SCIENTIFIC-LINUX-ERRATA Archives

April 2014

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Security ERRATA Moderate: samba4 on SL6.x i386/x86_64
From:
Pat Riehecky <[log in to unmask]>
Reply To:
[log in to unmask]
Date:
Wed, 9 Apr 2014 20:42:23 +0000
Content-Type:
text/plain
Parts/Attachments:
text/plain (66 lines) 
Synopsis:          Moderate: samba4 security update
Advisory ID:       SLSA-2014:0383-1
Issue Date:        2014-04-09
CVE Numbers:       CVE-2012-6150
                   CVE-2013-4496
                   CVE-2013-6442
--

It was found that certain Samba configurations did not enforce the
password lockout mechanism. A remote attacker could use this flaw to
perform password guessing attacks on Samba user accounts. Note: this flaw
only affected Samba when deployed as a Primary Domain Controller.
(CVE-2013-4496)

A flaw was found in Samba's "smbcacls" command, which is used to set or
get ACLs on SMB file shares. Certain command line options of this command
would incorrectly remove an ACL previously applied on a file or a
directory, leaving the file or directory without the intended ACL.
(CVE-2013-6442)

A flaw was found in the way the pam_winbind module handled configurations
that specified a non-existent group as required. An authenticated user
could possibly use this flaw to gain access to a service using pam_winbind
in its PAM configuration when group restriction was intended for access to
the service. (CVE-2012-6150)

After installing this update, the smb service will be restarted
automatically.
--

SL6
  x86_64
    samba4-4.0.0-61.el6_5.rc4.x86_64.rpm
    samba4-client-4.0.0-61.el6_5.rc4.x86_64.rpm
    samba4-common-4.0.0-61.el6_5.rc4.x86_64.rpm
    samba4-dc-4.0.0-61.el6_5.rc4.x86_64.rpm
    samba4-dc-libs-4.0.0-61.el6_5.rc4.x86_64.rpm
    samba4-debuginfo-4.0.0-61.el6_5.rc4.x86_64.rpm
    samba4-devel-4.0.0-61.el6_5.rc4.x86_64.rpm
    samba4-libs-4.0.0-61.el6_5.rc4.x86_64.rpm
    samba4-pidl-4.0.0-61.el6_5.rc4.x86_64.rpm
    samba4-python-4.0.0-61.el6_5.rc4.x86_64.rpm
    samba4-swat-4.0.0-61.el6_5.rc4.x86_64.rpm
    samba4-test-4.0.0-61.el6_5.rc4.x86_64.rpm
    samba4-winbind-4.0.0-61.el6_5.rc4.x86_64.rpm
    samba4-winbind-clients-4.0.0-61.el6_5.rc4.x86_64.rpm
    samba4-winbind-krb5-locator-4.0.0-61.el6_5.rc4.x86_64.rpm
  i386
    samba4-4.0.0-61.el6_5.rc4.i686.rpm
    samba4-client-4.0.0-61.el6_5.rc4.i686.rpm
    samba4-common-4.0.0-61.el6_5.rc4.i686.rpm
    samba4-dc-4.0.0-61.el6_5.rc4.i686.rpm
    samba4-dc-libs-4.0.0-61.el6_5.rc4.i686.rpm
    samba4-debuginfo-4.0.0-61.el6_5.rc4.i686.rpm
    samba4-devel-4.0.0-61.el6_5.rc4.i686.rpm
    samba4-libs-4.0.0-61.el6_5.rc4.i686.rpm
    samba4-pidl-4.0.0-61.el6_5.rc4.i686.rpm
    samba4-python-4.0.0-61.el6_5.rc4.i686.rpm
    samba4-swat-4.0.0-61.el6_5.rc4.i686.rpm
    samba4-test-4.0.0-61.el6_5.rc4.i686.rpm
    samba4-winbind-4.0.0-61.el6_5.rc4.i686.rpm
    samba4-winbind-clients-4.0.0-61.el6_5.rc4.i686.rpm
    samba4-winbind-krb5-locator-4.0.0-61.el6_5.rc4.i686.rpm

- Scientific Linux Development Team

ATOM RSS1 RSS2