Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title samba security update
Informations
Name DSA-3433 First vendor Publication 2016-01-02
Vendor Debian Last vendor Modification 2016-01-02
Severity (Vendor) N/A Revision 1

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:S/C:P/I:P/A:P)
Cvss Base Score 6 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Medium
Cvss Expoit Score 6.8 Authentication Requires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix. The Common Vulnerabilities and Exposures project identifies the following issues:

CVE-2015-3223

Thilo Uttendorfer of Linux Information Systems AG discovered that a malicious request can cause the Samba LDAP server to hang, spinning using CPU. A remote attacker can take advantage of this flaw to mount a denial of service.

CVE-2015-5252

Jan "Yenya" Kasprzak and the Computer Systems Unit team at Faculty of Informatics, Masaryk University discovered that insufficient symlink verification could allow data access outside an exported share path.

CVE-2015-5296

Stefan Metzmacher of SerNet discovered that Samba does not ensure that signing is negotiated when creating an encrypted client connection to a server. This allows a man-in-the-middle attacker to downgrade the connection and connect using the supplied credentials as an unsigned, unencrypted connection.

CVE-2015-5299

It was discovered that a missing access control check in the VFS shadow_copy2 module could allow unauthorized users to access snapshots.

CVE-2015-5330

Douglas Bagnall of Catalyst discovered that the Samba LDAP server is vulnerable to a remote memory read attack. A remote attacker can obtain sensitive information from daemon heap memory by sending crafted packets and then either read an error message, or a database value.

CVE-2015-7540

It was discovered that a malicious client can send packets that cause the LDAP server provided by the AD DC in the samba daemon process to consume unlimited memory and be terminated.

CVE-2015-8467

Andrew Bartlett of the Samba Team and Catalyst discovered that a Samba server deployed as an AD DC can expose Windows DCs in the same domain to a denial of service via the creation of multiple machine accounts. This issue is related to the MS15-096 / CVE-2015-2535 security issue in Windows.

For the oldstable distribution (wheezy), these problems have been fixed in version 2:3.6.6-6+deb7u6. The oldstable distribution (wheezy) is only affected by CVE-2015-5252, CVE-2015-5296 and CVE-2015-5299.

For the stable distribution (jessie), these problems have been fixed in version 2:4.1.17+dfsg-2+deb8u1. The fixes for CVE-2015-3223 and CVE-2015-5330 required an update to ldb 2:1.1.17-2+deb8u1 to correct the defects.

For the unstable distribution (sid), these problems have been fixed in version 2:4.1.22+dfsg-1. The fixes for CVE-2015-3223 and CVE-2015-5330 required an update to ldb 2:1.1.24-1 to correct the defects.

We recommend that you upgrade your samba packages.

Original Source

Url : http://www.debian.org/security/2016/dsa-3433

CWE : Common Weakness Enumeration

% Id Name
22 % CWE-399 Resource Management Errors
22 % CWE-200 Information Exposure
11 % CWE-269 Improper Privilege Management
11 % CWE-264 Permissions, Privileges, and Access Controls
11 % CWE-189 Numeric Errors (CWE/SANS Top 25)
11 % CWE-20 Improper Input Validation
11 % CWE-17 Code

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 314
Os 4
Os 2
Os 2
Os 4

Information Assurance Vulnerability Management (IAVM)

Date Description
2015-09-10 IAVM : 2015-B-0110 - Microsoft Active Directory Service Denial of Service Vulnerability (MS15-096)
Severity : Category II - VMSKEY : V0061369

Snort® IPS/IDS

Date Description
2018-03-01 Samba LDAP Server libldb denial of service attempt
RuleID : 45568 - Revision : 3 - Type : SERVER-SAMBA

Nessus® Vulnerability Scanner

Date Description
2016-12-27 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201612-47.nasl - Type : ACT_GATHER_INFO
2016-04-21 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-1105-1.nasl - Type : ACT_GATHER_INFO
2016-04-21 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-490.nasl - Type : ACT_GATHER_INFO
2016-04-18 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-462.nasl - Type : ACT_GATHER_INFO
2016-03-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-0015.nasl - Type : ACT_GATHER_INFO
2016-03-14 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3514.nasl - Type : ACT_GATHER_INFO
2016-03-04 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2015-b960ca78bf.nasl - Type : ACT_GATHER_INFO
2016-03-04 Name : The remote Fedora host is missing a security update.
File : fedora_2015-b36076d32e.nasl - Type : ACT_GATHER_INFO
2016-03-04 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2015-af140eefbc.nasl - Type : ACT_GATHER_INFO
2016-03-04 Name : The remote Fedora host is missing a security update.
File : fedora_2015-0e0879cc8a.nasl - Type : ACT_GATHER_INFO
2016-02-17 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2855-2.nasl - Type : ACT_GATHER_INFO
2016-01-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-0164-1.nasl - Type : ACT_GATHER_INFO
2016-01-19 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2016-634.nasl - Type : ACT_GATHER_INFO
2016-01-19 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2016-633.nasl - Type : ACT_GATHER_INFO
2016-01-12 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-0032-1.nasl - Type : ACT_GATHER_INFO
2016-01-12 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-0016.nasl - Type : ACT_GATHER_INFO
2016-01-12 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-0014.nasl - Type : ACT_GATHER_INFO
2016-01-11 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20160107_samba_on_SL7_x.nasl - Type : ACT_GATHER_INFO
2016-01-11 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20160107_samba_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2016-01-11 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20160107_samba4_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2016-01-11 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20160107_libldb_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2016-01-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-0010.nasl - Type : ACT_GATHER_INFO
2016-01-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-0011.nasl - Type : ACT_GATHER_INFO
2016-01-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-0009.nasl - Type : ACT_GATHER_INFO
2016-01-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-0006.nasl - Type : ACT_GATHER_INFO
2016-01-08 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2016-0011.nasl - Type : ACT_GATHER_INFO
2016-01-08 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2016-0010.nasl - Type : ACT_GATHER_INFO
2016-01-08 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2016-0009.nasl - Type : ACT_GATHER_INFO
2016-01-08 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2016-0006.nasl - Type : ACT_GATHER_INFO
2016-01-08 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2016-0011.nasl - Type : ACT_GATHER_INFO
2016-01-08 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2016-0010.nasl - Type : ACT_GATHER_INFO
2016-01-08 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2016-0009.nasl - Type : ACT_GATHER_INFO
2016-01-08 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2016-0006.nasl - Type : ACT_GATHER_INFO
2016-01-07 Name : The remote Samba server is affected by multiple vulnerabilities.
File : samba_4_3_3.nasl - Type : ACT_GATHER_INFO
2016-01-07 Name : The remote Samba server is affected by multiple vulnerabilities.
File : samba_4_1_22.nasl - Type : ACT_GATHER_INFO
2016-01-06 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2856-1.nasl - Type : ACT_GATHER_INFO
2016-01-06 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2855-1.nasl - Type : ACT_GATHER_INFO
2016-01-04 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3433.nasl - Type : ACT_GATHER_INFO
2016-01-04 Name : The remote Debian host is missing a security update.
File : debian_DLA-379.nasl - Type : ACT_GATHER_INFO
2015-12-29 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2015-945.nasl - Type : ACT_GATHER_INFO
2015-12-29 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2015-943.nasl - Type : ACT_GATHER_INFO
2015-12-21 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-2305-1.nasl - Type : ACT_GATHER_INFO
2015-12-21 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-2304-1.nasl - Type : ACT_GATHER_INFO
2015-12-21 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_ef434839a6a411e58275000c292e4fd8.nasl - Type : ACT_GATHER_INFO
2015-09-08 Name : The remote Windows host is affected by a denial of service vulnerability.
File : smb_nt_ms15-096.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
Date Informations
2016-03-30 05:27:31
  • Multiple Updates
2016-03-15 13:25:11
  • Multiple Updates
2016-02-11 08:49:08
  • Multiple Updates
2016-02-11 05:29:02
  • Multiple Updates
2016-02-11 00:29:21
  • Multiple Updates
2016-02-10 21:29:27
  • Multiple Updates
2016-02-10 17:29:06
  • Multiple Updates
2016-02-10 13:28:00
  • Multiple Updates
2016-02-10 09:29:03
  • Multiple Updates
2016-02-10 05:29:17
  • Multiple Updates
2016-02-06 05:29:13
  • Multiple Updates
2016-02-03 09:29:30
  • Multiple Updates
2016-01-05 13:26:39
  • Multiple Updates
2016-01-02 13:23:23
  • First insertion