LISTSERV - SCIENTIFIC-LINUX-ERRATA Archives

Synopsis:          Important: samba and samba3x security update
Advisory ID:       SLSA-2013:1806-1
Issue Date:        2013-12-10
CVE Numbers:       CVE-2013-4408
                   CVE-2013-4475
--

A heap-based buffer overflow flaw was found in the DCE-RPC client code in
Samba. A specially crafted DCE-RPC packet could cause various Samba
programs to crash or, possibly, execute arbitrary code when parsed. A
malicious or compromised Active Directory Domain Controller could use this
flaw to compromise the winbindd daemon running with root privileges.
(CVE-2013-4408)

A flaw was found in the way Samba performed ACL checks on alternate file
and directory data streams. An attacker able to access a CIFS share with
alternate stream support enabled could access alternate data streams
regardless of the underlying file or directory ACL permissions.
(CVE-2013-4475)

After installing this update, the smb service will be restarted
automatically.
--

SL5
  x86_64
    samba3x-3.6.6-0.138.el5_10.x86_64.rpm
    samba3x-client-3.6.6-0.138.el5_10.x86_64.rpm
    samba3x-common-3.6.6-0.138.el5_10.x86_64.rpm
    samba3x-debuginfo-3.6.6-0.138.el5_10.i386.rpm
    samba3x-debuginfo-3.6.6-0.138.el5_10.x86_64.rpm
    samba3x-doc-3.6.6-0.138.el5_10.x86_64.rpm
    samba3x-domainjoin-gui-3.6.6-0.138.el5_10.x86_64.rpm
    samba3x-swat-3.6.6-0.138.el5_10.x86_64.rpm
    samba3x-winbind-3.6.6-0.138.el5_10.i386.rpm
    samba3x-winbind-3.6.6-0.138.el5_10.x86_64.rpm
    samba3x-winbind-devel-3.6.6-0.138.el5_10.i386.rpm
    samba3x-winbind-devel-3.6.6-0.138.el5_10.x86_64.rpm
  i386
    samba3x-3.6.6-0.138.el5_10.i386.rpm
    samba3x-client-3.6.6-0.138.el5_10.i386.rpm
    samba3x-common-3.6.6-0.138.el5_10.i386.rpm
    samba3x-debuginfo-3.6.6-0.138.el5_10.i386.rpm
    samba3x-doc-3.6.6-0.138.el5_10.i386.rpm
    samba3x-domainjoin-gui-3.6.6-0.138.el5_10.i386.rpm
    samba3x-swat-3.6.6-0.138.el5_10.i386.rpm
    samba3x-winbind-3.6.6-0.138.el5_10.i386.rpm
    samba3x-winbind-devel-3.6.6-0.138.el5_10.i386.rpm
SL6
  x86_64
    libsmbclient-3.6.9-167.el6_5.i686.rpm
    libsmbclient-3.6.9-167.el6_5.x86_64.rpm
    samba-client-3.6.9-167.el6_5.x86_64.rpm
    samba-common-3.6.9-167.el6_5.i686.rpm
    samba-common-3.6.9-167.el6_5.x86_64.rpm
    samba-debuginfo-3.6.9-167.el6_5.i686.rpm
    samba-debuginfo-3.6.9-167.el6_5.x86_64.rpm
    samba-winbind-3.6.9-167.el6_5.x86_64.rpm
    samba-winbind-clients-3.6.9-167.el6_5.i686.rpm
    samba-winbind-clients-3.6.9-167.el6_5.x86_64.rpm
    libsmbclient-devel-3.6.9-167.el6_5.i686.rpm
    libsmbclient-devel-3.6.9-167.el6_5.x86_64.rpm
    samba-3.6.9-167.el6_5.x86_64.rpm
    samba-doc-3.6.9-167.el6_5.x86_64.rpm
    samba-domainjoin-gui-3.6.9-167.el6_5.x86_64.rpm
    samba-swat-3.6.9-167.el6_5.x86_64.rpm
    samba-winbind-devel-3.6.9-167.el6_5.i686.rpm
    samba-winbind-devel-3.6.9-167.el6_5.x86_64.rpm
    samba-winbind-krb5-locator-3.6.9-167.el6_5.x86_64.rpm
  i386
    libsmbclient-3.6.9-167.el6_5.i686.rpm
    samba-client-3.6.9-167.el6_5.i686.rpm
    samba-common-3.6.9-167.el6_5.i686.rpm
    samba-debuginfo-3.6.9-167.el6_5.i686.rpm
    samba-winbind-3.6.9-167.el6_5.i686.rpm
    samba-winbind-clients-3.6.9-167.el6_5.i686.rpm
    libsmbclient-devel-3.6.9-167.el6_5.i686.rpm
    samba-3.6.9-167.el6_5.i686.rpm
    samba-doc-3.6.9-167.el6_5.i686.rpm
    samba-domainjoin-gui-3.6.9-167.el6_5.i686.rpm
    samba-swat-3.6.9-167.el6_5.i686.rpm
    samba-winbind-devel-3.6.9-167.el6_5.i686.rpm
    samba-winbind-krb5-locator-3.6.9-167.el6_5.i686.rpm

- Scientific Linux Development Team