Synopsis: Moderate: samba and samba3x security update Advisory ID: SLSA-2014:0330-1 Issue Date: 2014-03-25 CVE Numbers: CVE-2012-6150 CVE-2013-4496 -- It was found that certain Samba configurations did not enforce the password lockout mechanism. A remote attacker could use this flaw to perform password guessing attacks on Samba user accounts. Note: this flaw only affected Samba when deployed as a Primary Domain Controller. (CVE-2013-4496) A flaw was found in the way the pam_winbind module handled configurations that specified a non-existent group as required. An authenticated user could possibly use this flaw to gain access to a service using pam_winbind in its PAM configuration when group restriction was intended for access to the service. (CVE-2012-6150) After installing this update, the smb service will be restarted automatically. -- SL5 x86_64 samba3x-domainjoin-gui-3.6.6-0.139.el5_10.x86_64.rpm samba3x-3.6.6-0.139.el5_10.x86_64.rpm samba3x-client-3.6.6-0.139.el5_10.x86_64.rpm samba3x-common-3.6.6-0.139.el5_10.x86_64.rpm samba3x-winbind-devel-3.6.6-0.139.el5_10.i386.rpm samba3x-winbind-devel-3.6.6-0.139.el5_10.x86_64.rpm samba3x-winbind-3.6.6-0.139.el5_10.x86_64.rpm samba3x-winbind-3.6.6-0.139.el5_10.i386.rpm samba3x-swat-3.6.6-0.139.el5_10.x86_64.rpm samba3x-doc-3.6.6-0.139.el5_10.x86_64.rpm samba3x-debuginfo-3.6.6-0.139.el5_10.i386.rpm samba3x-debuginfo-3.6.6-0.139.el5_10.x86_64.rpm i386 samba3x-winbind-3.6.6-0.139.el5_10.i386.rpm samba3x-client-3.6.6-0.139.el5_10.i386.rpm samba3x-common-3.6.6-0.139.el5_10.i386.rpm samba3x-doc-3.6.6-0.139.el5_10.i386.rpm samba3x-winbind-devel-3.6.6-0.139.el5_10.i386.rpm samba3x-3.6.6-0.139.el5_10.i386.rpm samba3x-swat-3.6.6-0.139.el5_10.i386.rpm samba3x-domainjoin-gui-3.6.6-0.139.el5_10.i386.rpm samba3x-debuginfo-3.6.6-0.139.el5_10.i386.rpm srpm samba3x-3.6.6-0.139.el5_10.src.rpm noarch samba3x-debuginfo-3.6.6-0.139.el5_10.x86_64.rpm samba3x-debuginfo-3.6.6-0.139.el5_10.i386.rpm SL6 x86_64 libsmbclient-3.6.9-168.el6_5.i686.rpm samba-common-3.6.9-168.el6_5.x86_64.rpm samba-3.6.9-168.el6_5.x86_64.rpm samba-winbind-clients-3.6.9-168.el6_5.x86_64.rpm samba-client-3.6.9-168.el6_5.x86_64.rpm libsmbclient-devel-3.6.9-168.el6_5.x86_64.rpm libsmbclient-3.6.9-168.el6_5.x86_64.rpm samba-common-3.6.9-168.el6_5.i686.rpm samba-swat-3.6.9-168.el6_5.x86_64.rpm libsmbclient-devel-3.6.9-168.el6_5.i686.rpm samba-doc-3.6.9-168.el6_5.x86_64.rpm samba-winbind-devel-3.6.9-168.el6_5.x86_64.rpm samba-winbind-3.6.9-168.el6_5.x86_64.rpm samba-winbind-devel-3.6.9-168.el6_5.i686.rpm samba-winbind-krb5-locator-3.6.9-168.el6_5.x86_64.rpm samba-domainjoin-gui-3.6.9-168.el6_5.x86_64.rpm samba-winbind-clients-3.6.9-168.el6_5.i686.rpm samba-debuginfo-3.6.9-168.el6_5.i686.rpm samba-debuginfo-3.6.9-168.el6_5.x86_64.rpm srpm samba-3.6.9-168.el6_5.src.rpm i386 samba-domainjoin-gui-3.6.9-168.el6_5.i686.rpm samba-winbind-3.6.9-168.el6_5.i686.rpm samba-client-3.6.9-168.el6_5.i686.rpm samba-common-3.6.9-168.el6_5.i686.rpm libsmbclient-3.6.9-168.el6_5.i686.rpm samba-3.6.9-168.el6_5.i686.rpm samba-winbind-krb5-locator-3.6.9-168.el6_5.i686.rpm libsmbclient-devel-3.6.9-168.el6_5.i686.rpm samba-doc-3.6.9-168.el6_5.i686.rpm samba-winbind-devel-3.6.9-168.el6_5.i686.rpm samba-swat-3.6.9-168.el6_5.i686.rpm samba-winbind-clients-3.6.9-168.el6_5.i686.rpm samba-debuginfo-3.6.9-168.el6_5.i686.rpm noarch samba-debuginfo-3.6.9-168.el6_5.i686.rpm samba-debuginfo-3.6.9-168.el6_5.x86_64.rpm - Scientific Linux Development Team