ID CVE-2014-3493
Summary The push_ascii function in smbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote authenticated users to cause a denial of service (memory corruption and daemon crash) via an attempt to read a Unicode pathname without specifying use of Unicode, leading to a character-set conversion failure that triggers an invalid pointer dereference.
References
Vulnerable Configurations
  • Samba 3.6.0
    cpe:2.3:a:samba:samba:3.6.0
  • Samba 3.6.1
    cpe:2.3:a:samba:samba:3.6.1
  • Samba 3.6.2
    cpe:2.3:a:samba:samba:3.6.2
  • Samba 3.6.3
    cpe:2.3:a:samba:samba:3.6.3
  • Samba 3.6.4
    cpe:2.3:a:samba:samba:3.6.4
  • Samba 3.6.5
    cpe:2.3:a:samba:samba:3.6.5
  • Samba 3.6.6
    cpe:2.3:a:samba:samba:3.6.6
  • Samba 3.6.7
    cpe:2.3:a:samba:samba:3.6.7
  • Samba 3.6.8
    cpe:2.3:a:samba:samba:3.6.8
  • Samba 3.6.9
    cpe:2.3:a:samba:samba:3.6.9
  • Samba 3.6.10
    cpe:2.3:a:samba:samba:3.6.10
  • Samba 3.6.11
    cpe:2.3:a:samba:samba:3.6.11
  • Samba 3.6.12
    cpe:2.3:a:samba:samba:3.6.12
  • Samba 3.6.13
    cpe:2.3:a:samba:samba:3.6.13
  • Samba 3.6.14
    cpe:2.3:a:samba:samba:3.6.14
  • Samba 3.6.15
    cpe:2.3:a:samba:samba:3.6.15
  • Samba 3.6.16
    cpe:2.3:a:samba:samba:3.6.16
  • Samba 3.6.17
    cpe:2.3:a:samba:samba:3.6.17
  • Samba 3.6.18
    cpe:2.3:a:samba:samba:3.6.18
  • Samba 3.6.19
    cpe:2.3:a:samba:samba:3.6.19
  • Samba 3.6.20
    cpe:2.3:a:samba:samba:3.6.20
  • Samba 3.6.21
    cpe:2.3:a:samba:samba:3.6.21
  • Samba 3.6.22
    cpe:2.3:a:samba:samba:3.6.22
  • Samba 3.6.23
    cpe:2.3:a:samba:samba:3.6.23
  • Samba 4.1.0
    cpe:2.3:a:samba:samba:4.1.0
  • Samba 4.1.1
    cpe:2.3:a:samba:samba:4.1.1
  • Samba 4.1.2
    cpe:2.3:a:samba:samba:4.1.2
  • Samba 4.1.3
    cpe:2.3:a:samba:samba:4.1.3
  • Samba 4.1.4
    cpe:2.3:a:samba:samba:4.1.4
  • Samba 4.1.5
    cpe:2.3:a:samba:samba:4.1.5
  • Samba 4.1.6
    cpe:2.3:a:samba:samba:4.1.6
  • Samba 4.1.7
    cpe:2.3:a:samba:samba:4.1.7
  • Samba 4.1.8
    cpe:2.3:a:samba:samba:4.1.8
  • Samba 4.0.0
    cpe:2.3:a:samba:samba:4.0.0
  • Samba 4.0.1
    cpe:2.3:a:samba:samba:4.0.1
  • Samba 4.0.2
    cpe:2.3:a:samba:samba:4.0.2
  • Samba 4.0.3
    cpe:2.3:a:samba:samba:4.0.3
  • Samba 4.0.4
    cpe:2.3:a:samba:samba:4.0.4
  • Samba 4.0.5
    cpe:2.3:a:samba:samba:4.0.5
  • Samba 4.0.6
    cpe:2.3:a:samba:samba:4.0.6
  • Samba 4.0.7
    cpe:2.3:a:samba:samba:4.0.7
  • Samba 4.0.8
    cpe:2.3:a:samba:samba:4.0.8
  • Samba 4.0.9
    cpe:2.3:a:samba:samba:4.0.9
  • Samba 4.0.10
    cpe:2.3:a:samba:samba:4.0.10
  • Samba 4.0.11
    cpe:2.3:a:samba:samba:4.0.11
  • Samba 4.0.12
    cpe:2.3:a:samba:samba:4.0.12
  • Samba 4.0.13
    cpe:2.3:a:samba:samba:4.0.13
  • Samba 4.0.14
    cpe:2.3:a:samba:samba:4.0.14
  • Samba 4.0.15
    cpe:2.3:a:samba:samba:4.0.15
  • Samba 4.0.16
    cpe:2.3:a:samba:samba:4.0.16
  • Samba 4.0.17
    cpe:2.3:a:samba:samba:4.0.17
  • Samba 4.0.18
    cpe:2.3:a:samba:samba:4.0.18
CVSS
Base: 2.7 (as of 21-10-2015 - 09:23)
Impact:
Exploitability:
CWE CWE-119
CAPEC
  • Buffer Overflow via Environment Variables
    This attack pattern involves causing a buffer overflow through manipulation of environment variables. Once the attacker finds that they can modify an environment variable, they may try to overflow associated buffers. This attack leverages implicit trust often placed in environment variables.
  • Overflow Buffers
    Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an attacker. As a consequence, an attacker is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the attackers' choice.
  • Client-side Injection-induced Buffer Overflow
    This type of attack exploits a buffer overflow vulnerability in targeted client software through injection of malicious content from a custom-built hostile service.
  • Filter Failure through Buffer Overflow
    In this attack, the idea is to cause an active filter to fail by causing an oversized transaction. An attacker may try to feed overly long input strings to the program in an attempt to overwhelm the filter (by causing a buffer overflow) and hoping that the filter does not fail securely (i.e. the user input is let into the system unfiltered).
  • MIME Conversion
    An attacker exploits a weakness in the MIME conversion routine to cause a buffer overflow and gain control over the mail server machine. The MIME system is designed to allow various different information formats to be interpreted and sent via e-mail. Attack points exist when data are converted to MIME compatible format and back.
  • Overflow Binary Resource File
    An attack of this type exploits a buffer overflow vulnerability in the handling of binary resources. Binary resources may include music files like MP3, image files like JPEG files, and any other binary file. These attacks may pass unnoticed to the client machine through normal usage of files, such as a browser loading a seemingly innocent JPEG file. This can allow the attacker access to the execution stack and execute arbitrary code in the target process. This attack pattern is a variant of standard buffer overflow attacks using an unexpected vector (binary files) to wrap its attack and open up a new attack vector. The attacker is required to either directly serve the binary content to the victim, or place it in a locale like a MP3 sharing application, for the victim to download. The attacker then is notified upon the download or otherwise locates the vulnerability opened up by the buffer overflow.
  • Buffer Overflow via Symbolic Links
    This type of attack leverages the use of symbolic links to cause buffer overflows. An attacker can try to create or manipulate a symbolic link file such that its contents result in out of bounds data. When the target software processes the symbolic link file, it could potentially overflow internal buffers with insufficient bounds checking.
  • Overflow Variables and Tags
    This type of attack leverages the use of tags or variables from a formatted configuration data to cause buffer overflow. The attacker crafts a malicious HTML page or configuration file that includes oversized strings, thus causing an overflow.
  • Buffer Overflow via Parameter Expansion
    In this attack, the target software is given input that the attacker knows will be modified and expanded in size during processing. This attack relies on the target software failing to anticipate that the expanded data may exceed some internal limit, thereby creating a buffer overflow.
  • Buffer Overflow in an API Call
    This attack targets libraries or shared code modules which are vulnerable to buffer overflow attacks. An attacker who has access to an API may try to embed malicious code in the API function call and exploit a buffer overflow vulnerability in the function's implementation. All clients that make use of the code library thus become vulnerable by association. This has a very broad effect on security across a system, usually affecting more than one software process.
  • Buffer Overflow in Local Command-Line Utilities
    This attack targets command-line utilities available in a number of shells. An attacker can leverage a vulnerability found in a command-line utility to escalate privilege to root.
Access
VectorComplexityAuthentication
ADJACENT_NETWORK LOW SINGLE_INSTANCE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_6AD309D9FB0311E3BEBD000C2980A9F3.NASL
    description The samba project reports : A malformed packet can cause the nmbd server to loop the CPU and prevent any further NetBIOS name service. Valid unicode path names stored on disk can cause smbd to crash if an authenticated client attempts to read them using a non-unicode request.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 76196
    published 2014-06-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76196
    title FreeBSD : samba -- multiple vulnerabilities (6ad309d9-fb03-11e3-bebd-000c2980a9f3)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2014-0866.NASL
    description From Red Hat Security Advisory 2014:0866 : Updated samba3x and samba packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Samba is an open source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. A denial of service flaw was found in the way the sys_recvfile() function of nmbd, the NetBIOS message block daemon, processed non-blocking sockets. An attacker could send a specially crafted packet that, when processed, would cause nmbd to enter an infinite loop and consume an excessive amount of CPU time. (CVE-2014-0244) It was discovered that smbd, the Samba file server daemon, did not properly handle certain files that were stored on the disk and used a valid Unicode character in the file name. An attacker able to send an authenticated non-Unicode request that attempted to read such a file could cause smbd to crash. (CVE-2014-3493) Red Hat would like to thank Daniel Berteaud of FIREWALL-SERVICES SARL for reporting CVE-2014-0244, and the Samba project for reporting CVE-2014-3493. The Samba project acknowledges Simon Arlott as the original reporter of CVE-2014-3493. All Samba users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, the smb service will be restarted automatically.
    last seen 2019-02-21
    modified 2015-12-01
    plugin id 76443
    published 2014-07-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76443
    title Oracle Linux 5 / 6 : samba / samba3x (ELSA-2014-0866)
  • NASL family Misc.
    NASL id SAMBA_4_1_9.NASL
    description According to its banner, the version of Samba on the remote host is 3.6.x prior to 3.6.24, 4.0.x prior to 4.0.19, or 4.1.x prior to 4.1.9. It is, therefore, affected by the following vulnerabilities : - A denial of service flaw exists with 'nmbd'. A remote attacker, with a specially crafted packet, could cause the CPU to loop the same code segment, preventing further NetBIOS name services. (CVE-2014-0244) - A denial of service flaw exists with 'smbd' when an authenticated client makes a non-unicode request for a valid unicode path. An invalid return code from the conversion of bad unicode to Windows character set can cause memory at an offset from the expected return buffer to be overwritten. This could allow a remote authenticated attacker to cause a denial of service. (CVE-2014-3493) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 76202
    published 2014-06-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76202
    title Samba 3.6.x < 3.6.24 / 4.0.x < 4.0.19 / 4.1.x < 4.1.9 Multiple Vulnerabilities
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201502-15.NASL
    description The remote host is affected by the vulnerability described in GLSA-201502-15 (Samba: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Samba. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker may be able to execute arbitrary code, cause a Denial of Service condition, bypass intended file restrictions, or obtain sensitive information. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2016-01-10
    plugin id 81536
    published 2015-02-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=81536
    title GLSA-201502-15 : Samba: Multiple vulnerabilities
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2014-9132.NASL
    description Update to Samba 4.0.21. CVE-2014-3560. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2017-01-10
    plugin id 77268
    published 2014-08-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77268
    title Fedora 19 : samba-4.0.21-1.fc19 (2014-9132)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2014-7672.NASL
    description Update to Samba 4.1.9. Update to Samba 4.1.8 (CVE-2014-0178 samba: Uninitialized memory exposure) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2017-01-10
    plugin id 76223
    published 2014-06-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76223
    title Fedora 20 : samba-4.1.9-3.fc20 (2014-7672)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_CIFS-MOUNT-140627.NASL
    description Samba has been updated to fix two security issues and one non-security issue. These security issues have been fixed : - Fix segmentation fault in smbd_marshal_dir_entry()'s SMB_FIND_FILE_UNIXhandler. (CVE-2014-3493) - Fix nmbd denial of service. (CVE-2014-0244) - Fix malformed FSCTL_SRV_ENUMERATE_SNAPSHOTS response (CVE-2014-0178) These non-security issues have been fixed : - Fix printer job purging; (bso#10612);. (bnc#879390)
    last seen 2019-02-21
    modified 2014-08-08
    plugin id 76523
    published 2014-07-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76523
    title SuSE 11.3 Security Update : Samba (SAT Patch Number 9451)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2014-1009.NASL
    description Updated samba4 packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Samba is an open source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in Samba's NetBIOS message block daemon (nmbd). An attacker on the local network could use this flaw to send specially crafted packets that, when processed by nmbd, could possibly lead to arbitrary code execution with root privileges. (CVE-2014-3560) All Samba users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, the smb service will be restarted automatically.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 77013
    published 2014-08-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77013
    title RHEL 6 : samba4 (RHSA-2014:1009)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2014-0867.NASL
    description Updated samba packages that fix three security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Samba is an open source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. A denial of service flaw was found in the way the sys_recvfile() function of nmbd, the NetBIOS message block daemon, processed non-blocking sockets. An attacker could send a specially crafted packet that, when processed, would cause nmbd to enter an infinite loop and consume an excessive amount of CPU time. (CVE-2014-0244) A flaw was found in the way Samba created responses for certain authenticated client requests when a shadow-copy VFS module was enabled. An attacker able to send an authenticated request could use this flaw to disclose limited portions of memory per each request. (CVE-2014-0178) It was discovered that smbd, the Samba file server daemon, did not properly handle certain files that were stored on the disk and used a valid Unicode character in the file name. An attacker able to send an authenticated non-Unicode request that attempted to read such a file could cause smbd to crash. (CVE-2014-3493) Red Hat would like to thank Daniel Berteaud of FIREWALL-SERVICES SARL for reporting CVE-2014-0244, and the Samba project for reporting CVE-2014-0178 and CVE-2014-3493. The Samba project acknowledges Christof Schmitt as the original reporter of CVE-2014-0178, and Simon Arlott as the original reporter of CVE-2014-3493. All Samba users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, the smb service will be restarted automatically.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 76903
    published 2014-07-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76903
    title RHEL 7 : samba (RHSA-2014:0867)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2014-1009.NASL
    description Updated samba4 packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Samba is an open source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in Samba's NetBIOS message block daemon (nmbd). An attacker on the local network could use this flaw to send specially crafted packets that, when processed by nmbd, could possibly lead to arbitrary code execution with root privileges. (CVE-2014-3560) All Samba users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, the smb service will be restarted automatically.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 77006
    published 2014-08-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77006
    title CentOS 6 : samba4 (CESA-2014:1009)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2014-450.NASL
    description samba was updated to version 4.1.9 to fix four security issues and various non-security bugs. These security issues were fixed : - Fix nmbd denial of service (CVE-2014-0244) - Fix segmentation fault in smbd_marshall_dir_entry()'s SMB_FIND_FILE_UNIX handler (CVE-2014-3493) - Malformed FSCTL_SRV_ENUMERATE_SNAPSHOTS response (CVE-2014-0178) - DNS: Don't reply to replies (CVE-2014-0239)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 76341
    published 2014-07-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76341
    title openSUSE Security Update : samba (openSUSE-SU-2014:0859-1)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2014-0867.NASL
    description From Red Hat Security Advisory 2014:0867 : Updated samba packages that fix three security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Samba is an open source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. A denial of service flaw was found in the way the sys_recvfile() function of nmbd, the NetBIOS message block daemon, processed non-blocking sockets. An attacker could send a specially crafted packet that, when processed, would cause nmbd to enter an infinite loop and consume an excessive amount of CPU time. (CVE-2014-0244) A flaw was found in the way Samba created responses for certain authenticated client requests when a shadow-copy VFS module was enabled. An attacker able to send an authenticated request could use this flaw to disclose limited portions of memory per each request. (CVE-2014-0178) It was discovered that smbd, the Samba file server daemon, did not properly handle certain files that were stored on the disk and used a valid Unicode character in the file name. An attacker able to send an authenticated non-Unicode request that attempted to read such a file could cause smbd to crash. (CVE-2014-3493) Red Hat would like to thank Daniel Berteaud of FIREWALL-SERVICES SARL for reporting CVE-2014-0244, and the Samba project for reporting CVE-2014-0178 and CVE-2014-3493. The Samba project acknowledges Christof Schmitt as the original reporter of CVE-2014-0178, and Simon Arlott as the original reporter of CVE-2014-3493. All Samba users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, the smb service will be restarted automatically.
    last seen 2019-02-21
    modified 2015-12-01
    plugin id 76740
    published 2014-07-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76740
    title Oracle Linux 7 : samba (ELSA-2014-0867)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2014-449.NASL
    description samba was updated to fix three security issues and two non-security issues. These security issues were fixed : - Fix segmentation fault in smbd_marshall_dir_entry()'s SMB_FIND_FILE_UNIX handler (CVE-2014-3493) - Fix nmbd denial of service (CVE-2014-0244) - Fix malformed FSCTL_SRV_ENUMERATE_SNAPSHOTS response (CVE-2014-0178) These non-security issues were fixed : - Fix printer job purging; (bso#10612); (bnc#879390). - Package the get_printing_ticket binary with 0700 permissions on post-11.4 systems; (bnc#685093).
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 76340
    published 2014-07-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76340
    title openSUSE Security Update : samba (openSUSE-SU-2014:0857-1)
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2014-175-04.NASL
    description New samba packages are available for Slackware 14.0, 14.1, and -current to fix security issues.
    last seen 2018-09-01
    modified 2014-08-08
    plugin id 76207
    published 2014-06-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76207
    title Slackware 14.0 / 14.1 / current : samba (SSA:2014-175-04)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-2257-1.NASL
    description Christof Schmitt discovered that Samba incorrectly initialized a certain response field when vfs shadow copy was enabled. A remote authenticated attacker could use this issue to possibly obtain sensitive information. This issue only affected Ubuntu 13.10 and Ubuntu 14.04 LTS. (CVE-2014-0178) It was discovered that the Samba internal DNS server incorrectly handled QR fields when processing incoming DNS messages. A remote attacker could use this issue to cause Samba to consume resources, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2014-0239) Daniel Berteaud discovered that the Samba NetBIOS name service daemon incorrectly handled certain malformed packets. A remote attacker could use this issue to cause Samba to consume resources, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS, Ubuntu 13.10, and Ubuntu 14.04 LTS. (CVE-2014-0244) Simon Arlott discovered that Samba incorrectly handled certain unicode path names. A remote authenticated attacker could use this issue to cause Samba to stop responding, resulting in a denial of service. (CVE-2014-3493). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 76275
    published 2014-06-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76275
    title Ubuntu 10.04 LTS / 12.04 LTS / 13.10 / 14.04 LTS : samba vulnerabilities (USN-2257-1)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-2966.NASL
    description Multiple vulnerabilities were discovered and fixed in Samba, a SMB/CIFS file, print, and login server : - CVE-2014-0178 Information leak vulnerability in the VFS code, allowing an authenticated user to retrieve eight bytes of uninitialized memory when shadow copy is enabled. - CVE-2014-0244 Denial of service (infinite CPU loop) in the nmbd Netbios name service daemon. A malformed packet can cause the nmbd server to enter an infinite loop, preventing it to process later requests to the Netbios name service. - CVE-2014-3493 Denial of service (daemon crash) in the smbd file server daemon. An authenticated user attempting to read a Unicode path using a non-Unicode request can force the daemon to overwrite memory at an invalid address.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 76194
    published 2014-06-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76194
    title Debian DSA-2966-1 : samba - security update
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2014-0866.NASL
    description Updated samba3x and samba packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Samba is an open source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. A denial of service flaw was found in the way the sys_recvfile() function of nmbd, the NetBIOS message block daemon, processed non-blocking sockets. An attacker could send a specially crafted packet that, when processed, would cause nmbd to enter an infinite loop and consume an excessive amount of CPU time. (CVE-2014-0244) It was discovered that smbd, the Samba file server daemon, did not properly handle certain files that were stored on the disk and used a valid Unicode character in the file name. An attacker able to send an authenticated non-Unicode request that attempted to read such a file could cause smbd to crash. (CVE-2014-3493) Red Hat would like to thank Daniel Berteaud of FIREWALL-SERVICES SARL for reporting CVE-2014-0244, and the Samba project for reporting CVE-2014-3493. The Samba project acknowledges Simon Arlott as the original reporter of CVE-2014-3493. All Samba users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, the smb service will be restarted automatically.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 76431
    published 2014-07-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76431
    title CentOS 5 / 6 : samba / samba3x (CESA-2014:0866)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2014-1009.NASL
    description From Red Hat Security Advisory 2014:1009 : Updated samba4 packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Samba is an open source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in Samba's NetBIOS message block daemon (nmbd). An attacker on the local network could use this flaw to send specially crafted packets that, when processed by nmbd, could possibly lead to arbitrary code execution with root privileges. (CVE-2014-3560) All Samba users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, the smb service will be restarted automatically.
    last seen 2019-02-21
    modified 2016-04-27
    plugin id 77010
    published 2014-08-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77010
    title Oracle Linux 6 : samba4 (ELSA-2014-1009)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS11_SAMBA_20140915_2.NASL
    description The remote Solaris system is missing necessary patches to address security updates : - The sys_recvfrom function in nmbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed UDP packet. (CVE-2014-0244) - The push_ascii function in smbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote authenticated users to cause a denial of service (memory corruption and daemon crash) via an attempt to read a Unicode pathname without specifying use of Unicode, leading to a character-set conversion failure that triggers an invalid pointer dereference. (CVE-2014-3493)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 80769
    published 2015-01-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80769
    title Oracle Solaris Third-Party Patch Update : samba (multiple_vulnerabilities_in_samba1)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2014-136.NASL
    description Updated samba packages fix security vulnerabilities : Information leak vulnerability in the VFS code, allowing an authenticated user to retrieve eight bytes of uninitialized memory when shadow copy is enabled (CVE-2014-0178). Samba versions before 3.6.24, 4.0.19, and 4.1.9 are vulnerable to a denial of service on the nmbd NetBIOS name services daemon. A malformed packet can cause the nmbd server to loop the CPU and prevent any further NetBIOS name service (CVE-2014-0244). Samba versions before 3.6.24, 4.0.19, and 4.1.9 are affected by a denial of service crash involving overwriting memory on an authenticated connection to the smbd file server (CVE-2014-3493).
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 76480
    published 2014-07-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76480
    title Mandriva Linux Security Advisory : samba (MDVSA-2014:136)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2015-082.NASL
    description Updated samba packages fix security vulnerabilities : In Samba before 3.6.23, the SAMR server neglects to ensure that attempted password changes will update the bad password count, and does not set the lockout flags. This would allow a user unlimited attempts against the password by simply calling ChangePasswordUser2 repeatedly. This is available without any other authentication (CVE-2013-4496). Information leak vulnerability in the VFS code, allowing an authenticated user to retrieve eight bytes of uninitialized memory when shadow copy is enabled (CVE-2014-0178). Samba versions before 3.6.24, 4.0.19, and 4.1.9 are vulnerable to a denial of service on the nmbd NetBIOS name services daemon. A malformed packet can cause the nmbd server to loop the CPU and prevent any further NetBIOS ame service (CVE-2014-0244). Samba versions before 3.6.24, 4.0.19, and 4.1.9 are affected by a denial of service crash involving overwriting memory on an authenticated connection to the smbd file server (CVE-2014-3493). An uninitialized pointer use flaw was found in the Samba daemon (smbd). A malicious Samba client could send specially crafted netlogon packets that, when processed by smbd, could potentially lead to arbitrary code execution with the privileges of the user running smbd (by default, the root user) (CVE-2015-0240).
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 82335
    published 2015-03-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=82335
    title Mandriva Linux Security Advisory : samba (MDVSA-2015:082)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20140709_SAMBA_AND_SAMBA3X_ON_SL5_X.NASL
    description A denial of service flaw was found in the way the sys_recvfile() function of nmbd, the NetBIOS message block daemon, processed non-blocking sockets. An attacker could send a specially crafted packet that, when processed, would cause nmbd to enter an infinite loop and consume an excessive amount of CPU time. (CVE-2014-0244) It was discovered that smbd, the Samba file server daemon, did not properly handle certain files that were stored on the disk and used a valid Unicode character in the file name. An attacker able to send an authenticated non-Unicode request that attempted to read such a file could cause smbd to crash. (CVE-2014-3493) After installing this update, the smb service will be restarted automatically.
    last seen 2019-02-21
    modified 2018-12-28
    plugin id 76449
    published 2014-07-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76449
    title Scientific Linux Security Update : samba and samba3x on SL5.x, SL6.x i386/srpm/x86_64
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2014-0867.NASL
    description Updated samba packages that fix three security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Samba is an open source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. A denial of service flaw was found in the way the sys_recvfile() function of nmbd, the NetBIOS message block daemon, processed non-blocking sockets. An attacker could send a specially crafted packet that, when processed, would cause nmbd to enter an infinite loop and consume an excessive amount of CPU time. (CVE-2014-0244) A flaw was found in the way Samba created responses for certain authenticated client requests when a shadow-copy VFS module was enabled. An attacker able to send an authenticated request could use this flaw to disclose limited portions of memory per each request. (CVE-2014-0178) It was discovered that smbd, the Samba file server daemon, did not properly handle certain files that were stored on the disk and used a valid Unicode character in the file name. An attacker able to send an authenticated non-Unicode request that attempted to read such a file could cause smbd to crash. (CVE-2014-3493) Red Hat would like to thank Daniel Berteaud of FIREWALL-SERVICES SARL for reporting CVE-2014-0244, and the Samba project for reporting CVE-2014-0178 and CVE-2014-3493. The Samba project acknowledges Christof Schmitt as the original reporter of CVE-2014-0178, and Simon Arlott as the original reporter of CVE-2014-3493. All Samba users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, the smb service will be restarted automatically.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 76432
    published 2014-07-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76432
    title CentOS 7 : samba (CESA-2014:0867)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2014-0866.NASL
    description Updated samba3x and samba packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Samba is an open source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. A denial of service flaw was found in the way the sys_recvfile() function of nmbd, the NetBIOS message block daemon, processed non-blocking sockets. An attacker could send a specially crafted packet that, when processed, would cause nmbd to enter an infinite loop and consume an excessive amount of CPU time. (CVE-2014-0244) It was discovered that smbd, the Samba file server daemon, did not properly handle certain files that were stored on the disk and used a valid Unicode character in the file name. An attacker able to send an authenticated non-Unicode request that attempted to read such a file could cause smbd to crash. (CVE-2014-3493) Red Hat would like to thank Daniel Berteaud of FIREWALL-SERVICES SARL for reporting CVE-2014-0244, and the Samba project for reporting CVE-2014-3493. The Samba project acknowledges Simon Arlott as the original reporter of CVE-2014-3493. All Samba users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, the smb service will be restarted automatically.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 76447
    published 2014-07-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76447
    title RHEL 5 / 6 : samba and samba3x (RHSA-2014:0866)
  • NASL family Misc.
    NASL id IBM_STORWIZE_1_5_0_2.NASL
    description The remote IBM Storwize device is running a version that is 1.3.x prior to 1.4.3.4 or 1.5.x prior to 1.5.0.2. It is, therefore, affected by multiple vulnerabilities : - A denial of service vulnerability exists due to a flaw in the bundled version of Apache HTTP Server. A remote attacker can exploit this, via partial HTTP requests, to cause a daemon outage, resulting in a denial of service condition. (CVE-2007-6750) - An HTTP request smuggling vulnerability exists due to a flaw in the bundled version of Apache Tomcat; when an HTTP connector or AJP connector is used, Tomcat fails to properly handle certain inconsistent HTTP request headers. A remote attacker can exploit this flaw, via multiple Content-Length headers or a Content-Length header and a 'Transfer-Encoding: chunked' header, to smuggle an HTTP request in one or more Content-Length headers. (CVE-2013-4286) - A denial of service vulnerability exists in the bundled version of Apache Tomcat due to improper processing of chunked transfer coding with a large amount of chunked data or whitespace characters in an HTTP header value within a trailer field. An unauthenticated, remote attacker can exploit this to cause a denial of service condition. (CVE-2013-4322) - A denial of service vulnerability exists due to a flaw in the bundled version of Apache Tomcat; an integer overflow condition exists in the parseChunkHeader() function in ChunkedInputFilter.java. A remote attacker can exploit this, via a malformed chunk size that is part of a chunked request, to cause excessive consumption of resources, resulting in a denial of service condition. (CVE-2014-0075) - A remote code execution vulnerability exists due to a flaw in the bundled version of Apache Struts. A remote attacker can manipulate the ClassLoader via the class parameter, resulting in the execution of arbitrary Java code. (CVE-2014-0094) - An XML External Entity (XXE) injection vulnerability exists due to a flaw in the bundled version of Apache Tomcat; an incorrectly configured XML parser accepts XML external entities from an untrusted source via XSLT. A remote attacker can exploit this, by sending specially crafted XML data, to gain access to arbitrary files. (CVE-2014-0096) - An integer overflow condition exists in the bundled version of Apache Tomcat. A remote attacker, via a crafted Content-Length HTTP header, can conduct HTTP request smuggling attacks. (CVE-2014-0099) - An information disclosure vulnerability exists due to a flaw in the bundled version of Apache Tomcat. Tomcat fails to properly constrain the class loader that accesses the XML parser used with an XSLT stylesheet. A remote attacker can exploit this, via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, to read arbitrary files. (CVE-2014-0119) - A flaw exists in a bundled version of Samba due to a flaw in the vfswrap_fsctl() function that is triggered when responding to FSCTL_GET_SHADOW_COPY_DATA or FSCTL_SRV_ENUMERATE_SNAPSHOTS client requests. An unauthenticated, remote attacker can exploit this, via a specially crafted request, to disclose sensitive information from process memory. (CVE-2014-0178) - Multiple flaws exist in the bundled version of Mozilla Firefox that allow a remote attacker to execute arbitrary code. (CVE-2014-1555, CVE-2014-1556, CVE-2014-1557) - An information disclosure vulnerability exists due to the chkauth password being saved in plaintext in the audit log. A local attacker can exploit this to gain administrator access. (CVE-2014-3077) - A denial of service vulnerability exists due to a flaw in the bundled version of Samba. An authenticated, remote attacker can exploit this, via an attempt to read a Unicode pathname without specifying the use of Unicode, to cause an application crash. (CVE-2014-3493) - A security bypass vulnerability exists due to an unspecified flaw. A remote attacker can exploit this flaw to reset the administrator password to its default value via a direct request to the administrative IP address. Note that this vulnerability only affects the 1.4.x release levels. (CVE-2014-4811)
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 84401
    published 2015-06-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=84401
    title IBM Storwize 1.3.x < 1.4.3.4 / 1.5.x < 1.5.0.2 Multiple Vulnerabilities
redhat via4
advisories
  • bugzilla
    id 1108748
    title CVE-2014-3493 samba: smbd unicode path names denial of service
    oval
    OR
    • AND
      • comment Red Hat Enterprise Linux 5 is installed
        oval oval:com.redhat.rhsa:tst:20070055001
      • OR
        • AND
          • comment samba3x is earlier than 0:3.6.6-0.140.el5_10
            oval oval:com.redhat.rhsa:tst:20140866002
          • comment samba3x is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100488029
        • AND
          • comment samba3x-client is earlier than 0:3.6.6-0.140.el5_10
            oval oval:com.redhat.rhsa:tst:20140866014
          • comment samba3x-client is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100488043
        • AND
          • comment samba3x-common is earlier than 0:3.6.6-0.140.el5_10
            oval oval:com.redhat.rhsa:tst:20140866006
          • comment samba3x-common is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100488031
        • AND
          • comment samba3x-doc is earlier than 0:3.6.6-0.140.el5_10
            oval oval:com.redhat.rhsa:tst:20140866008
          • comment samba3x-doc is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100488035
        • AND
          • comment samba3x-domainjoin-gui is earlier than 0:3.6.6-0.140.el5_10
            oval oval:com.redhat.rhsa:tst:20140866004
          • comment samba3x-domainjoin-gui is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100488041
        • AND
          • comment samba3x-swat is earlier than 0:3.6.6-0.140.el5_10
            oval oval:com.redhat.rhsa:tst:20140866010
          • comment samba3x-swat is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100488045
        • AND
          • comment samba3x-winbind is earlier than 0:3.6.6-0.140.el5_10
            oval oval:com.redhat.rhsa:tst:20140866016
          • comment samba3x-winbind is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100488053
        • AND
          • comment samba3x-winbind-devel is earlier than 0:3.6.6-0.140.el5_10
            oval oval:com.redhat.rhsa:tst:20140866012
          • comment samba3x-winbind-devel is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100488047
    • AND
      • OR
        • comment Red Hat Enterprise Linux 6 Client is installed
          oval oval:com.redhat.rhsa:tst:20100842001
        • comment Red Hat Enterprise Linux 6 Server is installed
          oval oval:com.redhat.rhsa:tst:20100842002
        • comment Red Hat Enterprise Linux 6 Workstation is installed
          oval oval:com.redhat.rhsa:tst:20100842003
        • comment Red Hat Enterprise Linux 6 ComputeNode is installed
          oval oval:com.redhat.rhsa:tst:20100842004
      • OR
        • AND
          • comment libsmbclient is earlier than 0:3.6.9-169.el6_5
            oval oval:com.redhat.rhsa:tst:20140866040
          • comment libsmbclient is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100860012
        • AND
          • comment libsmbclient-devel is earlier than 0:3.6.9-169.el6_5
            oval oval:com.redhat.rhsa:tst:20140866044
          • comment libsmbclient-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100860022
        • AND
          • comment samba is earlier than 0:3.6.9-169.el6_5
            oval oval:com.redhat.rhsa:tst:20140866022
          • comment samba is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100860006
        • AND
          • comment samba-client is earlier than 0:3.6.9-169.el6_5
            oval oval:com.redhat.rhsa:tst:20140866034
          • comment samba-client is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100860014
        • AND
          • comment samba-common is earlier than 0:3.6.9-169.el6_5
            oval oval:com.redhat.rhsa:tst:20140866042
          • comment samba-common is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100860016
        • AND
          • comment samba-doc is earlier than 0:3.6.9-169.el6_5
            oval oval:com.redhat.rhsa:tst:20140866024
          • comment samba-doc is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100860026
        • AND
          • comment samba-domainjoin-gui is earlier than 0:3.6.9-169.el6_5
            oval oval:com.redhat.rhsa:tst:20140866036
          • comment samba-domainjoin-gui is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100860024
        • AND
          • comment samba-swat is earlier than 0:3.6.9-169.el6_5
            oval oval:com.redhat.rhsa:tst:20140866028
          • comment samba-swat is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100860008
        • AND
          • comment samba-winbind is earlier than 0:3.6.9-169.el6_5
            oval oval:com.redhat.rhsa:tst:20140866032
          • comment samba-winbind is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100860010
        • AND
          • comment samba-winbind-clients is earlier than 0:3.6.9-169.el6_5
            oval oval:com.redhat.rhsa:tst:20140866030
          • comment samba-winbind-clients is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100860020
        • AND
          • comment samba-winbind-devel is earlier than 0:3.6.9-169.el6_5
            oval oval:com.redhat.rhsa:tst:20140866026
          • comment samba-winbind-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100860018
        • AND
          • comment samba-winbind-krb5-locator is earlier than 0:3.6.9-169.el6_5
            oval oval:com.redhat.rhsa:tst:20140866038
          • comment samba-winbind-krb5-locator is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20111221018
    rhsa
    id RHSA-2014:0866
    released 2014-07-09
    severity Moderate
    title RHSA-2014:0866: samba and samba3x security update (Moderate)
  • bugzilla
    id 1108748
    title CVE-2014-3493 samba: smbd unicode path names denial of service
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 7 Client is installed
        oval oval:com.redhat.rhsa:tst:20140675001
      • comment Red Hat Enterprise Linux 7 Server is installed
        oval oval:com.redhat.rhsa:tst:20140675002
      • comment Red Hat Enterprise Linux 7 Workstation is installed
        oval oval:com.redhat.rhsa:tst:20140675003
      • comment Red Hat Enterprise Linux 7 ComputeNode is installed
        oval oval:com.redhat.rhsa:tst:20140675004
    • OR
      • AND
        • comment libsmbclient is earlier than 0:4.1.1-35.el7_0
          oval oval:com.redhat.rhsa:tst:20140867037
        • comment libsmbclient is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100860012
      • AND
        • comment libsmbclient-devel is earlier than 0:4.1.1-35.el7_0
          oval oval:com.redhat.rhsa:tst:20140867031
        • comment libsmbclient-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100860022
      • AND
        • comment libwbclient is earlier than 0:4.1.1-35.el7_0
          oval oval:com.redhat.rhsa:tst:20140867025
        • comment libwbclient is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140867026
      • AND
        • comment libwbclient-devel is earlier than 0:4.1.1-35.el7_0
          oval oval:com.redhat.rhsa:tst:20140867007
        • comment libwbclient-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140867008
      • AND
        • comment samba is earlier than 0:4.1.1-35.el7_0
          oval oval:com.redhat.rhsa:tst:20140867005
        • comment samba is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100860006
      • AND
        • comment samba-client is earlier than 0:4.1.1-35.el7_0
          oval oval:com.redhat.rhsa:tst:20140867041
        • comment samba-client is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100860014
      • AND
        • comment samba-common is earlier than 0:4.1.1-35.el7_0
          oval oval:com.redhat.rhsa:tst:20140867033
        • comment samba-common is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100860016
      • AND
        • comment samba-dc is earlier than 0:4.1.1-35.el7_0
          oval oval:com.redhat.rhsa:tst:20140867027
        • comment samba-dc is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140867028
      • AND
        • comment samba-dc-libs is earlier than 0:4.1.1-35.el7_0
          oval oval:com.redhat.rhsa:tst:20140867013
        • comment samba-dc-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140867014
      • AND
        • comment samba-devel is earlier than 0:4.1.1-35.el7_0
          oval oval:com.redhat.rhsa:tst:20140867019
        • comment samba-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140867020
      • AND
        • comment samba-libs is earlier than 0:4.1.1-35.el7_0
          oval oval:com.redhat.rhsa:tst:20140867023
        • comment samba-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140867024
      • AND
        • comment samba-pidl is earlier than 0:4.1.1-35.el7_0
          oval oval:com.redhat.rhsa:tst:20140867021
        • comment samba-pidl is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140867022
      • AND
        • comment samba-python is earlier than 0:4.1.1-35.el7_0
          oval oval:com.redhat.rhsa:tst:20140867009
        • comment samba-python is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140867010
      • AND
        • comment samba-test is earlier than 0:4.1.1-35.el7_0
          oval oval:com.redhat.rhsa:tst:20140867039
        • comment samba-test is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140867040
      • AND
        • comment samba-test-devel is earlier than 0:4.1.1-35.el7_0
          oval oval:com.redhat.rhsa:tst:20140867029
        • comment samba-test-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140867030
      • AND
        • comment samba-vfs-glusterfs is earlier than 0:4.1.1-35.el7_0
          oval oval:com.redhat.rhsa:tst:20140867043
        • comment samba-vfs-glusterfs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140867044
      • AND
        • comment samba-winbind is earlier than 0:4.1.1-35.el7_0
          oval oval:com.redhat.rhsa:tst:20140867035
        • comment samba-winbind is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100860010
      • AND
        • comment samba-winbind-clients is earlier than 0:4.1.1-35.el7_0
          oval oval:com.redhat.rhsa:tst:20140867017
        • comment samba-winbind-clients is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100860020
      • AND
        • comment samba-winbind-krb5-locator is earlier than 0:4.1.1-35.el7_0
          oval oval:com.redhat.rhsa:tst:20140867011
        • comment samba-winbind-krb5-locator is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20111221018
      • AND
        • comment samba-winbind-modules is earlier than 0:4.1.1-35.el7_0
          oval oval:com.redhat.rhsa:tst:20140867015
        • comment samba-winbind-modules is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140867016
    rhsa
    id RHSA-2014:0867
    released 2014-07-09
    severity Moderate
    title RHSA-2014:0867: samba security update (Moderate)
rpms
  • samba3x-0:3.6.6-0.140.el5_10
  • samba3x-client-0:3.6.6-0.140.el5_10
  • samba3x-common-0:3.6.6-0.140.el5_10
  • samba3x-doc-0:3.6.6-0.140.el5_10
  • samba3x-domainjoin-gui-0:3.6.6-0.140.el5_10
  • samba3x-swat-0:3.6.6-0.140.el5_10
  • samba3x-winbind-0:3.6.6-0.140.el5_10
  • samba3x-winbind-devel-0:3.6.6-0.140.el5_10
  • libsmbclient-0:3.6.9-169.el6_5
  • libsmbclient-devel-0:3.6.9-169.el6_5
  • samba-0:3.6.9-169.el6_5
  • samba-client-0:3.6.9-169.el6_5
  • samba-common-0:3.6.9-169.el6_5
  • samba-doc-0:3.6.9-169.el6_5
  • samba-domainjoin-gui-0:3.6.9-169.el6_5
  • samba-swat-0:3.6.9-169.el6_5
  • samba-winbind-0:3.6.9-169.el6_5
  • samba-winbind-clients-0:3.6.9-169.el6_5
  • samba-winbind-devel-0:3.6.9-169.el6_5
  • samba-winbind-krb5-locator-0:3.6.9-169.el6_5
  • libsmbclient-0:4.1.1-35.el7_0
  • libsmbclient-devel-0:4.1.1-35.el7_0
  • libwbclient-0:4.1.1-35.el7_0
  • libwbclient-devel-0:4.1.1-35.el7_0
  • samba-0:4.1.1-35.el7_0
  • samba-client-0:4.1.1-35.el7_0
  • samba-common-0:4.1.1-35.el7_0
  • samba-dc-0:4.1.1-35.el7_0
  • samba-dc-libs-0:4.1.1-35.el7_0
  • samba-devel-0:4.1.1-35.el7_0
  • samba-libs-0:4.1.1-35.el7_0
  • samba-pidl-0:4.1.1-35.el7_0
  • samba-python-0:4.1.1-35.el7_0
  • samba-test-0:4.1.1-35.el7_0
  • samba-test-devel-0:4.1.1-35.el7_0
  • samba-vfs-glusterfs-0:4.1.1-35.el7_0
  • samba-winbind-0:4.1.1-35.el7_0
  • samba-winbind-clients-0:4.1.1-35.el7_0
  • samba-winbind-krb5-locator-0:4.1.1-35.el7_0
  • samba-winbind-modules-0:4.1.1-35.el7_0
  • samba4-0:4.0.0-63.el6_5.rc4
  • samba4-client-0:4.0.0-63.el6_5.rc4
  • samba4-common-0:4.0.0-63.el6_5.rc4
  • samba4-dc-0:4.0.0-63.el6_5.rc4
  • samba4-dc-libs-0:4.0.0-63.el6_5.rc4
  • samba4-devel-0:4.0.0-63.el6_5.rc4
  • samba4-libs-0:4.0.0-63.el6_5.rc4
  • samba4-pidl-0:4.0.0-63.el6_5.rc4
  • samba4-python-0:4.0.0-63.el6_5.rc4
  • samba4-swat-0:4.0.0-63.el6_5.rc4
  • samba4-test-0:4.0.0-63.el6_5.rc4
  • samba4-winbind-0:4.0.0-63.el6_5.rc4
  • samba4-winbind-clients-0:4.0.0-63.el6_5.rc4
  • samba4-winbind-krb5-locator-0:4.0.0-63.el6_5.rc4
refmap via4
bid 68150
bugtraq 20140711 [ MDVSA-2014:136 ] samba
confirm
fedora
  • FEDORA-2014-7672
  • FEDORA-2014-9132
gentoo GLSA-201502-15
mandriva
  • MDVSA-2014:136
  • MDVSA-2015:082
sectrack 1030455
secunia
  • 59378
  • 59407
  • 59433
  • 59579
  • 59834
  • 59848
  • 59919
  • 61218
Last major update 06-01-2017 - 22:00
Published 23-06-2014 - 10:55
Last modified 09-10-2018 - 15:44
Back to Top