Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2016.0672 samba security update 14 March 2016 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: samba Publisher: Debian Operating System: Debian GNU/Linux 7 Debian GNU/Linux 8 Impact/Access: Overwrite Arbitrary Files -- Existing Account Denial of Service -- Remote/Unauthenticated Access Confidential Data -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2016-0771 CVE-2015-7560 CVE-2015-5252 Reference: ASB-2016.0028 ESB-2016.0054 ESB-2016.0045 ESB-2016.0002 Original Bulletin: http://www.debian.org/security/2016/dsa-3514 - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - - ------------------------------------------------------------------------- Debian Security Advisory DSA-3514-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso March 12, 2016 https://www.debian.org/security/faq - - ------------------------------------------------------------------------- Package : samba CVE ID : CVE-2015-7560 CVE-2016-0771 Debian Bug : 812429 Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2015-7560 Jeremy Allison of Google, Inc. and the Samba Team discovered that Samba incorrectly handles getting and setting ACLs on a symlink path. An authenticated malicious client can use SMB1 UNIX extensions to create a symlink to a file or directory, and then use non-UNIX SMB1 calls to overwrite the contents of the ACL on the file or directory linked to. CVE-2016-0771 Garming Sam and Douglas Bagnall of Catalyst IT discovered that Samba is vulnerable to an out-of-bounds read issue during DNS TXT record handling, if Samba is deployed as an AD DC and chosen to run the internal DNS server. A remote attacker can exploit this flaw to cause a denial of service (Samba crash), or potentially, to allow leakage of memory from the server in the form of a DNS TXT reply. Additionally this update includes a fix for a regression introduced due to the upstream fix for CVE-2015-5252 in DSA-3433-1 in setups where the share path is '/'. For the oldstable distribution (wheezy), these problems have been fixed in version 2:3.6.6-6+deb7u7. The oldstable distribution (wheezy) is not affected by CVE-2016-0771. For the stable distribution (jessie), these problems have been fixed in version 2:4.1.17+dfsg-2+deb8u2. For the unstable distribution (sid), these problems have been fixed in version 2:4.3.6+dfsg-1. We recommend that you upgrade your samba packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJW48PXAAoJEAVMuPMTQ89EvU8P/37E3b5xZG1Gz02LYgppRPHA ZDxFMnVN/jyEqMXBxfY625C3enoz9w3LXa7lsIhgFxbbP76iGRbWKOS8z9hFd60A xDp0v8ysEaBlgjEyvviwrP/IoCNFp7yAVChk5GCR+F27Uf/h5MZv4tAIkeIyGmgc 34XNs0p9WqS4KK0qVYSM8uTXk3nMv0IVWqZGUYMFjr3/yaY3BJ8kld2p1jugOXBI 7avURCGBSzg53LtVGfDgtHIsHbACrmFgKBeuke6iSRCVzk9mpDDjrmkPGNpo8Czs 0i0IhLMR8QCgpRMeo6oPg430uGUcFQD70GVWa1FeodYoo+4g7zS3YfrT7JV47vGh WQKMtdib6/MfzcnZDXeCvaSGPUxjpR15oYbkHcHHh+/urlmA14RbeDUPSiUf24KD bWRUgs4dsoiQtmBao/P1iE461ZMK2jikI0IaLP6yBKSy8Xqahk5BeyVpRnAVcD/t F3rSjEWgukygmgZ5O0zUwLW7StkGCJIZkbfqAni2r1Zd0eZcwD9cnBiE1FP3Jniz 5z+FDNBBpcErKWjVEAHt7rKK+1s+I+RvxDPbzeQHRfZQ4SLKyEegj+w317L8OvRq 7/kJpDBwg45Pk6yaRpVIkieCeqH+IgzT4QuxJhCS9S6xVNHTBZd3iwOnJjBSN8kJ co5XGqr61KEP8R7ECNh5 =BTxT - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBVuXyyH6ZAP0PgtI9AQJ7Pw//QjEPRIgDvRdnMpbQlCGd28ULrTX8bVNX Kd+PnpKhseJLYlFkAwcYeIPsIruXLW730zSDp6jk2yMePEoBN8THV8dZqFv5w08u Xrtgu1u+b2tDV4bQptxw0+pIFAmDXuv/OJMpdfYiv6O18MAZjCzs56dd2P9xdz/N IPMXqdwu+P4mmgfxxHnj3Ngy/9iydsU1evej9TfrE8b91TNwwiXi8h9Dq0ggA+cZ JKzUfiFhJsziO8kxUbmN4jx4cNQF8caU0LjZYhmfzZIBPDuHyNd+CwNrjzeNXius WymqrsWKtG3T/g4GVEH+v8TF+jzpEPhzxs0/UGXnb5Yl9CKKt5mStnN8TLwmT1dp +Q0oTYEE+FB6FhCsDQuo1HIg6DcSlhvs33cGZzwJc/zmTPObWvwNNC5Kxwhl+3Wv f6Hj7LiZNc8QjQ4ObHjJNAXOF9A6VoxkxNeBFwujy4Ol9kOkuEMYBAHWtBsJfNqi HJoYgRCIoLDH7S72Y173xvIqrmW0KezquYcxE/HQ9stQ7HrN1W/nIzteDb5H5k/h fdpaf2fEUuN5CC/I+5sq5vYrc48oBObbtwQNeLCAln1GtBEaiCxM8ZEZNtGdZiNo ajdfOvMMWG48yTnabEk1Lt8/wfYKeHuqDdCoAGVhFMfjuKFvSJmr6WhimsHEVovh GBQ9SKXG4Fc= =xUTG -----END PGP SIGNATURE-----