libsmbclient0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libsmbclient0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libsmbconf-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libsmbconf0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libsmbconf0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libsmbldap-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libsmbldap2-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libsmbldap2-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libtevent-util-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libtevent-util0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libtevent-util0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libwbclient-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libwbclient0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
libwbclient0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
samba-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
samba-ceph-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
samba-client-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
samba-client-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
samba-core-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
samba-doc-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
samba-dsdb-modules-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
samba-kdc-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
samba-kdc-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
samba-libs-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
samba-libs-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
samba-pidl-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
samba-python-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
samba-test-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
samba-winbind-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
samba-winbind-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1

Ссылки

Описание

A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.

Затронутые продукты
openSUSE Leap 15.0:ctdb-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
openSUSE Leap 15.0:ctdb-pcp-pmda-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
openSUSE Leap 15.0:ctdb-tests-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
openSUSE Leap 15.0:libdcerpc-binding0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
Ссылки

Описание

A null pointer dereference flaw was found in the way samba checked database outputs from the LDB database layer. An authenticated attacker could use this flaw to crash a samba server in an Active Directory Domain Controller configuration. Samba versions before 4.7.9 and 4.8.4 are vulnerable.

Затронутые продукты
openSUSE Leap 15.0:ctdb-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
openSUSE Leap 15.0:ctdb-pcp-pmda-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
openSUSE Leap 15.0:ctdb-tests-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
openSUSE Leap 15.0:libdcerpc-binding0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
Ссылки

Описание

The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks. An authenticated attacker could use this flaw to extract confidential attribute values using LDAP search expressions. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.

Затронутые продукты
openSUSE Leap 15.0:ctdb-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
openSUSE Leap 15.0:ctdb-pcp-pmda-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
openSUSE Leap 15.0:ctdb-tests-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
openSUSE Leap 15.0:libdcerpc-binding0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
Ссылки

Описание

A flaw was found in the way samba before 4.7.9 and 4.8.4 allowed the use of weak NTLMv1 authentication even when NTLMv1 was explicitly disabled. A man-in-the-middle attacker could use this flaw to read the credential and other details passed between the samba server and client.

Затронутые продукты
openSUSE Leap 15.0:ctdb-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
openSUSE Leap 15.0:ctdb-pcp-pmda-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
openSUSE Leap 15.0:ctdb-tests-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
openSUSE Leap 15.0:libdcerpc-binding0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
Ссылки

Описание

A missing input sanitization flaw was found in the implementation of LDP database used for the LDAP server. An attacker could use this flaw to cause a denial of service against a samba server, used as a Active Directory Domain Controller. All versions of Samba from 4.8.0 onwards are vulnerable

Затронутые продукты
openSUSE Leap 15.0:ctdb-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
openSUSE Leap 15.0:ctdb-pcp-pmda-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
openSUSE Leap 15.0:ctdb-tests-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
openSUSE Leap 15.0:libdcerpc-binding0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1
Ссылки
Уязвимость openSUSE-SU-2018:2400-1