Denial of Service in Samba (Aktualisierung)
ID: | USN-3595-2 |
Distribution: | Ubuntu |
Plattformen: | Ubuntu 12.04 ESM |
Datum: | Fr, 23. März 2018, 19:20 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1050 |
Applikationen: | Samba |
Update von: | Zwei Probleme in Samba |
Originalnachricht |
|
--===============3506553905098495209== Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="=-BbXT1f6kDF08AuqoTW12" --=-BbXT1f6kDF08AuqoTW12 Content-Type: text/plain; charset="UTF-8 Content-Transfer-Encoding: quoted-printable ========================================================================== Ubuntu Security Notice USN-3595-2 March 23, 2018 samba vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.04 ESM Summary: Samba could be made to crash if it received specially crafted input. Software Description: - samba: SMB/CIFS file, print, and login server for Unix Details: USN-3595-1 fix a vulnerability in Samba. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that Samba incorrectly validated inputs to the RPC spoolss service. An authenticated attacker could use this issue to cause the service to crash, resulting in a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 ESM: samba 2:3.6.25-0ubuntu0.12.04.15 In general, a standard system update will make all the necessary changes. References: https://usn.ubuntu.com/usn/usn-3595-2 https://usn.ubuntu.com/usn/usn-3595-1 CVE-2018-1050 --=-BbXT1f6kDF08AuqoTW12 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAABCAAGBQJatUDLAAoJEEW851uECx9pF8QP/1+yirOI0OPy6UFqu/EUpU90 8Iu9rF78mY9JbYKQCoPhCC2afSfb5RZph9pg052nGWLj9gRDGldbqusPNvvOE3w2 Jgp0R/Q5NWXx1edNdfuAwJbWOM96k6AoQJ0yKzyiX+iOqJBmzmRL1Na6O1a4qj6v wy2NTTTTA1LJNLGloaahMH4a6dXv28ItNOwATS/ZemZPOlWrkP0dUdTi3dvKMesy 4+YNYCjMYIVTYwPElFZgvo9kacqs64GFWQWhACJ+OGkAKQ4pSRpL1xvE9/davoJa GL1unUgT6n3dHMF7jy5qxdr0luCJ+4Y8016aRWoOEGrCHmpOQXHjVDCWiHQI0T/o fe4AzRPBpI6LFe7mctPLxkwWx8GPb0LTlb6OqrYfsdLb/7IYM/VBCccTDmMMVrUO ajewmK6HpCC3lrmyiVxRr7FWdnkNjMUj+ZSQn4/1hYRsh6fpxSYToS3SU+22nLqC rmWuGVX50uorpwS9z1lAeVkmPBjF1BIg+bOlI6cLoRqFx33brKTWhrd8k7C0KTcg 3IwqipS4A0ro1W7iF721K5kWIUSHw9gh0Ux4zUI9VSycaS4QmiSPjKMiz/bfPHZb 0RO3k2xTuMrmXKlbEEV4/FJlqkF8b6SlX7s3B9wqGvviN+FLPjAOy5iL0EPwwoKy Q33L8tOQhBI0zTo2g0fu =nKVX -----END PGP SIGNATURE----- --=-BbXT1f6kDF08AuqoTW12-- --===============3506553905098495209== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5 LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj dXJpdHktYW5ub3VuY2UK --===============3506553905098495209==-- |