[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

RHSA-2016:0611-01 -- Redhat samba

ID: oval:org.secpod.oval:def:501805Date: (C)2016-04-13   (M)2023-12-20
Class: PATCHFamily: unix




Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: * Multiple flaws were found in Samba"s DCE/RPC protocol implementation. A remote, authenticated attacker could use these flaws to cause a denial of service against the Samba server or, possibly, execute arbitrary code with the permissions of the user running Samba . This flaw could also be used to downgrade a secure DCE/RPC connection by a man-in-the-middle attacker taking control of an Active Directory object and compromising the security of a Samba Active Directory Domain Controller . Note: While Samba packages as shipped in Red Hat Enterprise Linux do not support running Samba as an AD DC, this flaw applies to all roles Samba implements. * A protocol flaw, publicly referred to as Badlock, was found in the Security Account Manager Remote Protocol and the Local Security Authority Remote Protocol . Any authenticated DCE/RPC connection that a client initiates against a server could be used by a man-in-the-middle attacker to impersonate the authenticated user against the SAMR or LSA service on the server. As a result, the attacker would be able to get read/write access to the Security Account Manager database, and use this to reveal all passwords or any other potentially sensitive information in that database. * It was discovered that Samba configured as a Domain Controller would establish a secure communication channel with a machine using a spoofed computer name. A remote attacker able to observe network traffic could use this flaw to obtain session-related information about the spoofed machine. * It was found that Samba"s LDAP implementation did not enforce integrity protection for LDAP connections. A man-in-the-middle attacker could use this flaw to downgrade LDAP connections to use no integrity protection, allowing them to hijack such connections. * It was found that Samba did not enable integrity protection for IPC traffic by default. A man-in-the-middle attacker could use this flaw to view and modify the data sent between a Samba server and a client. Red Hat would like to thank the Samba project for reporting these issues. Upstream acknowledges Jouni Knuutinen as the original reporter of CVE-2015-5370; and Stefan Metzmacher as the original reporter of CVE-2016-2118, CVE-2016-2112, and CVE-2016-2115.

Platform:
Red Hat Enterprise Linux 6
Product:
samba
Reference:
RHSA-2016:0611-01
CVE-2015-5370
CVE-2016-2111
CVE-2016-2112
CVE-2016-2115
CVE-2016-2118
CVE-2016-2110
CVE    6
CVE-2016-2118
CVE-2016-2115
CVE-2016-2110
CVE-2016-2111
...
CPE    2
cpe:/o:redhat:enterprise_linux:6
cpe:/a:samba:samba

© SecPod Technologies