ID CVE-2017-2619
Summary Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition.
References
Vulnerable Configurations
  • Samba 4.4.11
    cpe:2.3:a:samba:samba:4.4.11
  • Samba 4.5.7
    cpe:2.3:a:samba:samba:4.5.7
  • Samba 4.6.1
    cpe:2.3:a:samba:samba:4.6.1
  • Debian Linux 8.0 (Jessie)
    cpe:2.3:o:debian:debian_linux:8.0
  • cpe:2.3:o:redhat:enterprise_linux:6.0
    cpe:2.3:o:redhat:enterprise_linux:6.0
  • Red Hat Enterprise Linux (RHEL) 7.0 (7)
    cpe:2.3:o:redhat:enterprise_linux:7.0
CVSS
Base: 6.0
Impact:
Exploitability:
CWE CWE-59
CAPEC
  • Symlink Attack
    An attacker positions a symbolic link in such a manner that the targeted user or application accesses the link's endpoint, assuming that it is accessing a file with the link's name. The endpoint file may be either output or input. If the file is output, the result is that the endpoint is modified, instead of a file at the intended location. Modifications to the endpoint file may include appending, overwriting, corrupting, changing permissions, or other modifications. In some variants of this attack the attacker may be able to control the change to a file while in other cases they cannot. The former is especially damaging since the attacker may be able to grant themselves increased privileges or insert false information, but the latter can also be damaging as it can expose sensitive information or corrupt or destroy vital system or application files. Alternatively, the endpoint file may serve as input to the targeted application. This can be used to feed malformed input into the target or to cause the target to process different information, possibly allowing the attacker to control the actions of the target or to cause the target to expose information to the attacker. Moreover, the actions taken on the endpoint file are undertaken with the permissions of the targeted user or application, which may exceed the permissions that the attacker would normally have.
  • Accessing, Modifying or Executing Executable Files
    An attack of this type exploits a system's configuration that allows an attacker to either directly access an executable file, for example through shell access; or in a possible worst case allows an attacker to upload a file and then execute it. Web servers, ftp servers, and message oriented middleware systems which have many integration points are particularly vulnerable, because both the programmers and the administrators must be in synch regarding the interfaces and the correct privileges for each interface.
  • Leverage Executable Code in Non-Executable Files
    An attack of this type exploits a system's trust in configuration and resource files, when the executable loads the resource (such as an image file or configuration file) the attacker has modified the file to either execute malicious code directly or manipulate the target process (e.g. application server) to execute based on the malicious configuration parameters. Since systems are increasingly interrelated mashing up resources from local and remote sources the possibility of this attack occurring is high. The attack can be directed at a client system, such as causing buffer overrun through loading seemingly benign image files, as in Microsoft Security Bulletin MS04-028 where specially crafted JPEG files could cause a buffer overrun once loaded into the browser. Another example targets clients reading pdf files. In this case the attacker simply appends javascript to the end of a legitimate url for a pdf (http://www.gnucitizen.org/blog/danger-danger-danger/) http://path/to/pdf/file.pdf#whatever_name_you_want=javascript:your_code_here The client assumes that they are reading a pdf, but the attacker has modified the resource and loaded executable javascript into the client's browser process. The attack can also target server processes. The attacker edits the resource or configuration file, for example a web.xml file used to configure security permissions for a J2EE app server, adding role name "public" grants all users with the public role the ability to use the administration functionality. The server trusts its configuration file to be correct, but when they are manipulated, the attacker gains full control.
  • Manipulating Input to File System Calls
    An attacker manipulates inputs to the target software which the target software passes to file system calls in the OS. The goal is to gain access to, and perhaps modify, areas of the file system that the target software did not intend to be accessible.
exploit-db via4
description Samba 4.5.2 - Symlink Race Permits Opening Files Outside Share Directory. CVE-2017-2619. Remote exploit for Multiple platform
file exploits/multiple/remote/41740.txt
id EDB-ID:41740
last seen 2017-03-27
modified 2017-03-27
platform multiple
port
published 2017-03-27
reporter Exploit-DB
source https://www.exploit-db.com/download/41740/
title Samba 4.5.2 - Symlink Race Permits Opening Files Outside Share Directory
type remote
nessus via4
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2017-1265.NASL
    description From Red Hat Security Advisory 2017:1265 : An update for samba is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Samba is an open source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix(es) : * It was found that Samba always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users. (CVE-2016-2125) * A flaw was found in the way Samba handled PAC (Privilege Attribute Certificate) checksums. A remote, authenticated attacker could use this flaw to crash the winbindd process. (CVE-2016-2126) * A race condition was found in samba server. A malicious samba client could use this flaw to access files and directories, in areas of the server file system not exported under the share definitions. (CVE-2017-2619) Red Hat would like to thank the Samba project for reporting CVE-2017-2619. Upstream acknowledges Jann Horn (Google) as the original reporter of CVE-2017-2619.
    last seen 2019-02-21
    modified 2018-09-05
    plugin id 100344
    published 2017-05-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100344
    title Oracle Linux 7 : samba (ELSA-2017-1265)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2017-2789.NASL
    description An update for samba is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Samba is an open source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix(es) : * A race condition was found in samba server. A malicious samba client could use this flaw to access files and directories in areas of the server file system not exported under the share definitions. (CVE-2017-2619) * It was found that samba did not enforce 'SMB signing' when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text. (CVE-2017-12150) * An information leak flaw was found in the way SMB1 protocol was implemented by Samba. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server memory cannot be controlled by the attacker. (CVE-2017-12163) Red Hat would like to thank the Samba project for reporting CVE-2017-2619 and CVE-2017-12150 and Yihan Lian and Zhibin Hu (Qihoo 360 GearTeam), Stefan Metzmacher (SerNet), and Jeremy Allison (Google) for reporting CVE-2017-12163. Upstream acknowledges Jann Horn (Google) as the original reporter of CVE-2017-2619; and Stefan Metzmacher (SerNet) as the original reporter of CVE-2017-12150.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 103385
    published 2017-09-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=103385
    title CentOS 6 : samba (CESA-2017:2789)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20170522_SAMBA_ON_SL7_X.NASL
    description Security Fix(es) : - It was found that Samba always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users. (CVE-2016-2125) - A flaw was found in the way Samba handled PAC (Privilege Attribute Certificate) checksums. A remote, authenticated attacker could use this flaw to crash the winbindd process. (CVE-2016-2126) - A race condition was found in samba server. A malicious samba client could use this flaw to access files and directories, in areas of the server file system not exported under the share definitions. (CVE-2017-2619)
    last seen 2019-02-21
    modified 2018-12-27
    plugin id 100350
    published 2017-05-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100350
    title Scientific Linux Security Update : samba on SL7.x x86_64
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2017-1265.NASL
    description An update for samba is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Samba is an open source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix(es) : * It was found that Samba always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users. (CVE-2016-2125) * A flaw was found in the way Samba handled PAC (Privilege Attribute Certificate) checksums. A remote, authenticated attacker could use this flaw to crash the winbindd process. (CVE-2016-2126) * A race condition was found in samba server. A malicious samba client could use this flaw to access files and directories, in areas of the server file system not exported under the share definitions. (CVE-2017-2619) Red Hat would like to thank the Samba project for reporting CVE-2017-2619. Upstream acknowledges Jann Horn (Google) as the original reporter of CVE-2017-2619.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 100346
    published 2017-05-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100346
    title RHEL 7 : samba (RHSA-2017:1265)
  • NASL family Virtuozzo Local Security Checks
    NASL id VIRTUOZZO_VZLSA-2017-1265.NASL
    description An update for samba is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Samba is an open source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix(es) : * It was found that Samba always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users. (CVE-2016-2125) * A flaw was found in the way Samba handled PAC (Privilege Attribute Certificate) checksums. A remote, authenticated attacker could use this flaw to crash the winbindd process. (CVE-2016-2126) * A race condition was found in samba server. A malicious samba client could use this flaw to access files and directories, in areas of the server file system not exported under the share definitions. (CVE-2017-2619) Red Hat would like to thank the Samba project for reporting CVE-2017-2619. Upstream acknowledges Jann Horn (Google) as the original reporter of CVE-2017-2619. Note that Tenable Network Security has attempted to extract the preceding description block directly from the corresponding Red Hat security advisory. Virtuozzo provides no description for VZLSA advisories. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-20
    plugin id 101469
    published 2017-07-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=101469
    title Virtuozzo 7 : ctdb / ctdb-tests / libsmbclient / etc (VZLSA-2017-1265)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2017-1265.NASL
    description An update for samba is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Samba is an open source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix(es) : * It was found that Samba always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users. (CVE-2016-2125) * A flaw was found in the way Samba handled PAC (Privilege Attribute Certificate) checksums. A remote, authenticated attacker could use this flaw to crash the winbindd process. (CVE-2016-2126) * A race condition was found in samba server. A malicious samba client could use this flaw to access files and directories, in areas of the server file system not exported under the share definitions. (CVE-2017-2619) Red Hat would like to thank the Samba project for reporting CVE-2017-2619. Upstream acknowledges Jann Horn (Google) as the original reporter of CVE-2017-2619.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 100329
    published 2017-05-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100329
    title CentOS 7 : samba (CESA-2017:1265)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2017-2778.NASL
    description An update for samba is now available for Red Hat Gluster Storage 3.3 for RHEL 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Samba is an open source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix(es) : * A race condition was found in samba server. A malicious samba client could use this flaw to access files and directories in areas of the server file system not exported under the share definitions. (CVE-2017-2619) * A flaw was found in the way Samba handled dangling symlinks. An authenticated malicious Samba client could use this flaw to cause the smbd daemon to enter an infinite loop and use an excessive amount of CPU and memory. (CVE-2017-9461) Red Hat would like to thank the Samba project for reporting CVE-2017-2619. Upstream acknowledges Jann Horn (Google) as the original reporter of CVE-2017-2619. Bug Fix(es) : * In the samba configuration, by default the 'posix locking' is enabled and 'stat cache' is disabled. Enabling 'posix locking' sends the file lock request to the bricks too, and disabling 'stat cache' blocks samba to cache certain information at the samba layer. This led to decrease in performance of SMB access of Red Hat Gluster Storage volumes As a fix, the following two options are included in the samba configuration file: posix locking = No stat cache = Yes Due to this, a slight improvement in the performance is observed. (BZ#1436265)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 103453
    published 2017-09-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=103453
    title RHEL 6 : Storage Server (RHSA-2017:2778)
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2017-1105.NASL
    description According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was found that Samba always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users. (CVE-2016-2125) - A flaw was found in the way Samba handled PAC (Privilege Attribute Certificate) checksums. A remote, authenticated attacker could use this flaw to crash the winbindd process. (CVE-2016-2126) - A race condition was found in samba server. A malicious samba client could use this flaw to access files and directories, in areas of the server file system not exported under the share definitions. (CVE-2017-2619) - A remote code execution flaw was found in Samba. A malicious authenticated samba client, having write access to the samba share, could use this flaw to execute arbitrary code as root. (CVE-2017-7494) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-14
    plugin id 100698
    published 2017-06-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100698
    title EulerOS 2.0 SP2 : samba (EulerOS-SA-2017-1105)
  • NASL family Virtuozzo Local Security Checks
    NASL id VIRTUOZZO_VZLSA-2017-2789.NASL
    description An update for samba is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Samba is an open source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix(es) : * A race condition was found in samba server. A malicious samba client could use this flaw to access files and directories in areas of the server file system not exported under the share definitions. (CVE-2017-2619) * It was found that samba did not enforce 'SMB signing' when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text. (CVE-2017-12150) * An information leak flaw was found in the way SMB1 protocol was implemented by Samba. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server memory cannot be controlled by the attacker. (CVE-2017-12163) Red Hat would like to thank the Samba project for reporting CVE-2017-2619 and CVE-2017-12150 and Yihan Lian and Zhibin Hu (Qihoo 360 GearTeam), Stefan Metzmacher (SerNet), and Jeremy Allison (Google) for reporting CVE-2017-12163. Upstream acknowledges Jann Horn (Google) as the original reporter of CVE-2017-2619; and Stefan Metzmacher (SerNet) as the original reporter of CVE-2017-12150. Note that Tenable Network Security has attempted to extract the preceding description block directly from the corresponding Red Hat security advisory. Virtuozzo provides no description for VZLSA advisories. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 119226
    published 2018-11-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119226
    title Virtuozzo 6 : libsmbclient / libsmbclient-devel / samba / etc (VZLSA-2017-2789)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2017-2338.NASL
    description An update for samba is now available for Red Hat Gluster Storage 3.2 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Samba is an open source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix(es) : * A race condition was found in samba server. A malicious samba client could use this flaw to access files and directories, in areas of the server file system not exported under the share definitions. (CVE-2017-2619) * A flaw was found in the way Samba handled dangling symlinks. An authenticated malicious Samba client could use this flaw to cause the smbd daemon to enter an infinite loop and use an excessive amount of CPU and memory. (CVE-2017-9461) Red Hat would like to thank the Samba project for reporting CVE-2017-2619. Upstream acknowledges Jann Horn (Google) as the original reporter of CVE-2017-2619.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 102156
    published 2017-08-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102156
    title RHEL 7 : Red Hat Gluster Storage (RHSA-2017:2338)
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2017-834.NASL
    description A remote code execution flaw was found in Samba. A malicious authenticated samba client, having write access to the samba share, could use this flaw to execute arbitrary code as root. (CVE-2017-7494) It was found that Samba always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users. (CVE-2016-2125) A flaw was found in the way Samba handled PAC (Privilege Attribute Certificate) checksums. A remote, authenticated attacker could use this flaw to crash the winbindd process. (CVE-2016-2126) A race condition was found in samba server. A malicious samba client could use this flaw to access files and directories, in areas of the server file system not exported under the share definitions. (CVE-2017-2619)
    last seen 2019-02-21
    modified 2018-04-18
    plugin id 100554
    published 2017-06-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100554
    title Amazon Linux AMI : samba (ALAS-2017-834) (SambaCry)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2017-2789.NASL
    description An update for samba is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Samba is an open source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix(es) : * A race condition was found in samba server. A malicious samba client could use this flaw to access files and directories in areas of the server file system not exported under the share definitions. (CVE-2017-2619) * It was found that samba did not enforce 'SMB signing' when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text. (CVE-2017-12150) * An information leak flaw was found in the way SMB1 protocol was implemented by Samba. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server memory cannot be controlled by the attacker. (CVE-2017-12163) Red Hat would like to thank the Samba project for reporting CVE-2017-2619 and CVE-2017-12150 and Yihan Lian and Zhibin Hu (Qihoo 360 GearTeam), Stefan Metzmacher (SerNet), and Jeremy Allison (Google) for reporting CVE-2017-12163. Upstream acknowledges Jann Horn (Google) as the original reporter of CVE-2017-2619; and Stefan Metzmacher (SerNet) as the original reporter of CVE-2017-12150.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 103406
    published 2017-09-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=103406
    title RHEL 6 : samba (RHSA-2017:2789)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2017-2789.NASL
    description From Red Hat Security Advisory 2017:2789 : An update for samba is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Samba is an open source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix(es) : * A race condition was found in samba server. A malicious samba client could use this flaw to access files and directories in areas of the server file system not exported under the share definitions. (CVE-2017-2619) * It was found that samba did not enforce 'SMB signing' when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text. (CVE-2017-12150) * An information leak flaw was found in the way SMB1 protocol was implemented by Samba. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server memory cannot be controlled by the attacker. (CVE-2017-12163) Red Hat would like to thank the Samba project for reporting CVE-2017-2619 and CVE-2017-12150 and Yihan Lian and Zhibin Hu (Qihoo 360 GearTeam), Stefan Metzmacher (SerNet), and Jeremy Allison (Google) for reporting CVE-2017-12163. Upstream acknowledges Jann Horn (Google) as the original reporter of CVE-2017-2619; and Stefan Metzmacher (SerNet) as the original reporter of CVE-2017-12150.
    last seen 2019-02-21
    modified 2018-09-05
    plugin id 103489
    published 2017-09-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=103489
    title Oracle Linux 6 : samba (ELSA-2017-2789)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20180619_SAMBA_ON_SL6_X.NASL
    description Security Fix(es) : - samba: NULL pointer indirection in printer server process (CVE-2018-1050)
    last seen 2019-02-21
    modified 2018-12-27
    plugin id 110891
    published 2018-07-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=110891
    title Scientific Linux Security Update : samba on SL6.x i386/x86_64
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2017-437.NASL
    description This update for samba fixes the following issues : Security issues fixed : - CVE-2017-2619: Symlink race permits opening files outside share directory (bsc#1027147). Bugfixes : - Force usage of ncurses6-config thru NCURSES_CONFIG env var (bsc#1023847). - Add missing ldb module directory (bsc#1012092). - Don't package man pages for VFS modules that aren't built (bsc#993707). - sync_req: make async_connect_send() 'reentrant'; (bso#12105); (bsc#1024416). - Document 'winbind: ignore domains' parameter; (bsc#1019416). - Prevent core, make sure response->extra_data.data is always cleared out; (bsc#993692). This update was imported from the SUSE:SLE-12-SP2:Update update project.
    last seen 2019-02-21
    modified 2018-09-04
    plugin id 99209
    published 2017-04-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=99209
    title openSUSE Security Update : samba (openSUSE-2017-437)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_2826317B10EC11E7944E000C292E4FD8.NASL
    description Samba team reports : A time-of-check, time-of-use race condition can allow clients to access non-exported parts of the file system via symlinks.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 97972
    published 2017-03-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=97972
    title FreeBSD : samba -- symlink race allows access outside share definition (2826317b-10ec-11e7-944e-000c292e4fd8)
  • NASL family Junos Local Security Checks
    NASL id JUNIPER_SPACE_JSA10917_184R1.NASL
    description According to its self-reported version number, the remote Junos Space version is 18.4.x prior to 18.4R1. It is, therefore, affected by multiple vulnerabilities : - An integer overflow issue exists in procps-ng. This is related to CVE-2018-1124. (CVE-2018-1126) - A directory traversal issue exits in reposync, a part of yum-utils.tory configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. (CVE-2018-10897) - An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID binary could use this flaw to escalate their privileges on the system. (CVE-2018-14634) Additionally, Junos Space is affected by several other vulnerabilities exist as noted in the vendor advisory. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
    last seen 2019-02-21
    modified 2019-01-10
    plugin id 121068
    published 2019-01-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=121068
    title Juniper Junos Space 18.4.x < 18.4R1 Multiple Vulnerabilities (JSA10917)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2017-0841-1.NASL
    description This update for samba fixes the following issues: Security issue fixed : - CVE-2017-2619: symlink race permits opening files outside share directory (bsc#1027147). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-30
    plugin id 99084
    published 2017-03-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=99084
    title SUSE SLES11 Security Update : samba (SUSE-SU-2017:0841-1)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-3267-1.NASL
    description Jann Horn discovered that Samba incorrectly handled symlinks. An authenticated remote attacker could use this issue to access files on the server outside of the exported directories. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 99685
    published 2017-04-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=99685
    title Ubuntu 17.04 : samba vulnerability (USN-3267-1)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20170921_SAMBA_ON_SL6_X.NASL
    description Security Fix(es) : - A race condition was found in samba server. A malicious samba client could use this flaw to access files and directories in areas of the server file system not exported under the share definitions. (CVE-2017-2619) - It was found that samba did not enforce 'SMB signing' when certain configuration options were enabled. A remote attacker could launch a man- in-the-middle attack and retrieve information in plain-text. (CVE-2017-12150) - An information leak flaw was found in the way SMB1 protocol was implemented by Samba. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server memory cannot be controlled by the attacker. (CVE-2017-12163)
    last seen 2019-02-21
    modified 2018-12-27
    plugin id 103501
    published 2017-09-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=103501
    title Scientific Linux Security Update : samba on SL6.x i386/x86_64
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2017-1216-1.NASL
    description This update for samba fixes the following issues: Security issue fixed : - CVE-2017-2619: symlink race permits opening files outside share directory (bsc#1027147). For SUSE Linux Enterprise 11 SP4 this is a re-issue of the update, a regression in the fix has been addressed (bsc#1036283, bso#12721). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-30
    plugin id 100050
    published 2017-05-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100050
    title SUSE SLES11 Security Update : samba (SUSE-SU-2017:1216-1)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2017-97FB93E1D1.NASL
    description Fix a nss_wins crash ---- Security fix for CVE-2017-2619 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-09-05
    plugin id 99414
    published 2017-04-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=99414
    title Fedora 24 : 2:samba (2017-97fb93e1d1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2017-0858-1.NASL
    description This update for samba fixes the following issues: Security issues fixed : - CVE-2017-2619: Symlink race permits opening files outside share directory (bsc#1027147). Bugfixes : - Force usage of ncurses6-config thru NCURSES_CONFIG env var (bsc#1023847). - Add missing ldb module directory (bsc#1012092). - Don't package man pages for VFS modules that aren't built (bsc#993707). - sync_req: make async_connect_send() 'reentrant'; (bso#12105); (bsc#1024416). - Document 'winbind: ignore domains' parameter; (bsc#1019416). - Prevent core, make sure response->extra_data.data is always cleared out; (bsc#993692). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-30
    plugin id 99086
    published 2017-03-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=99086
    title SUSE SLED12 / SLES12 Security Update : samba (SUSE-SU-2017:0858-1)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-3242-1.NASL
    description Jann Horn discovered that Samba incorrectly handled symlinks. An authenticated remote attacker could use this issue to access files on the server outside of the exported directories. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 97937
    published 2017-03-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=97937
    title Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : samba vulnerability (USN-3242-1)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2017-439.NASL
    description This update for samba fixes the following issues : Security issues fixed : - CVE-2017-2619: Symlink race permits opening files outside share directory (bsc#1027147). Bugfixes : - Don't package man pages for VFS modules that aren't built (bsc#993707). - sync_req: make async_connect_send() 'reentrant'; (bso#12105); (bsc#1024416). - Document 'winbind: ignore domains' parameter; (bsc#1019416). - Prevent core, make sure response->extra_data.data is always cleared out; (bsc#993692). This update was imported from the SUSE:SLE-12-SP1:Update update project.
    last seen 2019-02-21
    modified 2018-09-04
    plugin id 99210
    published 2017-04-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=99210
    title openSUSE Security Update : samba (openSUSE-2017-439)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-3816.NASL
    description Jann Horn of Google discovered a time-of-check, time-of-use race condition in Samba, a SMB/CIFS file, print, and login server for Unix. A malicious client can take advantage of this flaw by exploiting a symlink race to access areas of the server file system not exported under a share definition.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 97923
    published 2017-03-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=97923
    title Debian DSA-3816-1 : samba - security update
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2017-082-02.NASL
    description New samba packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue.
    last seen 2018-09-05
    modified 2018-09-04
    plugin id 97919
    published 2017-03-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=97919
    title Slackware 14.0 / 14.1 / 14.2 / current : samba (SSA:2017-082-02)
  • NASL family Misc.
    NASL id SAMBA_4_6_1.NASL
    description The version of Samba running on the remote host is 4.4.x prior to 4.4.12, 4.5.x prior to 4.5.7, or 4.6.x prior to 4.6.1. It is, therefore, affected by an information disclosure vulnerability due to a race condition between calls to lstat() for symlink checks and calls to open() to read a file. A local attacker can exploit this, by replacing a recently checked path with a symlink, to disclose arbitrary files on the system. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
    last seen 2019-02-21
    modified 2018-07-27
    plugin id 99199
    published 2017-04-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=99199
    title Samba 4.4.x < 4.4.12 / 4.5.x < 4.5.7 / 4.6.x < 4.6.1 Path Renaming Symlink Local File Disclosure
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2017-C22A1DBE8B.NASL
    description Security fix for CVE-2017-2619 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-09-05
    plugin id 99147
    published 2017-04-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=99147
    title Fedora 25 : 2:samba (2017-c22a1dbe8b)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2017-0859-1.NASL
    description This update for samba fixes the following issues: Security issues fixed : - CVE-2017-2619: Symlink race permits opening files outside share directory (bsc#1027147). Bugfixes : - Don't package man pages for VFS modules that aren't built (bsc#993707). - sync_req: make async_connect_send() 'reentrant'; (bso#12105); (bsc#1024416). - Document 'winbind: ignore domains' parameter; (bsc#1019416). - Prevent core, make sure response->extra_data.data is always cleared out; (bsc#993692). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-30
    plugin id 99087
    published 2017-03-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=99087
    title SUSE SLED12 / SLES12 Security Update : samba (SUSE-SU-2017:0859-1)
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2017-1104.NASL
    description According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was found that Samba always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users. (CVE-2016-2125) - A flaw was found in the way Samba handled PAC (Privilege Attribute Certificate) checksums. A remote, authenticated attacker could use this flaw to crash the winbindd process. (CVE-2016-2126) - A race condition was found in samba server. A malicious samba client could use this flaw to access files and directories, in areas of the server file system not exported under the share definitions. (CVE-2017-2619) - A remote code execution flaw was found in Samba. A malicious authenticated samba client, having write access to the samba share, could use this flaw to execute arbitrary code as root. (CVE-2017-7494) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-14
    plugin id 100697
    published 2017-06-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100697
    title EulerOS 2.0 SP1 : samba (EulerOS-SA-2017-1104)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2017-FB9ED95CF3.NASL
    description Security fix for CVE-2017-2619 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-09-05
    plugin id 101752
    published 2017-07-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=101752
    title Fedora 26 : 2:samba (2017-fb9ed95cf3)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DLA-894.NASL
    description Jann Horn of Google discovered a time-of-check, time-of-use race condition in Samba, a SMB/CIFS file, print, and login server for Unix. A malicious client can take advantage of this flaw by exploting a symlink race to access areas of the server file system not exported under a share definition. For Debian 7 'Wheezy', these problems have been fixed in version 2:3.6.6-6+deb7u12. We recommend that you upgrade your samba packages. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-08-31
    plugin id 99291
    published 2017-04-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=99291
    title Debian DLA-894-1 : samba security update
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2017-0862-1.NASL
    description This update for samba fixes the following issues: Security issues fixed : - CVE-2017-2619: Symlink race permits opening files outside share directory (bsc#1027147). Bugfixes : - Don't package man pages for VFS modules that aren't built (bsc#993707). - sync_req: make async_connect_send() 'reentrant'; (bso#12105); (bsc#1024416). - Document 'winbind: ignore domains' parameter; (bsc#1019416). - Prevent core, make sure response->extra_data.data is always cleared out; (bsc#993692). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-30
    plugin id 99089
    published 2017-03-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=99089
    title SUSE SLES12 Security Update : samba (SUSE-SU-2017:0862-1)
redhat via4
advisories
  • bugzilla
    id 1429472
    title CVE-2017-2619 samba: symlink race permits opening files outside share directory
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 7 Client is installed
        oval oval:com.redhat.rhsa:tst:20140675001
      • comment Red Hat Enterprise Linux 7 Server is installed
        oval oval:com.redhat.rhsa:tst:20140675002
      • comment Red Hat Enterprise Linux 7 Workstation is installed
        oval oval:com.redhat.rhsa:tst:20140675003
      • comment Red Hat Enterprise Linux 7 ComputeNode is installed
        oval oval:com.redhat.rhsa:tst:20140675004
    • OR
      • AND
        • comment ctdb is earlier than 0:4.4.4-13.el7_3
          oval oval:com.redhat.rhsa:tst:20171265051
        • comment ctdb is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20160006014
      • AND
        • comment ctdb-tests is earlier than 0:4.4.4-13.el7_3
          oval oval:com.redhat.rhsa:tst:20171265013
        • comment ctdb-tests is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20160006036
      • AND
        • comment libsmbclient is earlier than 0:4.4.4-13.el7_3
          oval oval:com.redhat.rhsa:tst:20171265009
        • comment libsmbclient is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100860012
      • AND
        • comment libsmbclient-devel is earlier than 0:4.4.4-13.el7_3
          oval oval:com.redhat.rhsa:tst:20171265021
        • comment libsmbclient-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100860022
      • AND
        • comment libwbclient is earlier than 0:4.4.4-13.el7_3
          oval oval:com.redhat.rhsa:tst:20171265045
        • comment libwbclient is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140867026
      • AND
        • comment libwbclient-devel is earlier than 0:4.4.4-13.el7_3
          oval oval:com.redhat.rhsa:tst:20171265019
        • comment libwbclient-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140867008
      • AND
        • comment samba is earlier than 0:4.4.4-13.el7_3
          oval oval:com.redhat.rhsa:tst:20171265011
        • comment samba is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100860006
      • AND
        • comment samba-client is earlier than 0:4.4.4-13.el7_3
          oval oval:com.redhat.rhsa:tst:20171265007
        • comment samba-client is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100860014
      • AND
        • comment samba-client-libs is earlier than 0:4.4.4-13.el7_3
          oval oval:com.redhat.rhsa:tst:20171265035
        • comment samba-client-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20160006044
      • AND
        • comment samba-common is earlier than 0:4.4.4-13.el7_3
          oval oval:com.redhat.rhsa:tst:20171265053
        • comment samba-common is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100860016
      • AND
        • comment samba-common-libs is earlier than 0:4.4.4-13.el7_3
          oval oval:com.redhat.rhsa:tst:20171265047
        • comment samba-common-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20160006012
      • AND
        • comment samba-common-tools is earlier than 0:4.4.4-13.el7_3
          oval oval:com.redhat.rhsa:tst:20171265029
        • comment samba-common-tools is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20160006016
      • AND
        • comment samba-dc is earlier than 0:4.4.4-13.el7_3
          oval oval:com.redhat.rhsa:tst:20171265043
        • comment samba-dc is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140867028
      • AND
        • comment samba-dc-libs is earlier than 0:4.4.4-13.el7_3
          oval oval:com.redhat.rhsa:tst:20171265025
        • comment samba-dc-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140867014
      • AND
        • comment samba-devel is earlier than 0:4.4.4-13.el7_3
          oval oval:com.redhat.rhsa:tst:20171265041
        • comment samba-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140867020
      • AND
        • comment samba-krb5-printing is earlier than 0:4.4.4-13.el7_3
          oval oval:com.redhat.rhsa:tst:20171265005
        • comment samba-krb5-printing is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20171265006
      • AND
        • comment samba-libs is earlier than 0:4.4.4-13.el7_3
          oval oval:com.redhat.rhsa:tst:20171265031
        • comment samba-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140867024
      • AND
        • comment samba-pidl is earlier than 0:4.4.4-13.el7_3
          oval oval:com.redhat.rhsa:tst:20171265055
        • comment samba-pidl is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140867022
      • AND
        • comment samba-python is earlier than 0:4.4.4-13.el7_3
          oval oval:com.redhat.rhsa:tst:20171265027
        • comment samba-python is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140867010
      • AND
        • comment samba-test is earlier than 0:4.4.4-13.el7_3
          oval oval:com.redhat.rhsa:tst:20171265039
        • comment samba-test is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140867040
      • AND
        • comment samba-test-libs is earlier than 0:4.4.4-13.el7_3
          oval oval:com.redhat.rhsa:tst:20171265033
        • comment samba-test-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20160006028
      • AND
        • comment samba-vfs-glusterfs is earlier than 0:4.4.4-13.el7_3
          oval oval:com.redhat.rhsa:tst:20171265037
        • comment samba-vfs-glusterfs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140867044
      • AND
        • comment samba-winbind is earlier than 0:4.4.4-13.el7_3
          oval oval:com.redhat.rhsa:tst:20171265017
        • comment samba-winbind is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100860010
      • AND
        • comment samba-winbind-clients is earlier than 0:4.4.4-13.el7_3
          oval oval:com.redhat.rhsa:tst:20171265023
        • comment samba-winbind-clients is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100860020
      • AND
        • comment samba-winbind-krb5-locator is earlier than 0:4.4.4-13.el7_3
          oval oval:com.redhat.rhsa:tst:20171265049
        • comment samba-winbind-krb5-locator is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20111221018
      • AND
        • comment samba-winbind-modules is earlier than 0:4.4.4-13.el7_3
          oval oval:com.redhat.rhsa:tst:20171265015
        • comment samba-winbind-modules is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140867016
    rhsa
    id RHSA-2017:1265
    released 2017-05-22
    severity Moderate
    title RHSA-2017:1265: samba security and bug fix update (Moderate)
  • rhsa
    id RHSA-2017:2338
  • rhsa
    id RHSA-2017:2778
  • rhsa
    id RHSA-2017:2789
rpms
  • ctdb-0:4.4.4-13.el7_3
  • ctdb-tests-0:4.4.4-13.el7_3
  • libsmbclient-0:4.4.4-13.el7_3
  • libsmbclient-devel-0:4.4.4-13.el7_3
  • libwbclient-0:4.4.4-13.el7_3
  • libwbclient-devel-0:4.4.4-13.el7_3
  • samba-0:4.4.4-13.el7_3
  • samba-client-0:4.4.4-13.el7_3
  • samba-client-libs-0:4.4.4-13.el7_3
  • samba-common-0:4.4.4-13.el7_3
  • samba-common-libs-0:4.4.4-13.el7_3
  • samba-common-tools-0:4.4.4-13.el7_3
  • samba-dc-0:4.4.4-13.el7_3
  • samba-dc-libs-0:4.4.4-13.el7_3
  • samba-devel-0:4.4.4-13.el7_3
  • samba-krb5-printing-0:4.4.4-13.el7_3
  • samba-libs-0:4.4.4-13.el7_3
  • samba-pidl-0:4.4.4-13.el7_3
  • samba-python-0:4.4.4-13.el7_3
  • samba-test-0:4.4.4-13.el7_3
  • samba-test-libs-0:4.4.4-13.el7_3
  • samba-vfs-glusterfs-0:4.4.4-13.el7_3
  • samba-winbind-0:4.4.4-13.el7_3
  • samba-winbind-clients-0:4.4.4-13.el7_3
  • samba-winbind-krb5-locator-0:4.4.4-13.el7_3
  • samba-winbind-modules-0:4.4.4-13.el7_3
  • libsmbclient-0:3.6.23-45.el6_9
  • libsmbclient-devel-0:3.6.23-45.el6_9
  • samba-0:3.6.23-45.el6_9
  • samba-client-0:3.6.23-45.el6_9
  • samba-common-0:3.6.23-45.el6_9
  • samba-doc-0:3.6.23-45.el6_9
  • samba-domainjoin-gui-0:3.6.23-45.el6_9
  • samba-glusterfs-0:3.6.23-45.el6_9
  • samba-swat-0:3.6.23-45.el6_9
  • samba-winbind-0:3.6.23-45.el6_9
  • samba-winbind-clients-0:3.6.23-45.el6_9
  • samba-winbind-devel-0:3.6.23-45.el6_9
  • samba-winbind-krb5-locator-0:3.6.23-45.el6_9
refmap via4
bid 97033
confirm
debian DSA-3816
exploit-db 41740
sectrack 1038117
Last major update 12-03-2018 - 11:29
Published 12-03-2018 - 11:29
Last modified 22-04-2019 - 13:48
Back to Top