Synopsis: Important: samba and samba3x security update Advisory ID: SLSA-2013:1806-1 Issue Date: 2013-12-10 CVE Numbers: CVE-2013-4408 CVE-2013-4475 -- A heap-based buffer overflow flaw was found in the DCE-RPC client code in Samba. A specially crafted DCE-RPC packet could cause various Samba programs to crash or, possibly, execute arbitrary code when parsed. A malicious or compromised Active Directory Domain Controller could use this flaw to compromise the winbindd daemon running with root privileges. (CVE-2013-4408) A flaw was found in the way Samba performed ACL checks on alternate file and directory data streams. An attacker able to access a CIFS share with alternate stream support enabled could access alternate data streams regardless of the underlying file or directory ACL permissions. (CVE-2013-4475) After installing this update, the smb service will be restarted automatically. -- SL5 x86_64 samba3x-3.6.6-0.138.el5_10.x86_64.rpm samba3x-client-3.6.6-0.138.el5_10.x86_64.rpm samba3x-common-3.6.6-0.138.el5_10.x86_64.rpm samba3x-debuginfo-3.6.6-0.138.el5_10.i386.rpm samba3x-debuginfo-3.6.6-0.138.el5_10.x86_64.rpm samba3x-doc-3.6.6-0.138.el5_10.x86_64.rpm samba3x-domainjoin-gui-3.6.6-0.138.el5_10.x86_64.rpm samba3x-swat-3.6.6-0.138.el5_10.x86_64.rpm samba3x-winbind-3.6.6-0.138.el5_10.i386.rpm samba3x-winbind-3.6.6-0.138.el5_10.x86_64.rpm samba3x-winbind-devel-3.6.6-0.138.el5_10.i386.rpm samba3x-winbind-devel-3.6.6-0.138.el5_10.x86_64.rpm i386 samba3x-3.6.6-0.138.el5_10.i386.rpm samba3x-client-3.6.6-0.138.el5_10.i386.rpm samba3x-common-3.6.6-0.138.el5_10.i386.rpm samba3x-debuginfo-3.6.6-0.138.el5_10.i386.rpm samba3x-doc-3.6.6-0.138.el5_10.i386.rpm samba3x-domainjoin-gui-3.6.6-0.138.el5_10.i386.rpm samba3x-swat-3.6.6-0.138.el5_10.i386.rpm samba3x-winbind-3.6.6-0.138.el5_10.i386.rpm samba3x-winbind-devel-3.6.6-0.138.el5_10.i386.rpm SL6 x86_64 libsmbclient-3.6.9-167.el6_5.i686.rpm libsmbclient-3.6.9-167.el6_5.x86_64.rpm samba-client-3.6.9-167.el6_5.x86_64.rpm samba-common-3.6.9-167.el6_5.i686.rpm samba-common-3.6.9-167.el6_5.x86_64.rpm samba-debuginfo-3.6.9-167.el6_5.i686.rpm samba-debuginfo-3.6.9-167.el6_5.x86_64.rpm samba-winbind-3.6.9-167.el6_5.x86_64.rpm samba-winbind-clients-3.6.9-167.el6_5.i686.rpm samba-winbind-clients-3.6.9-167.el6_5.x86_64.rpm libsmbclient-devel-3.6.9-167.el6_5.i686.rpm libsmbclient-devel-3.6.9-167.el6_5.x86_64.rpm samba-3.6.9-167.el6_5.x86_64.rpm samba-doc-3.6.9-167.el6_5.x86_64.rpm samba-domainjoin-gui-3.6.9-167.el6_5.x86_64.rpm samba-swat-3.6.9-167.el6_5.x86_64.rpm samba-winbind-devel-3.6.9-167.el6_5.i686.rpm samba-winbind-devel-3.6.9-167.el6_5.x86_64.rpm samba-winbind-krb5-locator-3.6.9-167.el6_5.x86_64.rpm i386 libsmbclient-3.6.9-167.el6_5.i686.rpm samba-client-3.6.9-167.el6_5.i686.rpm samba-common-3.6.9-167.el6_5.i686.rpm samba-debuginfo-3.6.9-167.el6_5.i686.rpm samba-winbind-3.6.9-167.el6_5.i686.rpm samba-winbind-clients-3.6.9-167.el6_5.i686.rpm libsmbclient-devel-3.6.9-167.el6_5.i686.rpm samba-3.6.9-167.el6_5.i686.rpm samba-doc-3.6.9-167.el6_5.i686.rpm samba-domainjoin-gui-3.6.9-167.el6_5.i686.rpm samba-swat-3.6.9-167.el6_5.i686.rpm samba-winbind-devel-3.6.9-167.el6_5.i686.rpm samba-winbind-krb5-locator-3.6.9-167.el6_5.i686.rpm - Scientific Linux Development Team