Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Ausführen beliebiger Kommandos in Samba
Aktuelle Meldungen Distributionen
Name: Ausführen beliebiger Kommandos in Samba
ID: MDVSA-2015:081
Distribution: Mandriva
Plattformen: Mandriva Business Server 1.0
Datum: Sa, 28. März 2015, 11:00
Referenzen: http://advisories.mageia.org/MGASA-2015-0084.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0240

Originalnachricht

This is a multi-part message in MIME format...

------------=_1427530171-3111-3

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:081
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : samba
Date : March 28, 2015
Affected: Business Server 1.0
_______________________________________________________________________

Problem Description:

Updated samba packages fix security vulnerabilities:

An uninitialized pointer use flaw was found in the Samba daemon
(smbd). A malicious Samba client could send specially crafted netlogon
packets that, when processed by smbd, could potentially lead to
arbitrary code execution with the privileges of the user running smbd
(by default, the root user) (CVE-2015-0240).
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0240
http://advisories.mageia.org/MGASA-2015-0084.html
_______________________________________________________________________

Updated Packages:

Mandriva Business Server 1/X86_64:
4ac8f8f9652ad4ca155e19153c6899c8
mbs1/x86_64/lib64netapi0-3.6.25-1.mbs1.x86_64.rpm
70811f103aaf352706212264cd1bdd07
mbs1/x86_64/lib64netapi-devel-3.6.25-1.mbs1.x86_64.rpm
124038bf590e4b24d44032ff319877cb
mbs1/x86_64/lib64smbclient0-3.6.25-1.mbs1.x86_64.rpm
8654538cb5fe0ec9f4e1f843b48bfe3e
mbs1/x86_64/lib64smbclient0-devel-3.6.25-1.mbs1.x86_64.rpm
0a0b66090334e58925651eaf5a93db4b
mbs1/x86_64/lib64smbclient0-static-devel-3.6.25-1.mbs1.x86_64.rpm
af20d1ba0b94c53e49dcd62e9dc2862b
mbs1/x86_64/lib64smbsharemodes0-3.6.25-1.mbs1.x86_64.rpm
5e52b9faf84405b9082073077e573b2c
mbs1/x86_64/lib64smbsharemodes-devel-3.6.25-1.mbs1.x86_64.rpm
46a0608a84712e469dd32918391e8c3d
mbs1/x86_64/lib64wbclient0-3.6.25-1.mbs1.x86_64.rpm
b9244f130c1bdfc160d3d720088e38ba
mbs1/x86_64/lib64wbclient-devel-3.6.25-1.mbs1.x86_64.rpm
c715497f62eeeafa889ff7471c79bdfc
mbs1/x86_64/nss_wins-3.6.25-1.mbs1.x86_64.rpm
d22d02173ec97c95eb7328024b9e82ee
mbs1/x86_64/samba-client-3.6.25-1.mbs1.x86_64.rpm
00bd57d9b85d09366628b1f46505bd85
mbs1/x86_64/samba-common-3.6.25-1.mbs1.x86_64.rpm
9d4637b0de9d912bcd5506fed360d0a2
mbs1/x86_64/samba-doc-3.6.25-1.mbs1.noarch.rpm
7d7f6be0de70100422674ae8cf5172a5
mbs1/x86_64/samba-domainjoin-gui-3.6.25-1.mbs1.x86_64.rpm
55ea454169eb18e357a656872b9b6254
mbs1/x86_64/samba-server-3.6.25-1.mbs1.x86_64.rpm
8ee941751deb9362569b7d6396747408
mbs1/x86_64/samba-swat-3.6.25-1.mbs1.x86_64.rpm
05f58113d2b78614278ee9698d297e49
mbs1/x86_64/samba-virusfilter-clamav-3.6.25-1.mbs1.x86_64.rpm
c8ed9bb7d1636d82ca1aad0100d058a4
mbs1/x86_64/samba-virusfilter-fsecure-3.6.25-1.mbs1.x86_64.rpm
658617b2a62a7aba97bba8a0b81e2962
mbs1/x86_64/samba-virusfilter-sophos-3.6.25-1.mbs1.x86_64.rpm
c8071cdc97727ad4749c522f8eb7e1ba
mbs1/x86_64/samba-winbind-3.6.25-1.mbs1.x86_64.rpm
ee22c6311d482ec4a8358d2d4a2a48e0 mbs1/SRPMS/samba-3.6.25-1.mbs1.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/en/support/security/advisories/

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iD8DBQFVFlNBmqjQ0CJFipgRAne5AJ4l/PaNKpbcDYC6cDmOgUTaiaedoACgm+Bk
2v2AIePJXBUsvmVJ9qs7z0M=
=ZeNI
-----END PGP SIGNATURE-----


------------=_1427530171-3111-3
Content-Type: text/plain; charset="UTF-8";
name="message-footer.txt"
Content-Disposition: inline; filename="message-footer.txt"
Content-Transfer-Encoding: 8bit

To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva?
Go to http://store.mandriva.com
_______________________________________________________


------------=_1427530171-3111-3--
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung