Executive Summary
Summary | |
---|---|
Title | samba4 security update |
Informations | |||
---|---|---|---|
Name | RHSA-2014:1009 | First vendor Publication | 2014-08-05 |
Vendor | RedHat | Last vendor Modification | 2014-08-05 |
Severity (Vendor) | Important | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:A/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.9 | Attack Range | Adjacent network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 5.5 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated samba4 packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 3. Description: Samba is an open-source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in Samba's NetBIOS message block daemon (nmbd). An attacker on the local network could use this flaw to send specially crafted packets that, when processed by nmbd, could possibly lead to arbitrary code execution with root privileges. (CVE-2014-3560) All Samba users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, the smb service will be restarted automatically. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1126010 - CVE-2014-3560 samba: remote code execution in nmbd |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2014-1009.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:26046 | |||
Oval ID: | oval:org.mitre.oval:def:26046 | ||
Title: | RHSA-2014:1008: samba security and bug fix update (Important) | ||
Description: | Samba is an open-source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in Samba's NetBIOS message block daemon (nmbd). An attacker on the local network could use this flaw to send specially crafted packets that, when processed by nmbd, could possibly lead to arbitrary code execution with root privileges. (CVE-2014-3560) This update also fixes the following bug: * Prior to this update, Samba incorrectly used the O_TRUNC flag when using the open(2) system call to access the contents of a file that was already opened by a different process, causing the file's previous contents to be removed. With this update, the O_TRUNC flag is no longer used in the above scenario, and file corruption no longer occurs. (BZ#1115490) All Samba users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, the smb service will be restarted automatically. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2014:1008-00 CESA-2014:1008 CVE-2014-3560 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 7 CentOS Linux 7 | Product(s): | samba |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:26191 | |||
Oval ID: | oval:org.mitre.oval:def:26191 | ||
Title: | USN-2305-1 -- samba vulnerability | ||
Description: | Samba could be made to run programs as an administrator if it received specially crafted network traffic. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2305-1 CVE-2014-3560 | Version: | 3 |
Platform(s): | Ubuntu 14.04 | Product(s): | samba |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26357 | |||
Oval ID: | oval:org.mitre.oval:def:26357 | ||
Title: | RHSA-2014:1009: samba4 security update (Important) | ||
Description: | Samba is an open-source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in Samba's NetBIOS message block daemon (nmbd). An attacker on the local network could use this flaw to send specially crafted packets that, when processed by nmbd, could possibly lead to arbitrary code execution with root privileges. (CVE-2014-3560) All Samba users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, the smb service will be restarted automatically. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2014:1009-01 CESA-2014:1009 CVE-2014-0178 CVE-2014-0244 CVE-2014-3493 CVE-2014-3560 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | samba4 |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2014-08-07 | IAVM : 2014-B-0105 - Samba Remote Code Execution Severity : Category I - VMSKEY : V0053637 |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-08-21 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-507.nasl - Type : ACT_GATHER_INFO |
2014-08-20 | Name : The remote Fedora host is missing a security update. File : fedora_2014-9132.nasl - Type : ACT_GATHER_INFO |
2014-08-08 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1008.nasl - Type : ACT_GATHER_INFO |
2014-08-08 | Name : The remote Fedora host is missing a security update. File : fedora_2014-9141.nasl - Type : ACT_GATHER_INFO |
2014-08-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1009.nasl - Type : ACT_GATHER_INFO |
2014-08-06 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1008.nasl - Type : ACT_GATHER_INFO |
2014-08-06 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1009.nasl - Type : ACT_GATHER_INFO |
2014-08-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1008.nasl - Type : ACT_GATHER_INFO |
2014-08-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1009.nasl - Type : ACT_GATHER_INFO |
2014-08-06 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140805_samba4_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2014-08-04 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2014-213-01.nasl - Type : ACT_GATHER_INFO |
2014-08-04 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_89ff45e31a5711e4bebd000c2980a9f3.nasl - Type : ACT_GATHER_INFO |
2014-08-04 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2305-1.nasl - Type : ACT_GATHER_INFO |
2014-08-01 | Name : The remote Samba server is affected by a remote code execution vulnerability. File : samba_4_1_11.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-08-07 17:25:28 |
|
2014-08-07 13:25:17 |
|
2014-08-07 00:25:19 |
|
2014-08-06 00:21:32 |
|