Gentoo Linux Security Advisory 201805-7 - Multiple vulnerabilities have been found in Samba, the worst of which may allow remote execution of arbitrary code. Versions less than 4.5.16 are affected.
75d9dc5f4726c1960e8dac452254838989ffb7cf7b89fa278040830e69875411Ubuntu Security Notice 3092-1 - Stefan Metzmacher discovered that Samba incorrectly handled certain flags in SMB2/3 client connections. A remote attacker could use this issue to disable client signing and impersonate servers by performing a man in the middle attack. Samba has been updated to 4.3.11 in Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. In addition to the security fix, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.
4edf165016c2460e921c064dc440ed429814ccfc70919740ee86f63fba19fc88Red Hat Security Advisory 2016-1487-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. Security Fix: A flaw was found in the way Samba initiated signed DCE/RPC connections. A man-in-the-middle attacker could use this flaw to downgrade the connection to not use signing and therefore impersonate the server.
5e149d7d0af0e12329b4e2d54c27f621fef270d560e4bea0d0871820b9af36c1Red Hat Security Advisory 2016-1486-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: A flaw was found in the way Samba initiated signed DCE/RPC connections. A man-in-the-middle attacker could use this flaw to downgrade the connection to not use signing and therefore impersonate the server.
e4d411131b152ada7bd72521ea7818502f22e7501a4ad8fa7818025ec57a02bdRed Hat Security Advisory 2016-1494-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: A flaw was found in the way Samba initiated signed DCE/RPC connections. A man-in-the-middle attacker could use this flaw to downgrade the connection to not use signing and therefore impersonate the server.
ae73f277b2b57b9d044f50b51c1a5f666f6be797d89161738790ac2e2a367b22Slackware Security Advisory - New samba packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
a4a3a70ca1a42d644725180603d6190f620e2f0a99df1f407422a09ba95ae5b8
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed