Executive Summary

Summary
Title Samba vulnerability
Informations
Name USN-2305-1 First vendor Publication 2014-08-01
Vendor Ubuntu Last vendor Modification 2014-08-01
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:A/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 7.9 Attack Range Adjacent network
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 5.5 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 14.04 LTS

Summary:

Samba could be made to run programs as an administrator if it received specially crafted network traffic.

Software Description: - samba: SMB/CIFS file, print, and login server for Unix

Details:

Volker Lendecke discovered that the Samba NetBIOS name service daemon incorrectly handled certain memory operations. A remote attacker could use this issue to execute arbitrary code as the root user.

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 14.04 LTS:
samba 2:4.1.6+dfsg-1ubuntu2.14.04.3

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2305-1
CVE-2014-3560

Package Information:
https://launchpad.net/ubuntu/+source/samba/2:4.1.6+dfsg-1ubuntu2.14.04.3

Original Source

Url : http://www.ubuntu.com/usn/USN-2305-1

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-94 Failure to Control Generation of Code ('Code Injection')

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:26046
 
Oval ID: oval:org.mitre.oval:def:26046
Title: RHSA-2014:1008: samba security and bug fix update (Important)
Description: Samba is an open-source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in Samba's NetBIOS message block daemon (nmbd). An attacker on the local network could use this flaw to send specially crafted packets that, when processed by nmbd, could possibly lead to arbitrary code execution with root privileges. (CVE-2014-3560) This update also fixes the following bug: * Prior to this update, Samba incorrectly used the O_TRUNC flag when using the open(2) system call to access the contents of a file that was already opened by a different process, causing the file's previous contents to be removed. With this update, the O_TRUNC flag is no longer used in the above scenario, and file corruption no longer occurs. (BZ#1115490) All Samba users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, the smb service will be restarted automatically.
Family: unix Class: patch
Reference(s): RHSA-2014:1008-00
CESA-2014:1008
CVE-2014-3560
Version: 3
Platform(s): Red Hat Enterprise Linux 7
CentOS Linux 7
Product(s): samba
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26191
 
Oval ID: oval:org.mitre.oval:def:26191
Title: USN-2305-1 -- samba vulnerability
Description: Samba could be made to run programs as an administrator if it received specially crafted network traffic.
Family: unix Class: patch
Reference(s): USN-2305-1
CVE-2014-3560
Version: 3
Platform(s): Ubuntu 14.04
Product(s): samba
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26357
 
Oval ID: oval:org.mitre.oval:def:26357
Title: RHSA-2014:1009: samba4 security update (Important)
Description: Samba is an open-source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in Samba's NetBIOS message block daemon (nmbd). An attacker on the local network could use this flaw to send specially crafted packets that, when processed by nmbd, could possibly lead to arbitrary code execution with root privileges. (CVE-2014-3560) All Samba users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, the smb service will be restarted automatically.
Family: unix Class: patch
Reference(s): RHSA-2014:1009-01
CESA-2014:1009
CVE-2014-0178
CVE-2014-0244
CVE-2014-3493
CVE-2014-3560
Version: 3
Platform(s): Red Hat Enterprise Linux 6
CentOS Linux 6
Product(s): samba4
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27074
 
Oval ID: oval:org.mitre.oval:def:27074
Title: ELSA-2014-1009 -- samba4 security update (important)
Description: [4.0.0-63.rc4] - resolves: #1126011 - CVE-2014-3560: remote code execution in nmbd. [4.0.0-62.rc4] - resolves: #1105501 - CVE-2014-0244: DoS in nmbd. - resolves: #1108842 - CVE-2014-3493: DoS in smbd with unicode path names. - resolves: #1105571 - CVE-2014-0178: Uninitialized memory exposure.
Family: unix Class: patch
Reference(s): ELSA-2014-1009
CVE-2014-3560
Version: 3
Platform(s): Oracle Linux 6
Product(s): samba4
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27260
 
Oval ID: oval:org.mitre.oval:def:27260
Title: ELSA-2014-1008 -- samba security and bug fix update (important)
Description: [4.1.1-37] - resolves: #1126013 - CVE-2014-3560: remote code execution in nmbd. [4.1.1-36] - resolves: #1115490 - Fix potential Samba file corruption.
Family: unix Class: patch
Reference(s): ELSA-2014-1008
CVE-2014-3560
Version: 3
Platform(s): Oracle Linux 7
Product(s): samba
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 32
Os 1
Os 2

Information Assurance Vulnerability Management (IAVM)

Date Description
2014-08-07 IAVM : 2014-B-0105 - Samba Remote Code Execution
Severity : Category I - VMSKEY : V0053637

Nessus® Vulnerability Scanner

Date Description
2014-08-21 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-507.nasl - Type : ACT_GATHER_INFO
2014-08-20 Name : The remote Fedora host is missing a security update.
File : fedora_2014-9132.nasl - Type : ACT_GATHER_INFO
2014-08-08 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-1008.nasl - Type : ACT_GATHER_INFO
2014-08-08 Name : The remote Fedora host is missing a security update.
File : fedora_2014-9141.nasl - Type : ACT_GATHER_INFO
2014-08-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-1009.nasl - Type : ACT_GATHER_INFO
2014-08-06 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-1008.nasl - Type : ACT_GATHER_INFO
2014-08-06 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-1009.nasl - Type : ACT_GATHER_INFO
2014-08-06 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-1008.nasl - Type : ACT_GATHER_INFO
2014-08-06 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-1009.nasl - Type : ACT_GATHER_INFO
2014-08-06 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20140805_samba4_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2014-08-04 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2014-213-01.nasl - Type : ACT_GATHER_INFO
2014-08-04 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_89ff45e31a5711e4bebd000c2980a9f3.nasl - Type : ACT_GATHER_INFO
2014-08-04 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2305-1.nasl - Type : ACT_GATHER_INFO
2014-08-01 Name : The remote Samba server is affected by a remote code execution vulnerability.
File : samba_4_1_11.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
Date Informations
2014-08-07 17:25:29
  • Multiple Updates
2014-08-07 00:25:19
  • Multiple Updates
2014-08-05 13:25:58
  • Multiple Updates
2014-08-02 05:24:45
  • First insertion