drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Überschreiben von Dateien in Samba
Name: |
Überschreiben von Dateien in Samba |
|
ID: |
USN-3939-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 18.10 |
|
Datum: |
Mo, 8. April 2019, 16:57 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3880 |
|
Applikationen: |
Samba |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============2185983665185351232== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="NkWQWzWGPMvVzVnQealGM6SR1gIOpB8LM"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --NkWQWzWGPMvVzVnQealGM6SR1gIOpB8LM Content-Type: multipart/mixed; boundary="NJM8yniE5pJJYgzVRuaph3eG0CC1OFaoA"; protected-headers="v1" From: Marc Deslauriers <marc.deslauriers@canonical.com> Reply-To: Ubuntu Security <security@ubuntu.com> To: ubuntu-security-announce@lists.ubuntu.com Message-ID: <3b5379dc-eb56-a55c-a025-eed11edbf00f@canonical.com> Subject: [USN-3939-1] Samba vulnerability
--NJM8yniE5pJJYgzVRuaph3eG0CC1OFaoA Content-Type: text/plain; charset=utf-8 Content-Language: en-C Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-3939-1 April 08, 2019
samba vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.10 - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS
Summary:
Samba could be made to create files in unexpected locations.
Software Description: - samba: SMB/CIFS file, print, and login server for Unix
Details:
Michael Hanselmann discovered that Samba incorrectly handled registry files. A remote attacker could possibly use this issue to create new registry files outside of the share, contrary to expectations.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 18.10: libsmbclient 2:4.8.4+dfsg-2ubuntu2.3 samba 2:4.8.4+dfsg-2ubuntu2.3
Ubuntu 18.04 LTS: libsmbclient 2:4.7.6+dfsg~ubuntu-0ubuntu2.9 samba 2:4.7.6+dfsg~ubuntu-0ubuntu2.9
Ubuntu 16.04 LTS: libsmbclient 2:4.3.11+dfsg-0ubuntu0.16.04.19 samba 2:4.3.11+dfsg-0ubuntu0.16.04.19
Ubuntu 14.04 LTS: libsmbclient 2:4.3.11+dfsg-0ubuntu0.14.04.20 samba 2:4.3.11+dfsg-0ubuntu0.14.04.20
In general, a standard system update will make all the necessary changes.
References: https://usn.ubuntu.com/usn/usn-3939-1 CVE-2019-3880
Package Information: https://launchpad.net/ubuntu/+source/samba/2:4.8.4+dfsg-2ubuntu2.3 https://launchpad.net/ubuntu/+source/samba/2:4.7.6+dfsg~ubuntu-0ubuntu2.9 https://launchpad.net/ubuntu/+source/samba/2:4.3.11+dfsg-0ubuntu0.16.04.19 https://launchpad.net/ubuntu/+source/samba/2:4.3.11+dfsg-0ubuntu0.14.04.20
--NJM8yniE5pJJYgzVRuaph3eG0CC1OFaoA--
--NkWQWzWGPMvVzVnQealGM6SR1gIOpB8LM Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAlyrWYEACgkQZWnYVadE vpN/QRAAtX2XKkOOrseGc4P5Lb/TP6bIDcz9EZcwqq5px+eAb0idJeMrBZUIcP6j /FX/++1igbz37cfT3o+mdqSLxOwef8Jjg/h4/8qENpPme2hxZUMc2x4112Sd1vBi GdXQ+85wvujBE7djckO8DFTPjuwEsOxjVZdsnk+YVjdP/GF1Gzo+yxkj6NTaA42f 7Ofpkhdc4Fd6rSHt38c/7Tr+1EgqkTwxr8Qx9iT5ZtKlbp4cTHC72A1cPkCmevKW mEHKqJXQGxPtVUzyJFA6v/oLeWrFHDlELV/39BT6JE/YLf2lejq7MOOJ9LIHg1i5 4y9eXmDoLA3tDktOAWICjf4zET+rbiXLEOgMwDwxMlK7okavIrfVb6z7NVBw5rK2 ohLGOIlNiDlUfY+ryUVqWosIhnJYrwzwXUTTyMblp8kNKc/XhQDM62gQcaSTMFBG VkuohdPiMOj6xI0drFLXG20yu0t+qY7kX4gGs/XJjfhLeY+YhcWvdKiE6kTZGmPY ClTXSujHnEtYzcyO0vXNBqIjDvhj71JpotLzMrput+wz6AlzPiixEwgY9FQvD4A8 4QcId7YkredK9VAtOKOJBYWZt4Qlq9rZnjr2flU6jRLGzw9IdJ5HWhhfd3sr1Atx b8IiD7edFGdBKQn+Kdseu1QRBHNhbNzS+0Xq9UTOjUw2+xKZ/qc= =ZdTD -----END PGP SIGNATURE-----
--NkWQWzWGPMvVzVnQealGM6SR1gIOpB8LM--
--===============2185983665185351232== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5 LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj dXJpdHktYW5ub3VuY2UK
--===============2185983665185351232==--
|
|
|
|