Login
Newsletter
Werbung
Sicherheit: Zwei Probleme in Samba
Aktuelle Meldungen Distributionen
Name: Zwei Probleme in Samba
ID: MDVSA-2013:011
Distribution: Mandriva
Plattformen: Mandriva Enterprise Server 5.0, Mandriva 2011
Datum: Mi, 13. Februar 2013, 15:33
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0213
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0214
Applikationen: Samba

Originalnachricht

 
This is a multi-part message in MIME format...

------------=_1360764378-3376-343

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2013:011
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : samba
 Date    : February 13, 2013
 Affected: 2011., Enterprise Server 5.0
 _______________________________________________________________________

 Problem Description:

 Multiple vulnerabilities has been found and corrected in samba (swat):
 
 The Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.21,
 3.6.x before 3.6.12, and 4.x before 4.0.2 allows remote attackers to
 conduct clickjacking attacks via a (1) FRAME or (2) IFRAME element
 (CVE-2013-0213).
 
 Cross-site request forgery (CSRF) vulnerability in the Samba Web
 Administration Tool (SWAT) in Samba 3.x before 3.5.21, 3.6.x before
 3.6.12, and 4.x before 4.0.2 allows remote attackers to hijack the
 authentication of arbitrary users by leveraging knowledge of a password
 and composing requests that perform SWAT actions (CVE-2013-0214).
 
 The updated packages have been patched to correct these issues.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0213
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0214
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2011:
 6db013b5a435ada0bd8cbf75aad579c9 
 2011/i586/libnetapi0-3.5.10-1.4-mdv2011.0.i586.rpm
 c15352a46ae6cf6ebfdeb32c40cc0c28 
 2011/i586/libnetapi-devel-3.5.10-1.4-mdv2011.0.i586.rpm
 fd084b90daafdb3c5a3d8e11c9a6f48e 
 2011/i586/libsmbclient0-3.5.10-1.4-mdv2011.0.i586.rpm
 ac5b8663b8134130ed5b0e0c3317a6d0 
 2011/i586/libsmbclient0-devel-3.5.10-1.4-mdv2011.0.i586.rpm
 5218f98832a6e3d5539d9291d4bcb9c6 
 2011/i586/libsmbclient0-static-devel-3.5.10-1.4-mdv2011.0.i586.rpm
 ca5ec5303c853b60690bc55b8c3bb11e 
 2011/i586/libsmbsharemodes0-3.5.10-1.4-mdv2011.0.i586.rpm
 df655d84b95e65c04094fc9de5f67374 
 2011/i586/libsmbsharemodes-devel-3.5.10-1.4-mdv2011.0.i586.rpm
 a08232624445575b64cd150b586bdd4f 
 2011/i586/libwbclient0-3.5.10-1.4-mdv2011.0.i586.rpm
 a2c1891f7535486078fedd3b494ea35a 
 2011/i586/libwbclient-devel-3.5.10-1.4-mdv2011.0.i586.rpm
 9717c8ae84e8d733ab92e1e97832cb03 
 2011/i586/mount-cifs-3.5.10-1.4-mdv2011.0.i586.rpm
 9f462089bf495a1385f9595be8f38a4b 
 2011/i586/nss_wins-3.5.10-1.4-mdv2011.0.i586.rpm
 bda6ed4ba70f3de2c84af5cea1fb1753 
 2011/i586/samba-client-3.5.10-1.4-mdv2011.0.i586.rpm
 fd24724fbca4f7261441d705bb4deefe 
 2011/i586/samba-common-3.5.10-1.4-mdv2011.0.i586.rpm
 298e0b0d7f8112fcfd5389167d4aa116 
 2011/i586/samba-doc-3.5.10-1.4-mdv2011.0.noarch.rpm
 18a97a0732bd6a325a43651772372b93 
 2011/i586/samba-domainjoin-gui-3.5.10-1.4-mdv2011.0.i586.rpm
 d78840021cb9c2e337d351ae2a5e28f1 
 2011/i586/samba-server-3.5.10-1.4-mdv2011.0.i586.rpm
 cfccaf5cea2f8b13c0bd11b1deb840d5 
 2011/i586/samba-swat-3.5.10-1.4-mdv2011.0.i586.rpm
 3f8f4066d31e06245057d8c6ff220d82 
 2011/i586/samba-winbind-3.5.10-1.4-mdv2011.0.i586.rpm 
 0daa824cde5e03439510446ff051278a  2011/SRPMS/samba-3.5.10-1.4.src.rpm

 Mandriva Linux 2011/X86_64:
 3f044d5ee408e0dfca4e01745775157c 
 2011/x86_64/lib64netapi0-3.5.10-1.4-mdv2011.0.x86_64.rpm
 b421666a4ec8aec341f3610e8d8afa31 
 2011/x86_64/lib64netapi-devel-3.5.10-1.4-mdv2011.0.x86_64.rpm
 737222348522a66313156a9ca4a4dc80 
 2011/x86_64/lib64smbclient0-3.5.10-1.4-mdv2011.0.x86_64.rpm
 714cb04ab58729c81a636ee34b13f69c 
 2011/x86_64/lib64smbclient0-devel-3.5.10-1.4-mdv2011.0.x86_64.rpm
 b50f5d7e44a50af4d8864b9af6c3474e 
 2011/x86_64/lib64smbclient0-static-devel-3.5.10-1.4-mdv2011.0.x86_64.rpm
 8d683f397cfa3a296636c1aa2f3c04fe 
 2011/x86_64/lib64smbsharemodes0-3.5.10-1.4-mdv2011.0.x86_64.rpm
 ba6ff1a2e120671055963982e91d6cbb 
 2011/x86_64/lib64smbsharemodes-devel-3.5.10-1.4-mdv2011.0.x86_64.rpm
 a60211a6f145e5a1ad5e2cf53fff00ef 
 2011/x86_64/lib64wbclient0-3.5.10-1.4-mdv2011.0.x86_64.rpm
 db7fb0112482c2d6d876875d82783891 
 2011/x86_64/lib64wbclient-devel-3.5.10-1.4-mdv2011.0.x86_64.rpm
 d308c1fb14b28e7e5d11751e335850c7 
 2011/x86_64/mount-cifs-3.5.10-1.4-mdv2011.0.x86_64.rpm
 4ecd920c885bc488f588583bafc5309c 
 2011/x86_64/nss_wins-3.5.10-1.4-mdv2011.0.x86_64.rpm
 1e4912e503c2605396912d5b1cf7d3df 
 2011/x86_64/samba-client-3.5.10-1.4-mdv2011.0.x86_64.rpm
 692860bddb8c29b4c6346b9f629492d7 
 2011/x86_64/samba-common-3.5.10-1.4-mdv2011.0.x86_64.rpm
 2a9cd80a395684648cf39a87be91e1a6 
 2011/x86_64/samba-doc-3.5.10-1.4-mdv2011.0.noarch.rpm
 0709f4f6c4d558988c91c53f81ec2019 
 2011/x86_64/samba-domainjoin-gui-3.5.10-1.4-mdv2011.0.x86_64.rpm
 f7a2b292435ddcc9dd65cb8cf8fbb1dc 
 2011/x86_64/samba-server-3.5.10-1.4-mdv2011.0.x86_64.rpm
 cb7b14c758d14c66a386c0b12a88f2a9 
 2011/x86_64/samba-swat-3.5.10-1.4-mdv2011.0.x86_64.rpm
 2d2454f87d6a3abeb2c3425cb7cd0444 
 2011/x86_64/samba-winbind-3.5.10-1.4-mdv2011.0.x86_64.rpm 
 0daa824cde5e03439510446ff051278a  2011/SRPMS/samba-3.5.10-1.4.src.rpm

 Mandriva Enterprise Server 5:
 be19a4f4a8b74f24e1aa7f67f63f571c 
 mes5/i586/libnetapi0-3.3.12-0.11mdvmes5.2.i586.rpm
 10f5accdadbef81987db876c4de5dead 
 mes5/i586/libnetapi-devel-3.3.12-0.11mdvmes5.2.i586.rpm
 a81f1317b39c476f799ad590aac319de 
 mes5/i586/libsmbclient0-3.3.12-0.11mdvmes5.2.i586.rpm
 7bfa0d6c08099da0e636daa65df26776 
 mes5/i586/libsmbclient0-devel-3.3.12-0.11mdvmes5.2.i586.rpm
 89c58c63ab9372bd72af479c50d95c44 
 mes5/i586/libsmbclient0-static-devel-3.3.12-0.11mdvmes5.2.i586.rpm
 3a0fdb0a5482e8422fe045b374f1708f 
 mes5/i586/libsmbsharemodes0-3.3.12-0.11mdvmes5.2.i586.rpm
 d311c9ac3ede016b5e372a22c52c70fd 
 mes5/i586/libsmbsharemodes-devel-3.3.12-0.11mdvmes5.2.i586.rpm
 503c8aa874af178408c8fd970d4db84d 
 mes5/i586/libtalloc1-3.3.12-0.11mdvmes5.2.i586.rpm
 50bfda07dcea421f9470885c83ef17c7 
 mes5/i586/libtalloc-devel-3.3.12-0.11mdvmes5.2.i586.rpm
 30e840ed8ea8854181a1428a4eb5e020 
 mes5/i586/libtdb1-3.3.12-0.11mdvmes5.2.i586.rpm
 de440f6cbcd2a9ad6e84dd25b986a16d 
 mes5/i586/libtdb-devel-3.3.12-0.11mdvmes5.2.i586.rpm
 b1eb0d27b547e9b7b4ea073d58862d5d 
 mes5/i586/libwbclient0-3.3.12-0.11mdvmes5.2.i586.rpm
 839e95288699fc4c2b1a7c9cb571332f 
 mes5/i586/libwbclient-devel-3.3.12-0.11mdvmes5.2.i586.rpm
 5c69caa8d771b991694e1c8e60b92e59 
 mes5/i586/mount-cifs-3.3.12-0.11mdvmes5.2.i586.rpm
 9b71cab4d3885f70b45e0c00565659df 
 mes5/i586/nss_wins-3.3.12-0.11mdvmes5.2.i586.rpm
 ac9a03903932ec6b5d7d2e55838a44d6 
 mes5/i586/samba-client-3.3.12-0.11mdvmes5.2.i586.rpm
 ce5892a23c0fd1d918a28755f610c18e 
 mes5/i586/samba-common-3.3.12-0.11mdvmes5.2.i586.rpm
 3a90bdf522a33011b30af17f4f14c7ef 
 mes5/i586/samba-doc-3.3.12-0.11mdvmes5.2.i586.rpm
 6ffa2ac33dae9b28ed9ba2245e1c36d5 
 mes5/i586/samba-server-3.3.12-0.11mdvmes5.2.i586.rpm
 42d7e185c0de24f19e41b621184ffad2 
 mes5/i586/samba-swat-3.3.12-0.11mdvmes5.2.i586.rpm
 783f7b52940f8f11c56f8b7a97f39f30 
 mes5/i586/samba-winbind-3.3.12-0.11mdvmes5.2.i586.rpm 
 35d2ee499ef3df0bb9373d071d0693d4 
 mes5/SRPMS/samba-3.3.12-0.11mdvmes5.2.src.rpm

 Mandriva Enterprise Server 5/X86_64:
 39fc6cdd82c1a7b3080b91f99244c670 
 mes5/x86_64/lib64netapi0-3.3.12-0.11mdvmes5.2.x86_64.rpm
 ae253c529c53dcb9707f8dea9a771eba 
 mes5/x86_64/lib64netapi-devel-3.3.12-0.11mdvmes5.2.x86_64.rpm
 29676178fe82b68c035835f83031cdfb 
 mes5/x86_64/lib64smbclient0-3.3.12-0.11mdvmes5.2.x86_64.rpm
 f75dbfe5488dfaab26a79051e7c2fc03 
 mes5/x86_64/lib64smbclient0-devel-3.3.12-0.11mdvmes5.2.x86_64.rpm
 9c2560d04d3d78be84c82828412015dd 
 mes5/x86_64/lib64smbclient0-static-devel-3.3.12-0.11mdvmes5.2.x86_64.rpm
 fbf1eef5913ba47abd8ac6ae5a262b0e 
 mes5/x86_64/lib64smbsharemodes0-3.3.12-0.11mdvmes5.2.x86_64.rpm
 cad5fe7fc36b6a1b162b1678182d5dba 
 mes5/x86_64/lib64smbsharemodes-devel-3.3.12-0.11mdvmes5.2.x86_64.rpm
 db7c7d6d6f6171d94c99306aa84a1828 
 mes5/x86_64/lib64talloc1-3.3.12-0.11mdvmes5.2.x86_64.rpm
 08360d58c1a9c653ebfb8cf53706a620 
 mes5/x86_64/lib64talloc-devel-3.3.12-0.11mdvmes5.2.x86_64.rpm
 15f0c69ed8198ff18deef06e2ff940e5 
 mes5/x86_64/lib64tdb1-3.3.12-0.11mdvmes5.2.x86_64.rpm
 77a224b2c614b7e049afdf32e93ab9c1 
 mes5/x86_64/lib64tdb-devel-3.3.12-0.11mdvmes5.2.x86_64.rpm
 25e205ed9f03543ad3c2dd21213b2e37 
 mes5/x86_64/lib64wbclient0-3.3.12-0.11mdvmes5.2.x86_64.rpm
 09879e87b061583c84a79a43a8d85667 
 mes5/x86_64/lib64wbclient-devel-3.3.12-0.11mdvmes5.2.x86_64.rpm
 d3406c522d5b102857ad175cacb6fb67 
 mes5/x86_64/mount-cifs-3.3.12-0.11mdvmes5.2.x86_64.rpm
 97a012362587a935db7a56db17821866 
 mes5/x86_64/nss_wins-3.3.12-0.11mdvmes5.2.x86_64.rpm
 a3e03c2adcd914dc95f1b71e80755056 
 mes5/x86_64/samba-client-3.3.12-0.11mdvmes5.2.x86_64.rpm
 826b735f11155e5a0844f1f61cfb5b90 
 mes5/x86_64/samba-common-3.3.12-0.11mdvmes5.2.x86_64.rpm
 479cdc218b631aea27be2ce973fff469 
 mes5/x86_64/samba-doc-3.3.12-0.11mdvmes5.2.x86_64.rpm
 1294d3d23b3a9dff87710d0866268022 
 mes5/x86_64/samba-server-3.3.12-0.11mdvmes5.2.x86_64.rpm
 4b2facee8d95e35bb4b379064ed9028e 
 mes5/x86_64/samba-swat-3.3.12-0.11mdvmes5.2.x86_64.rpm
 4923ee42187ce395a15d35494904c99f 
 mes5/x86_64/samba-winbind-3.3.12-0.11mdvmes5.2.x86_64.rpm 
 35d2ee499ef3df0bb9373d071d0693d4 
 mes5/SRPMS/samba-3.3.12-0.11mdvmes5.2.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iD8DBQFRG3AfmqjQ0CJFipgRAjXeAKCeNQY4c0FiPWj5o775On9qa9YJJgCg3E9g
aVdWPexeS13orNHBVppHHV8=
=r9Nx
-----END PGP SIGNATURE-----


------------=_1360764378-3376-343
Content-Type: text/plain; charset="UTF-8";
 name="message-footer.txt"
Content-Disposition: inline; filename="message-footer.txt"
Content-Transfer-Encoding: 8bit

To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva? 
Go to http://store.mandriva.com
_______________________________________________________


------------=_1360764378-3376-343--
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung