Gentoo Linux Security Advisory 201612-47 - Multiple vulnerabilities have been found in Samba, the worst of which may allow execution of arbitrary code with root privileges. Versions less than 4.2.11 are affected.
a90feb7fa58b657e989e89a4f6c40472eeed2dc783afe5dad3b3e0c77040f948Ubuntu Security Notice 2950-5 - USN-2950-1 fixed vulnerabilities in Samba. USN-2950-3 updated Samba to version 4.3.9, which introduced a regression when using the ntlm_auth tool. This update fixes the problem. Jouni Knuutinen discovered that Samba contained multiple flaws in the DCE/RPC implementation. A remote attacker could use this issue to perform a denial of service, downgrade secure connections by performing a man in the middle attack, or possibly execute arbitrary code. Stefan Metzmacher discovered that Samba contained multiple flaws in the NTLMSSP authentication implementation. A remote attacker could use this issue to downgrade connections to plain text by performing a man in the middle attack. Alberto Solino discovered that a Samba domain controller would establish a secure connection to a server with a spoofed computer name. A remote attacker could use this issue to obtain sensitive information. Various other issues were also addressed.
a5115fbeb6574c22cf7909ecfb3b0b6ae9b4be9907873ac8ac4827c6e8dc2822Ubuntu Security Notice 2950-4 - USN-2950-1 fixed vulnerabilities in Samba. The backported fixes introduced in Ubuntu 12.04 LTS caused interoperability issues. This update fixes compatibility with certain NAS devices, and allows connecting to Samba 3.6 servers by relaxing the "client ipc signing" parameter to "auto". Various other issues were also addressed.
f4fd0e1458d4dd5d78caeb773aa4e0931c482552cdafe454a555c5a3054c7479Ubuntu Security Notice 2950-3 - USN-2950-1 fixed vulnerabilities in Samba. The fixes introduced in Samba 4.3.8 caused certain regressions and interoperability issues. This update resolves some of these issues by updating to Samba 4.3.9 in Ubuntu 14.04 LTS, Ubuntu 15.10 and Ubuntu 16.04 LTS. Backported regression fixes were added to Samba 3.6.25 in Ubuntu 12.04 LTS. This advisory was inadvertently published as USN-2950-2 originally. Various other issues were also addressed.
9964099b1f206087f80df7cd7fa0e5270996486fe34e8197537e2d4ab769d4abUbuntu Security Notice 2950-2 - USN-2950-1 fixed vulnerabilities in Samba. The fixes introduced in Samba 4.3.8 caused certain regressions and interoperability issues. This update resolves some of these issues by updating to Samba 4.3.9 in Ubuntu 14.04 LTS, Ubuntu 15.10 and Ubuntu 16.04 LTS. Backported regression fixes were added to Samba 3.6.25 in Ubuntu 12.04 LTS. Various other issues were also addressed.
c93cbed83234be923370d6ba5d82693b733041d4363045f33e415c791441bba2Ubuntu Security Notice 2950-2 - USN-2950-1 fixed vulnerabilities in Samba. The updated Samba packages introduced a compatibility issue with NTLM authentication in libsoup. This update fixes the problem. Jouni Knuutinen discovered that Samba contained multiple flaws in the DCE/RPC implementation. A remote attacker could use this issue to perform a denial of service, downgrade secure connections by performing a man in the middle attack, or possibly execute arbitrary code. Various other issues were also addressed.
d00c71363fd9011b1911761bd598b570e7edef600cd48c0634d3cf0850df7357Ubuntu Security Notice 2950-1 - Jouni Knuutinen discovered that Samba contained multiple flaws in the DCE/RPC implementation. A remote attacker could use this issue to perform a denial of service, downgrade secure connections by performing a man in the middle attack, or possibly execute arbitrary code. Stefan Metzmacher discovered that Samba contained multiple flaws in the NTLMSSP authentication implementation. A remote attacker could use this issue to downgrade connections to plain text by performing a man in the middle attack. Various other issues were also addressed.
7e7ea9fcd4b1fd06b83c16d90cf9d03bcaa1f0afa52f3c19687b2dd2577594b2Slackware Security Advisory - New samba packages are available for Slackware 14.0, 14.1, and -current to fix security issues.
2e1f520115dc0ce156ad8eafcb817bb0a5e79dc89363864cf265e0979131fc8aDebian Linux Security Advisory 3548-1 - Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix.
7a6a72fc4b7668bd8cbc57c97d60464eeffdb556c75c1914e8530a1e6d416eb8Red Hat Security Advisory 2016-0612-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. The following packages have been upgraded to a newer upstream version: Samba.
ffbf714b0edd288eeaf89811100e15d4b6b63a95aa4b7b155086d46d5b7e484aRed Hat Security Advisory 2016-0618-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. The following packages have been upgraded to a newer upstream version: Samba.
2ef3378782b2bc3031aa0f55cbc9dc7d137916e7c132e676b32ed6eddb2e01c8Red Hat Security Advisory 2016-0614-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. The following packages have been upgraded to a newer upstream version: Samba.
28b70dba8ec3f6d0feaab4a731c2c94f34f0c5f334aa07d08384ce1e210bdf87Red Hat Security Advisory 2016-0620-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. The following packages have been upgraded to a newer upstream version: Samba.
5f6d3d79919da700baf4893a8263b2e74e4c710da66d005f53851d9b19cbfadc
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed