Executive Summary

Informations
Name MDVSA-2014:136 First vendor Publication 2014-07-11
Vendor Mandriva Last vendor Modification 2014-07-11
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:S/C:P/I:N/A:N)
Cvss Base Score 3.5 Attack Range Network
Cvss Impact Score 2.9 Attack Complexity Medium
Cvss Expoit Score 6.8 Authentication Requires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

Updated samba packages fix security vulnerabilities:

Information leak vulnerability in the VFS code, allowing an authenticated user to retrieve eight bytes of uninitialized memory when shadow copy is enabled (CVE-2014-0178).

Samba versions before 3.6.24, 4.0.19, and 4.1.9 are vulnerable to a denial of service on the nmbd NetBIOS name services daemon. A malformed packet can cause the nmbd server to loop the CPU and prevent any further NetBIOS name service (CVE-2014-0244).

Samba versions before 3.6.24, 4.0.19, and 4.1.9 are affected by a denial of service crash involving overwriting memory on an authenticated connection to the smbd file server (CVE-2014-3493).

Original Source

Url : http://www.mandriva.com/security/advisories?name=MDVSA-2014:136

CWE : Common Weakness Enumeration

% Id Name
50 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
50 % CWE-20 Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:24948
 
Oval ID: oval:org.mitre.oval:def:24948
Title: DEPRECATED: RHSA-2014:0867: samba security update (Moderate)
Description: Samba is an open-source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. A denial of service flaw was found in the way the sys_recvfile() function of nmbd, the NetBIOS message block daemon, processed non-blocking sockets. An attacker could send a specially crafted packet that, when processed, would cause nmbd to enter an infinite loop and consume an excessive amount of CPU time. (CVE-2014-0244) A flaw was found in the way Samba created responses for certain authenticated client requests when a shadow-copy VFS module was enabled. An attacker able to send an authenticated request could use this flaw to disclose limited portions of memory per each request. (CVE-2014-0178) It was discovered that smbd, the Samba file server daemon, did not properly handle certain files that were stored on the disk and used a valid Unicode character in the file name. An attacker able to send an authenticated non-Unicode request that attempted to read such a file could cause smbd to crash. (CVE-2014-3493) Red Hat would like to thank Daniel Berteaud of FIREWALL-SERVICES SARL for reporting CVE-2014-0244, and the Samba project for reporting CVE-2014-0178 and CVE-2014-3493. The Samba project acknowledges Christof Schmitt as the original reporter of CVE-2014-0178, and Simon Arlott as the original reporter of CVE-2014-3493. All Samba users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, the smb service will be restarted automatically.
Family: unix Class: patch
Reference(s): RHSA-2014:0867-00
CESA-2014:0867
CVE-2014-0178
CVE-2014-0244
CVE-2014-3493
Version: 4
Platform(s): Red Hat Enterprise Linux 7
CentOS Linux 7
Product(s): samba
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24958
 
Oval ID: oval:org.mitre.oval:def:24958
Title: USN-2257-1 -- samba vulnerabilities
Description: Several security issues were fixed in Samba.
Family: unix Class: patch
Reference(s): USN-2257-1
CVE-2014-0178
CVE-2014-0239
CVE-2014-0244
CVE-2014-3493
Version: 3
Platform(s): Ubuntu 14.04
Ubuntu 13.10
Ubuntu 12.04
Ubuntu 10.04
Product(s): samba
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24997
 
Oval ID: oval:org.mitre.oval:def:24997
Title: DSA-2966-1 samba - security update
Description: Multiple vulnerabilities were discovered and fixed in Samba, a SMB/CIFS file, print, and login server.
Family: unix Class: patch
Reference(s): DSA-2966-1
CVE-2014-0178
CVE-2014-0244
CVE-2014-3493
Version: 3
Platform(s): Debian GNU/Linux 7.0
Debian GNU/kFreeBSD 7.0
Product(s): samba
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25062
 
Oval ID: oval:org.mitre.oval:def:25062
Title: DEPRECATED: RHSA-2014:0866: samba and samba3x security update (Moderate)
Description: Samba is an open-source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. A denial of service flaw was found in the way the sys_recvfile() function of nmbd, the NetBIOS message block daemon, processed non-blocking sockets. An attacker could send a specially crafted packet that, when processed, would cause nmbd to enter an infinite loop and consume an excessive amount of CPU time. (CVE-2014-0244) It was discovered that smbd, the Samba file server daemon, did not properly handle certain files that were stored on the disk and used a valid Unicode character in the file name. An attacker able to send an authenticated non-Unicode request that attempted to read such a file could cause smbd to crash. (CVE-2014-3493) Red Hat would like to thank Daniel Berteaud of FIREWALL-SERVICES SARL for reporting CVE-2014-0244, and the Samba project for reporting CVE-2014-3493. The Samba project acknowledges Simon Arlott as the original reporter of CVE-2014-3493. All Samba users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, the smb service will be restarted automatically.
Family: unix Class: patch
Reference(s): RHSA-2014:0866-00
CESA-2014:0866
CVE-2014-0244
CVE-2014-3493
Version: 4
Platform(s): Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 5
CentOS Linux 5
CentOS Linux 6
Product(s): samba3x
samba
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25141
 
Oval ID: oval:org.mitre.oval:def:25141
Title: RHSA-2014:0867: samba security update (Moderate)
Description: Samba is an open-source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. A denial of service flaw was found in the way the sys_recvfile() function of nmbd, the NetBIOS message block daemon, processed non-blocking sockets. An attacker could send a specially crafted packet that, when processed, would cause nmbd to enter an infinite loop and consume an excessive amount of CPU time. (CVE-2014-0244) A flaw was found in the way Samba created responses for certain authenticated client requests when a shadow-copy VFS module was enabled. An attacker able to send an authenticated request could use this flaw to disclose limited portions of memory per each request. (CVE-2014-0178) It was discovered that smbd, the Samba file server daemon, did not properly handle certain files that were stored on the disk and used a valid Unicode character in the file name. An attacker able to send an authenticated non-Unicode request that attempted to read such a file could cause smbd to crash. (CVE-2014-3493) Red Hat would like to thank Daniel Berteaud of FIREWALL-SERVICES SARL for reporting CVE-2014-0244, and the Samba project for reporting CVE-2014-0178 and CVE-2014-3493. The Samba project acknowledges Christof Schmitt as the original reporter of CVE-2014-0178, and Simon Arlott as the original reporter of CVE-2014-3493. All Samba users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, the smb service will be restarted automatically.
Family: unix Class: patch
Reference(s): RHSA-2014:0867-00
CESA-2014:0867
CVE-2014-0178
CVE-2014-0244
CVE-2014-3493
Version: 3
Platform(s): Red Hat Enterprise Linux 7
CentOS Linux 7
Product(s): samba
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25271
 
Oval ID: oval:org.mitre.oval:def:25271
Title: RHSA-2014:0866: samba and samba3x security update (Moderate)
Description: Samba is an open-source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. A denial of service flaw was found in the way the sys_recvfile() function of nmbd, the NetBIOS message block daemon, processed non-blocking sockets. An attacker could send a specially crafted packet that, when processed, would cause nmbd to enter an infinite loop and consume an excessive amount of CPU time. (CVE-2014-0244) It was discovered that smbd, the Samba file server daemon, did not properly handle certain files that were stored on the disk and used a valid Unicode character in the file name. An attacker able to send an authenticated non-Unicode request that attempted to read such a file could cause smbd to crash. (CVE-2014-3493) Red Hat would like to thank Daniel Berteaud of FIREWALL-SERVICES SARL for reporting CVE-2014-0244, and the Samba project for reporting CVE-2014-3493. The Samba project acknowledges Simon Arlott as the original reporter of CVE-2014-3493. All Samba users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, the smb service will be restarted automatically.
Family: unix Class: patch
Reference(s): RHSA-2014:0866-00
CESA-2014:0866
CVE-2014-0244
CVE-2014-3493
Version: 3
Platform(s): Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 5
CentOS Linux 5
CentOS Linux 6
Product(s): samba3x
samba
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26095
 
Oval ID: oval:org.mitre.oval:def:26095
Title: SUSE-SU-2014:0899-1 -- Security update for Samba
Description: Samba has been updated to fix two security issues and one non-security issue.
Family: unix Class: patch
Reference(s): SUSE-SU-2014:0899-1
CVE-2014-3493
CVE-2014-0244
CVE-2014-0178
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Desktop 11
Product(s): Samba
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27045
 
Oval ID: oval:org.mitre.oval:def:27045
Title: ELSA-2014-0866 -- samba and samba3x security update (moderate)
Description: [3.6.9-169] - resolves: #1105499 - CVE-2014-0244: DoS in nmbd. - resolves: #1108840 - CVE-2014-3493: DoS in smbd with unicode path names.
Family: unix Class: patch
Reference(s): ELSA-2014-0866
CVE-2014-0244
CVE-2014-3493
Version: 3
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): samba3x
samba
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27238
 
Oval ID: oval:org.mitre.oval:def:27238
Title: ELSA-2014-0867 -- samba security update (moderate)
Description: [4.1.1-35] - resolves: #1105504 - CVE-2014-0244: DoS in nmbd. - resolves: #1108844 - CVE-2014-3493: DoS in smbd with unicode path names. - resolves: #1105573 - CVE-2014-0178: Uninitialized memory exposure. [4.1.1-33] - related: #717484 - Add missing configure line to enable profiling data support. [4.1.1-32] - related: #1082653 - Reuse IPv6 address during the AD domain join.
Family: unix Class: patch
Reference(s): ELSA-2014-0867
CVE-2014-0244
CVE-2014-3493
CVE-2014-0178
Version: 3
Platform(s): Oracle Linux 7
Product(s): samba
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 52

Information Assurance Vulnerability Management (IAVM)

Date Description
2015-06-25 IAVM : 2015-B-0083 - Multiple Vulnerabilities in IBM Storwize V7000 Unified
Severity : Category I - VMSKEY : V0060983
2014-06-05 IAVM : 2014-B-0067 - Multiple Vulnerabilities in Samba
Severity : Category I - VMSKEY : V0051853

Nessus® Vulnerability Scanner

Date Description
2015-06-26 Name : The remote IBM Storwize device is affected by multiple vulnerabilities.
File : ibm_storwize_1_5_0_2.nasl - Type : ACT_GATHER_INFO
2015-03-30 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2015-082.nasl - Type : ACT_GATHER_INFO
2015-02-26 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201502-15.nasl - Type : ACT_GATHER_INFO
2015-01-19 Name : The remote Solaris system is missing a security patch for third-party software.
File : solaris11_samba_20140915_2.nasl - Type : ACT_GATHER_INFO
2014-08-20 Name : The remote Fedora host is missing a security update.
File : fedora_2014-9132.nasl - Type : ACT_GATHER_INFO
2014-08-06 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-1009.nasl - Type : ACT_GATHER_INFO
2014-08-06 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-1009.nasl - Type : ACT_GATHER_INFO
2014-08-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-1009.nasl - Type : ACT_GATHER_INFO
2014-07-30 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0867.nasl - Type : ACT_GATHER_INFO
2014-07-24 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-0867.nasl - Type : ACT_GATHER_INFO
2014-07-16 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_cifs-mount-140627.nasl - Type : ACT_GATHER_INFO
2014-07-14 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2014-136.nasl - Type : ACT_GATHER_INFO
2014-07-10 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0866.nasl - Type : ACT_GATHER_INFO
2014-07-10 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20140709_samba_and_samba3x_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2014-07-10 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-0866.nasl - Type : ACT_GATHER_INFO
2014-07-10 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-0867.nasl - Type : ACT_GATHER_INFO
2014-07-10 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-0866.nasl - Type : ACT_GATHER_INFO
2014-07-02 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-450.nasl - Type : ACT_GATHER_INFO
2014-07-02 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-449.nasl - Type : ACT_GATHER_INFO
2014-06-27 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2257-1.nasl - Type : ACT_GATHER_INFO
2014-06-26 Name : The remote Fedora host is missing a security update.
File : fedora_2014-7672.nasl - Type : ACT_GATHER_INFO
2014-06-25 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2014-175-04.nasl - Type : ACT_GATHER_INFO
2014-06-24 Name : The remote Samba server is affected by multiple denial of service vulnerabili...
File : samba_4_1_9.nasl - Type : ACT_GATHER_INFO
2014-06-24 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_6ad309d9fb0311e3bebd000c2980a9f3.nasl - Type : ACT_GATHER_INFO
2014-06-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2966.nasl - Type : ACT_GATHER_INFO
2014-06-03 Name : The remote Samba server is potentially affected by multiple vulnerabilities.
File : samba_4_1_8.nasl - Type : ACT_GATHER_INFO
2014-05-30 Name : The remote Samba server is potentially affected by multiple vulnerabilities.
File : samba_4_0_18.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
Date Informations
2014-07-14 13:25:59
  • Multiple Updates
2014-07-11 13:22:43
  • First insertion