ID CVE-2014-3560
Summary NetBIOS name services daemon (nmbd) in Samba 4.0.x before 4.0.21 and 4.1.x before 4.1.11 allows remote attackers to execute arbitrary code via unspecified vectors that modify heap memory, involving a sizeof operation on an incorrect variable in the unstrcpy macro in string_wrappers.h.
References
Vulnerable Configurations
  • Red Hat Enterprise Linux (RHEL) 7.0 (7)
    cpe:2.3:o:redhat:enterprise_linux:7.0
  • Red Hat Enterprise Linux 6
    cpe:2.3:o:redhat:enterprise_linux:6
  • Canonical Ubuntu Linux 14.04 LTS (Long-Term Support)
    cpe:2.3:o:canonical:ubuntu_linux:14.04:-:-:-:lts
  • Samba 4.1.10
    cpe:2.3:a:samba:samba:4.1.10
  • Samba 4.1.0
    cpe:2.3:a:samba:samba:4.1.0
  • Samba 4.1.1
    cpe:2.3:a:samba:samba:4.1.1
  • Samba 4.1.2
    cpe:2.3:a:samba:samba:4.1.2
  • Samba 4.1.3
    cpe:2.3:a:samba:samba:4.1.3
  • Samba 4.1.4
    cpe:2.3:a:samba:samba:4.1.4
  • Samba 4.1.5
    cpe:2.3:a:samba:samba:4.1.5
  • Samba 4.1.6
    cpe:2.3:a:samba:samba:4.1.6
  • Samba 4.1.7
    cpe:2.3:a:samba:samba:4.1.7
  • Samba 4.1.8
    cpe:2.3:a:samba:samba:4.1.8
  • Samba 4.1.9
    cpe:2.3:a:samba:samba:4.1.9
  • Samba 4.0.20
    cpe:2.3:a:samba:samba:4.0.20
  • Samba 4.0.0
    cpe:2.3:a:samba:samba:4.0.0
  • Samba 4.0.1
    cpe:2.3:a:samba:samba:4.0.1
  • Samba 4.0.10
    cpe:2.3:a:samba:samba:4.0.10
  • Samba 4.0.11
    cpe:2.3:a:samba:samba:4.0.11
  • Samba 4.0.12
    cpe:2.3:a:samba:samba:4.0.12
  • Samba 4.0.13
    cpe:2.3:a:samba:samba:4.0.13
  • Samba 4.0.14
    cpe:2.3:a:samba:samba:4.0.14
  • Samba 4.0.15
    cpe:2.3:a:samba:samba:4.0.15
  • Samba 4.0.16
    cpe:2.3:a:samba:samba:4.0.16
  • Samba 4.0.17
    cpe:2.3:a:samba:samba:4.0.17
  • Samba 4.0.18
    cpe:2.3:a:samba:samba:4.0.18
  • Samba 4.0.19
    cpe:2.3:a:samba:samba:4.0.19
  • Samba 4.0.2
    cpe:2.3:a:samba:samba:4.0.2
  • Samba 4.0.3
    cpe:2.3:a:samba:samba:4.0.3
  • Samba 4.0.4
    cpe:2.3:a:samba:samba:4.0.4
  • Samba 4.0.5
    cpe:2.3:a:samba:samba:4.0.5
  • Samba 4.0.6
    cpe:2.3:a:samba:samba:4.0.6
  • Samba 4.0.7
    cpe:2.3:a:samba:samba:4.0.7
  • Samba 4.0.8
    cpe:2.3:a:samba:samba:4.0.8
  • Samba 4.0.9
    cpe:2.3:a:samba:samba:4.0.9
CVSS
Base: 7.9 (as of 07-08-2014 - 08:06)
Impact:
Exploitability:
CWE CWE-94
CAPEC
  • Leverage Executable Code in Non-Executable Files
    An attack of this type exploits a system's trust in configuration and resource files, when the executable loads the resource (such as an image file or configuration file) the attacker has modified the file to either execute malicious code directly or manipulate the target process (e.g. application server) to execute based on the malicious configuration parameters. Since systems are increasingly interrelated mashing up resources from local and remote sources the possibility of this attack occurring is high. The attack can be directed at a client system, such as causing buffer overrun through loading seemingly benign image files, as in Microsoft Security Bulletin MS04-028 where specially crafted JPEG files could cause a buffer overrun once loaded into the browser. Another example targets clients reading pdf files. In this case the attacker simply appends javascript to the end of a legitimate url for a pdf (http://www.gnucitizen.org/blog/danger-danger-danger/) http://path/to/pdf/file.pdf#whatever_name_you_want=javascript:your_code_here The client assumes that they are reading a pdf, but the attacker has modified the resource and loaded executable javascript into the client's browser process. The attack can also target server processes. The attacker edits the resource or configuration file, for example a web.xml file used to configure security permissions for a J2EE app server, adding role name "public" grants all users with the public role the ability to use the administration functionality. The server trusts its configuration file to be correct, but when they are manipulated, the attacker gains full control.
  • Manipulating User-Controlled Variables
    This attack targets user controlled variables (DEBUG=1, PHP Globals, and So Forth). An attacker can override environment variables leveraging user-supplied, untrusted query variables directly used on the application server without any data sanitization. In extreme cases, the attacker can change variables controlling the business logic of the application. For instance, in languages like PHP, a number of poorly set default configurations may allow the user to override variables.
Access
VectorComplexityAuthentication
ADJACENT_NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-2305-1.NASL
    description Volker Lendecke discovered that the Samba NetBIOS name service daemon incorrectly handled certain memory operations. A remote attacker could use this issue to execute arbitrary code as the root user. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 76991
    published 2014-08-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76991
    title Ubuntu 14.04 LTS : samba vulnerability (USN-2305-1)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2014-1008.NASL
    description From Red Hat Security Advisory 2014:1008 : Updated samba packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Samba is an open source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in Samba's NetBIOS message block daemon (nmbd). An attacker on the local network could use this flaw to send specially crafted packets that, when processed by nmbd, could possibly lead to arbitrary code execution with root privileges. (CVE-2014-3560) This update also fixes the following bug : * Prior to this update, Samba incorrectly used the O_TRUNC flag when using the open(2) system call to access the contents of a file that was already opened by a different process, causing the file's previous contents to be removed. With this update, the O_TRUNC flag is no longer used in the above scenario, and file corruption no longer occurs. (BZ#1115490) All Samba users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, the smb service will be restarted automatically.
    last seen 2019-02-21
    modified 2015-12-01
    plugin id 77009
    published 2014-08-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77009
    title Oracle Linux 7 : samba (ELSA-2014-1008)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2014-1008.NASL
    description Updated samba packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Samba is an open source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in Samba's NetBIOS message block daemon (nmbd). An attacker on the local network could use this flaw to send specially crafted packets that, when processed by nmbd, could possibly lead to arbitrary code execution with root privileges. (CVE-2014-3560) This update also fixes the following bug : * Prior to this update, Samba incorrectly used the O_TRUNC flag when using the open(2) system call to access the contents of a file that was already opened by a different process, causing the file's previous contents to be removed. With this update, the O_TRUNC flag is no longer used in the above scenario, and file corruption no longer occurs. (BZ#1115490) All Samba users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, the smb service will be restarted automatically.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 77058
    published 2014-08-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77058
    title CentOS 7 : samba (CESA-2014:1008)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2014-9141.NASL
    description resolves: #1126015 - Fix CVE-2014-3560 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-19
    plugin id 77073
    published 2014-08-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77073
    title Fedora 20 : samba-4.1.9-4.fc20 (2014-9141)
  • NASL family Misc.
    NASL id SAMBA_4_1_11.NASL
    description According to its banner, the version of Samba on the remote host is 4.x prior to 4.0.21 / 4.1.11. It is, therefore, affected by a flaw in the NetBIOS name services daemon (nmbd). This flaw may allow an attacker to execute arbitrary code as the superuser. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 76973
    published 2014-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76973
    title Samba 4.x < 4.0.21 / 4.1.11 nmbd Remote Code Execution
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2014-507.NASL
    description This samba update fixes the following security and non security issues : - Fix winbind service parameter usage; (bnc#890005). - lib/param: change the default for 'winbind expand groups' to '0'; (bnc#890008). - Update to 4.1.11. + A malicious browser can send packets that may overwrite the heap of the target nmbd NetBIOS name services daemon; CVE-2014-3560; (bnc#889429). - Fix 'net time' segfault; (bso#10728); (bnc#889539). - Update to 4.1.10. + net/doc: Make clear that net vampire is for NT4 domains only; (bso#3263). + dbcheck: Add check and test for various invalid userParameters values; (bso#8077). + s4:dsdb/samldb: Don't allow 'userParameters' to be modified over LDAP for now; (bso#8077). + Simple use case results in 'no talloc stackframe around, leaking memory' error; (bso#8449). + s4:dsdb/repl_meta_data: Make sure objectGUID can't be deleted; (bso#9763). + dsdb: Always store and return the userParameters as a array of LE 16-bit values; (bso#10130). + s4:repl_meta_data: fix array assignment in replmd_process_linked_attribute(); (bso#10294). + ldb-samba: fix a memory leak in ldif_canonicalise_objectCategory(); (bso#10469). + dbchecker: Verify and fix broken dn values; (bso#10536). + dsdb: Rename private_data to rootdse_private_data in rootdse; (bso#10582). + s3: libsmbclient: Work around bugs in SLES cifsd and Apple smbx SMB1 servers; (bso#10587). + Fix 'PANIC: assert failed at ../source3/smbd/open.c(1582): ret'; (bso#10593). + rid_array used before status checked - segmentation fault due to NULL pointer dereference; (bso#10627). + Samba won't start on a machine configured with only IPv4; (bso#10653). + msg_channel: Fix a 100% CPU loop; (bso#10663). + s3: smbd: Prevent file truncation on an open that fails with share mode violation; (bso#10671); (bnc#884056). + s3: SMB2: Fix leak of blocking lock records in the database; (bso#10673). + samba-tool: Add --site parameter to provision command; (bso#10674). + smbstatus: Fix an uninitialized variable; (bso#10680). + SMB1 blocking locks can fail notification on unlock, causing client timeout; (bso#10684). + s3: smbd: Locking, fix off-by one calculation in brl_pending_overlap(); (bso#10685). + 'RW2' smbtorture test fails when -N is set to 2 due to the invalid status check in the second client; (bso#10687). + wbcCredentialCache fails if challenge_blob is not first; (bso#10692). + Backport ldb-1.1.17 + changes from master; (bso#10693). + Fix SEGV from improperly formed SUBSTRING/PRESENCE filter; (bso#10693). + ldb: Add a env variable to disable RTLD_DEEPBIND; (bso#10693). + ldb: Do not build libldb-cmdline when using system ldb; (bso#10693). + ldb: Fix 1138330 Dereference null return value, fix CIDs 241329, 240798, 1034791, 1034792 1034910, 1034910); (bso#10693). + ldb: make the successful ldb_transaction_start() message clearer; (bso#10693). + ldb:pyldb: Add some more helper functions for LdbDn; (bso#10693). + ldb: Use of NULL pointer bugfix; (bso#10693). + lib/ldb: Fix compiler warnings; (bso#10693). + pyldb: Decrement ref counters on py_results and quiet warnings; (bso#10693). + s4-openldap: Remove use of talloc_reference in ldb_map_outbound.c; (bso#10693). + dsdb: Return NO_SUCH_OBJECT if a basedn is a deleted object; (bso#10694). + s4:dsdb/extended_dn_in: Don't force DSDB_SEARCH_SHOW_RECYCLED; (bso#10694). + Backport autobuild/selftest fixes from master; (bso#10696). + Backport drs-crackname fixes from master; (bso#10698). + smbd: Avoid double-free in get_print_db_byname; (bso#10699). + Backport access check related fixes from master; (bso#10700). + Backport provision fixes from master; (bso#10703). + s3:smb2_read: let smb2_sendfile_send_data() behave like send_file_readX(); (bso#10706). + s3: Fix missing braces in nfs4_acls.c. - Add missing newline to debug message in daemon_ready(); (bnc#865627). - BuildRequire systemd-devel, configure --with-systemd, and modify the service files accordingly on post-12.2 systems; (bso#10517); (bnc#865627). - Prevent file truncation on an open that fails with share mode violation; (bso#10671); (bnc#884056). Dependend libraries were version updated : libtdb was updated to version 1.3.0. (lots of bugfixes, some new functionality) libtevent was updated to 0.9.21. (lots of bugfixes, some new functionality) libldb was updated to to 1.1.17 (lots of bugfixes, some new functionality) libtalloc was updated to 2.1.1. (lots of bugfixes, some new functionality)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 77296
    published 2014-08-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77296
    title openSUSE Security Update : samba (openSUSE-SU-2014:1040-1)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_89FF45E31A5711E4BEBD000C2980A9F3.NASL
    description Samba developers report : A malicious browser can send packets that may overwrite the heap of the target nmbd NetBIOS name services daemon. It may be possible to use this to generate a remote code execution vulnerability as the superuser (root).
    last seen 2019-02-21
    modified 2018-11-21
    plugin id 76985
    published 2014-08-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76985
    title FreeBSD : samba -- remote code execution (89ff45e3-1a57-11e4-bebd-000c2980a9f3)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2014-1008.NASL
    description Updated samba packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Samba is an open source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in Samba's NetBIOS message block daemon (nmbd). An attacker on the local network could use this flaw to send specially crafted packets that, when processed by nmbd, could possibly lead to arbitrary code execution with root privileges. (CVE-2014-3560) This update also fixes the following bug : * Prior to this update, Samba incorrectly used the O_TRUNC flag when using the open(2) system call to access the contents of a file that was already opened by a different process, causing the file's previous contents to be removed. With this update, the O_TRUNC flag is no longer used in the above scenario, and file corruption no longer occurs. (BZ#1115490) All Samba users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, the smb service will be restarted automatically.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 77012
    published 2014-08-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77012
    title RHEL 7 : samba (RHSA-2014:1008)
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2014-213-01.NASL
    description New samba packages are available for Slackware 14.1 and -current to fix a security issue.
    last seen 2019-02-21
    modified 2015-01-25
    plugin id 76974
    published 2014-08-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76974
    title Slackware 14.1 / current : samba (SSA:2014-213-01)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2014-9132.NASL
    description Update to Samba 4.0.21. CVE-2014-3560. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2017-01-10
    plugin id 77268
    published 2014-08-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77268
    title Fedora 19 : samba-4.0.21-1.fc19 (2014-9132)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20140805_SAMBA4_ON_SL6_X.NASL
    description A heap-based buffer overflow flaw was found in Samba's NetBIOS message block daemon (nmbd). An attacker on the local network could use this flaw to send specially crafted packets that, when processed by nmbd, could possibly lead to arbitrary code execution with root privileges. (CVE-2014-3560) After installing this update, the smb service will be restarted automatically.
    last seen 2019-02-21
    modified 2018-12-28
    plugin id 77017
    published 2014-08-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77017
    title Scientific Linux Security Update : samba4 on SL6.x i386/x86_64
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2014-1009.NASL
    description Updated samba4 packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Samba is an open source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in Samba's NetBIOS message block daemon (nmbd). An attacker on the local network could use this flaw to send specially crafted packets that, when processed by nmbd, could possibly lead to arbitrary code execution with root privileges. (CVE-2014-3560) All Samba users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, the smb service will be restarted automatically.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 77013
    published 2014-08-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77013
    title RHEL 6 : samba4 (RHSA-2014:1009)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2014-1009.NASL
    description Updated samba4 packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Samba is an open source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in Samba's NetBIOS message block daemon (nmbd). An attacker on the local network could use this flaw to send specially crafted packets that, when processed by nmbd, could possibly lead to arbitrary code execution with root privileges. (CVE-2014-3560) All Samba users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, the smb service will be restarted automatically.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 77006
    published 2014-08-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77006
    title CentOS 6 : samba4 (CESA-2014:1009)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2014-1009.NASL
    description From Red Hat Security Advisory 2014:1009 : Updated samba4 packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Samba is an open source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in Samba's NetBIOS message block daemon (nmbd). An attacker on the local network could use this flaw to send specially crafted packets that, when processed by nmbd, could possibly lead to arbitrary code execution with root privileges. (CVE-2014-3560) All Samba users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, the smb service will be restarted automatically.
    last seen 2019-02-21
    modified 2016-04-27
    plugin id 77010
    published 2014-08-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77010
    title Oracle Linux 6 : samba4 (ELSA-2014-1009)
redhat via4
advisories
  • bugzilla
    id 1126010
    title CVE-2014-3560 samba: remote code execution in nmbd
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 7 Client is installed
        oval oval:com.redhat.rhsa:tst:20140675001
      • comment Red Hat Enterprise Linux 7 Server is installed
        oval oval:com.redhat.rhsa:tst:20140675002
      • comment Red Hat Enterprise Linux 7 Workstation is installed
        oval oval:com.redhat.rhsa:tst:20140675003
      • comment Red Hat Enterprise Linux 7 ComputeNode is installed
        oval oval:com.redhat.rhsa:tst:20140675004
    • OR
      • AND
        • comment libsmbclient is earlier than 0:4.1.1-37.el7_0
          oval oval:com.redhat.rhsa:tst:20141008033
        • comment libsmbclient is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100860012
      • AND
        • comment libsmbclient-devel is earlier than 0:4.1.1-37.el7_0
          oval oval:com.redhat.rhsa:tst:20141008041
        • comment libsmbclient-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100860022
      • AND
        • comment libwbclient is earlier than 0:4.1.1-37.el7_0
          oval oval:com.redhat.rhsa:tst:20141008007
        • comment libwbclient is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140867026
      • AND
        • comment libwbclient-devel is earlier than 0:4.1.1-37.el7_0
          oval oval:com.redhat.rhsa:tst:20141008039
        • comment libwbclient-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140867008
      • AND
        • comment samba is earlier than 0:4.1.1-37.el7_0
          oval oval:com.redhat.rhsa:tst:20141008005
        • comment samba is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100860006
      • AND
        • comment samba-client is earlier than 0:4.1.1-37.el7_0
          oval oval:com.redhat.rhsa:tst:20141008015
        • comment samba-client is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100860014
      • AND
        • comment samba-common is earlier than 0:4.1.1-37.el7_0
          oval oval:com.redhat.rhsa:tst:20141008031
        • comment samba-common is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100860016
      • AND
        • comment samba-dc is earlier than 0:4.1.1-37.el7_0
          oval oval:com.redhat.rhsa:tst:20141008027
        • comment samba-dc is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140867028
      • AND
        • comment samba-dc-libs is earlier than 0:4.1.1-37.el7_0
          oval oval:com.redhat.rhsa:tst:20141008023
        • comment samba-dc-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140867014
      • AND
        • comment samba-devel is earlier than 0:4.1.1-37.el7_0
          oval oval:com.redhat.rhsa:tst:20141008019
        • comment samba-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140867020
      • AND
        • comment samba-libs is earlier than 0:4.1.1-37.el7_0
          oval oval:com.redhat.rhsa:tst:20141008009
        • comment samba-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140867024
      • AND
        • comment samba-pidl is earlier than 0:4.1.1-37.el7_0
          oval oval:com.redhat.rhsa:tst:20141008017
        • comment samba-pidl is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140867022
      • AND
        • comment samba-python is earlier than 0:4.1.1-37.el7_0
          oval oval:com.redhat.rhsa:tst:20141008029
        • comment samba-python is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140867010
      • AND
        • comment samba-test is earlier than 0:4.1.1-37.el7_0
          oval oval:com.redhat.rhsa:tst:20141008035
        • comment samba-test is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140867040
      • AND
        • comment samba-test-devel is earlier than 0:4.1.1-37.el7_0
          oval oval:com.redhat.rhsa:tst:20141008021
        • comment samba-test-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140867030
      • AND
        • comment samba-vfs-glusterfs is earlier than 0:4.1.1-37.el7_0
          oval oval:com.redhat.rhsa:tst:20141008043
        • comment samba-vfs-glusterfs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140867044
      • AND
        • comment samba-winbind is earlier than 0:4.1.1-37.el7_0
          oval oval:com.redhat.rhsa:tst:20141008011
        • comment samba-winbind is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100860010
      • AND
        • comment samba-winbind-clients is earlier than 0:4.1.1-37.el7_0
          oval oval:com.redhat.rhsa:tst:20141008013
        • comment samba-winbind-clients is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100860020
      • AND
        • comment samba-winbind-krb5-locator is earlier than 0:4.1.1-37.el7_0
          oval oval:com.redhat.rhsa:tst:20141008037
        • comment samba-winbind-krb5-locator is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20111221018
      • AND
        • comment samba-winbind-modules is earlier than 0:4.1.1-37.el7_0
          oval oval:com.redhat.rhsa:tst:20141008025
        • comment samba-winbind-modules is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140867016
    rhsa
    id RHSA-2014:1008
    released 2014-08-05
    severity Important
    title RHSA-2014:1008: samba security and bug fix update (Important)
  • bugzilla
    id 1126010
    title CVE-2014-3560 samba: remote code execution in nmbd
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 6 Client is installed
        oval oval:com.redhat.rhsa:tst:20100842001
      • comment Red Hat Enterprise Linux 6 Server is installed
        oval oval:com.redhat.rhsa:tst:20100842002
      • comment Red Hat Enterprise Linux 6 Workstation is installed
        oval oval:com.redhat.rhsa:tst:20100842003
      • comment Red Hat Enterprise Linux 6 ComputeNode is installed
        oval oval:com.redhat.rhsa:tst:20100842004
    • OR
      • AND
        • comment samba4 is earlier than 0:4.0.0-63.el6_5.rc4
          oval oval:com.redhat.rhsa:tst:20141009005
        • comment samba4 is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20130506006
      • AND
        • comment samba4-client is earlier than 0:4.0.0-63.el6_5.rc4
          oval oval:com.redhat.rhsa:tst:20141009009
        • comment samba4-client is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20130506014
      • AND
        • comment samba4-common is earlier than 0:4.0.0-63.el6_5.rc4
          oval oval:com.redhat.rhsa:tst:20141009029
        • comment samba4-common is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20130506022
      • AND
        • comment samba4-dc is earlier than 0:4.0.0-63.el6_5.rc4
          oval oval:com.redhat.rhsa:tst:20141009011
        • comment samba4-dc is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20130506020
      • AND
        • comment samba4-dc-libs is earlier than 0:4.0.0-63.el6_5.rc4
          oval oval:com.redhat.rhsa:tst:20141009025
        • comment samba4-dc-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20130506028
      • AND
        • comment samba4-devel is earlier than 0:4.0.0-63.el6_5.rc4
          oval oval:com.redhat.rhsa:tst:20141009013
        • comment samba4-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20130506026
      • AND
        • comment samba4-libs is earlier than 0:4.0.0-63.el6_5.rc4
          oval oval:com.redhat.rhsa:tst:20141009023
        • comment samba4-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20130506010
      • AND
        • comment samba4-pidl is earlier than 0:4.0.0-63.el6_5.rc4
          oval oval:com.redhat.rhsa:tst:20141009007
        • comment samba4-pidl is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20130506032
      • AND
        • comment samba4-python is earlier than 0:4.0.0-63.el6_5.rc4
          oval oval:com.redhat.rhsa:tst:20141009017
        • comment samba4-python is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20130506030
      • AND
        • comment samba4-swat is earlier than 0:4.0.0-63.el6_5.rc4
          oval oval:com.redhat.rhsa:tst:20141009015
        • comment samba4-swat is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20130506016
      • AND
        • comment samba4-test is earlier than 0:4.0.0-63.el6_5.rc4
          oval oval:com.redhat.rhsa:tst:20141009019
        • comment samba4-test is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20130506008
      • AND
        • comment samba4-winbind is earlier than 0:4.0.0-63.el6_5.rc4
          oval oval:com.redhat.rhsa:tst:20141009021
        • comment samba4-winbind is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20130506024
      • AND
        • comment samba4-winbind-clients is earlier than 0:4.0.0-63.el6_5.rc4
          oval oval:com.redhat.rhsa:tst:20141009027
        • comment samba4-winbind-clients is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20130506012
      • AND
        • comment samba4-winbind-krb5-locator is earlier than 0:4.0.0-63.el6_5.rc4
          oval oval:com.redhat.rhsa:tst:20141009031
        • comment samba4-winbind-krb5-locator is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20130506018
    rhsa
    id RHSA-2014:1009
    released 2014-08-05
    severity Important
    title RHSA-2014:1009: samba4 security update (Important)
rpms
  • libsmbclient-0:4.1.1-37.el7_0
  • libsmbclient-devel-0:4.1.1-37.el7_0
  • libwbclient-0:4.1.1-37.el7_0
  • libwbclient-devel-0:4.1.1-37.el7_0
  • samba-0:4.1.1-37.el7_0
  • samba-client-0:4.1.1-37.el7_0
  • samba-common-0:4.1.1-37.el7_0
  • samba-dc-0:4.1.1-37.el7_0
  • samba-dc-libs-0:4.1.1-37.el7_0
  • samba-devel-0:4.1.1-37.el7_0
  • samba-libs-0:4.1.1-37.el7_0
  • samba-pidl-0:4.1.1-37.el7_0
  • samba-python-0:4.1.1-37.el7_0
  • samba-test-0:4.1.1-37.el7_0
  • samba-test-devel-0:4.1.1-37.el7_0
  • samba-vfs-glusterfs-0:4.1.1-37.el7_0
  • samba-winbind-0:4.1.1-37.el7_0
  • samba-winbind-clients-0:4.1.1-37.el7_0
  • samba-winbind-krb5-locator-0:4.1.1-37.el7_0
  • samba-winbind-modules-0:4.1.1-37.el7_0
  • samba4-0:4.0.0-63.el6_5.rc4
  • samba4-client-0:4.0.0-63.el6_5.rc4
  • samba4-common-0:4.0.0-63.el6_5.rc4
  • samba4-dc-0:4.0.0-63.el6_5.rc4
  • samba4-dc-libs-0:4.0.0-63.el6_5.rc4
  • samba4-devel-0:4.0.0-63.el6_5.rc4
  • samba4-libs-0:4.0.0-63.el6_5.rc4
  • samba4-pidl-0:4.0.0-63.el6_5.rc4
  • samba4-python-0:4.0.0-63.el6_5.rc4
  • samba4-swat-0:4.0.0-63.el6_5.rc4
  • samba4-test-0:4.0.0-63.el6_5.rc4
  • samba4-winbind-0:4.0.0-63.el6_5.rc4
  • samba4-winbind-clients-0:4.0.0-63.el6_5.rc4
  • samba4-winbind-krb5-locator-0:4.0.0-63.el6_5.rc4
refmap via4
bid 69021
confirm
fedora
  • FEDORA-2014-9132
  • FEDORA-2014-9141
sectrack 1030663
secunia
  • 59583
  • 59610
  • 59976
suse openSUSE-SU-2014:1040
ubuntu USN-2305-1
xf samba-cve20143560-bo(95081)
Last major update 06-01-2017 - 22:00
Published 06-08-2014 - 14:55
Last modified 28-08-2017 - 21:34
Back to Top