drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in Samba
Name: |
Denial of Service in Samba |
|
ID: |
USN-3348-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 16.10, Ubuntu 17.04 |
|
Datum: |
Mi, 5. Juli 2017, 22:46 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9461 |
|
Applikationen: |
Samba |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============2838998243927907149== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="JMAvoAvAiAsMprLHkiUP6bvR3O8V8Sxd3"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --JMAvoAvAiAsMprLHkiUP6bvR3O8V8Sxd3 Content-Type: multipart/mixed; boundary="55sLnC77UstTb98STiX7buGkgcvekQvqi"; protected-headers="v1" From: Marc Deslauriers <marc.deslauriers@canonical.com> Reply-To: Ubuntu Security <security@ubuntu.com> To: ubuntu-security-announce@lists.ubuntu.com Message-ID: <a693306a-fa31-43ac-fe9c-a0219aee0835@canonical.com> Subject: [USN-3348-1] Samba vulnerability
--55sLnC77UstTb98STiX7buGkgcvekQvqi Content-Type: text/plain; charset=utf-8 Content-Language: en-C Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-3348-1 July 05, 2017
samba vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.04 - Ubuntu 16.10 - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS
Summary:
Samba could be made to hang if it received specially crafted network traffic.
Software Description: - samba: SMB/CIFS file, print, and login server for Unix
Details:
It was discovered that Samba incorrectly handled dangling symlinks. A remote attacker could possibly use this issue to cause Samba to hang, resulting in a denial of service. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2017-9461)
In addition, this update fixes a regression introduced by USN-3267-1 that caused Samba to incorrectly handle non-wide symlinks to directories.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 17.04: samba 2:4.5.8+dfsg-0ubuntu0.17.04.3
Ubuntu 16.10: samba 2:4.4.5+dfsg-2ubuntu5.7
Ubuntu 16.04 LTS: samba 2:4.3.11+dfsg-0ubuntu0.16.04.8
Ubuntu 14.04 LTS: samba 2:4.3.11+dfsg-0ubuntu0.14.04.9
In general, a standard system update will make all the necessary changes.
References: https://www.ubuntu.com/usn/usn-3348-1 CVE-2017-9461
Package Information: https://launchpad.net/ubuntu/+source/samba/2:4.5.8+dfsg-0ubuntu0.17.04.3 https://launchpad.net/ubuntu/+source/samba/2:4.4.5+dfsg-2ubuntu5.7 https://launchpad.net/ubuntu/+source/samba/2:4.3.11+dfsg-0ubuntu0.16.04.8 https://launchpad.net/ubuntu/+source/samba/2:4.3.11+dfsg-0ubuntu0.14.04.9
--55sLnC77UstTb98STiX7buGkgcvekQvqi--
--JMAvoAvAiAsMprLHkiUP6bvR3O8V8Sxd3 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2
iQIcBAEBCgAGBQJZXTfQAAoJEGVp2FWnRL6TS2oP/0ELUpvecPjVI9RpmIoVWe4w +FTAn9fzhaqvSVzd/DlpZYCRDC8DgbAAt6nwuNWpXMUYUJd7vKocAFFrJOK2zv01 /S6ENqBJsE6h1C2/AQcd5h7na3qjM4vDIrO0rT6/Hn9Wupk6wO+19K33qMgy9a+A u7B/lES3oJBh1QCax9pMDUIULlsQlWNmcCnsAs2CF1uWCNWh6n2pFdJp0a+uyPxh gXPfdDMIGXU7XqoUFuOPcyIr4QZl8G1UAC8sKWQBe9cg2MJEocCbsYUw44k+ltZ2 72I/2TFOmi+lMnFC37p33Xrapv7JomcQXjcxQR0tdDYZPoDa2oVFU7QUEv0fSdxN pqc+JotwoT8RhdvcrioL5T5eyguU4CBfEkHvArL7k/lHCAPbIlrJ9YoajkzahGKT 4ji1qwsqdm2F3UDDXSMP9K6EH0RidwUGZUb/nsdBfaGkOvLX1/5uACQJiZs7T743 3UJ5vt389r+bo63ruGhnmKC1/p5C4whG1szj93A5qgVhkwX9Ub1j3T3u5hf52bWd cvUz3eS8cs/6FLnR+D+o7HdlrOnlRVwwvEoyxORnjNQDHAZ7SQAA3LhFTmHLQLU3 KbFHCQxVLIpVDMyZ2SLYFVqfa9+i673orTtkE6I18aqjkak1McZOpkHc/Wt1U3Os Je/fETHliAz9+0996QU1 =yQ7w -----END PGP SIGNATURE-----
--JMAvoAvAiAsMprLHkiUP6bvR3O8V8Sxd3--
--===============2838998243927907149== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============2838998243927907149==--
|
|
|
|