drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Zwei Probleme in Samba
Name: |
Zwei Probleme in Samba |
|
ID: |
USN-3595-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 17.10 |
|
Datum: |
Di, 13. März 2018, 16:00 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1057
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1050 |
|
Applikationen: |
Samba |
|
Originalnachricht |
--===============6301678131164810168== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="82I3+IH0IqGh5yIs" Content-Disposition: inline
--82I3+IH0IqGh5yIs Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inlin Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-3595-1 March 13, 2018
samba vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.10 - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in Samba.
Software Description: - samba: SMB/CIFS file, print, and login server for Unix
Details:
Björn Baumbach discovered that Samba incorrectly validated permissions when changing account passwords via LDAP. An authenticated attacker could use this issue to change the password of other users, including administrators, and perform actions as those users. (CVE-2018-1057)
It was discovered that Samba incorrectly validated inputs to the RPC spoolss service. An authenticated attacker could use this issue to cause the service to crash, resulting in a denial of service. (CVE-2018-1050)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 17.10: samba 2:4.6.7+dfsg-1ubuntu3.2 samba-dsdb-modules 2:4.6.7+dfsg-1ubuntu3.2
Ubuntu 16.04 LTS: samba 2:4.3.11+dfsg-0ubuntu0.16.04.13 samba-dsdb-modules 2:4.3.11+dfsg-0ubuntu0.16.04.13
Ubuntu 14.04 LTS: samba 2:4.3.11+dfsg-0ubuntu0.14.04.14 samba-dsdb-modules 2:4.3.11+dfsg-0ubuntu0.14.04.14
In general, a standard system update will make all the necessary changes.
References: https://usn.ubuntu.com/usn/usn-3595-1 CVE-2018-1050, CVE-2018-1057
Package Information: https://launchpad.net/ubuntu/+source/samba/2:4.6.7+dfsg-1ubuntu3.2 https://launchpad.net/ubuntu/+source/samba/2:4.3.11+dfsg-0ubuntu0.16.04.13 https://launchpad.net/ubuntu/+source/samba/2:4.3.11+dfsg-0ubuntu0.14.04.14
--82I3+IH0IqGh5yIs Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIcBAEBCgAGBQJap+RhAAoJENaSAD2qAscKQ1gQAJLz76kj9v/EugfUeKpQTRSX ngqoe8oIfX9kBkcqkKlj3w2hyfyFmeeFpUwziy98EPezrQsQTdhcHq0nNFzpF6Za 5g8EvO7cySTctHKW1nNc1L/gmW9nFjrL5M6YSTjOaxj2nnkN962MlCULLcLkQm8R qzK4XOSLyPM01w+pkf8UC+sodpK6a9jc3cq02G/muufYTuI666N2eYrOOOMclYK1 YReaimkw1iPHSXVV7xj9b+oKpcXBaX7TUzEJWBCNlXeS8I6UIa+CXvLCxWDMJstw pK8WfERpoOJFVjjRlrowuoE5Jvc3xWaXFfAbfjzXSTkNUF+7NXrQxuWCALAinCmT LIPbNlXyPMYqDEFFaSMILxatF5jLYQZ3ihBbPDdwUIt0UzhPLOGjNc52jY6U5hge zfPA9u9WHX0+kPsl7T1a1wFdKzWKKWGorRQTUzq5n0gcoB0GgaM58f35wG84qa92 11LfuL57EJNeDeCwJDR7J+svvU0qtJmPBCs9j7tUlTkfdl4Jh8O8FfeUzCDs4e6I B8A2YOhP4lVRADKQGygxZdBnKwSRXC4TpDepSVid9wpthaTNEl5w8v6fejNJ6MCZ isxi25f6f+RKWdYGdwtEXAVXYaPCI25KHLpoZfKBEfYVhPIC9tw+Xo56ZIhQaS8E OkF3u12K8UpmCDhUGtod =Pvbq -----END PGP SIGNATURE-----
--82I3+IH0IqGh5yIs--
--===============6301678131164810168== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5 LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj dXJpdHktYW5ub3VuY2UK
--===============6301678131164810168==--
|
|
|
|