Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title Samba vulnerabilities
Informations
Name USN-2922-1 First vendor Publication 2016-03-08
Vendor Ubuntu Last vendor Modification 2016-03-08
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:H/Au:N/C:P/I:P/A:P)
Cvss Base Score 5.1 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity High
Cvss Expoit Score 4.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 15.10 - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS

Summary:

Several security issues were fixed in Samba.

Software Description: - samba: SMB/CIFS file, print, and login server for Unix

Details:

Jeremy Allison discovered that Samba incorrectly handled ACLs on symlink paths. A remote attacker could use this issue to overwrite the ownership of ACLs using symlinks. (CVE-2015-7560)

Garming Sam and Douglas Bagnall discovered that the Samba internal DNS server incorrectly handled certain DNS TXT records. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or possibly obtain uninitialized memory contents. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 15.10. (CVE-2016-0771)

It was discovered that the Samba Web Administration Tool (SWAT) was vulnerable to clickjacking and cross-site request forgery attacks. This issue only affected Ubuntu 12.04 LTS. (CVE-2013-0213, CVE-2013-0214)

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 15.10:
samba 2:4.1.17+dfsg-4ubuntu3.3

Ubuntu 14.04 LTS:
samba 2:4.1.6+dfsg-1ubuntu2.14.04.13

Ubuntu 12.04 LTS:
samba 2:3.6.3-2ubuntu2.17
swat 2:3.6.3-2ubuntu2.17

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2922-1
CVE-2013-0213, CVE-2013-0214, CVE-2015-7560, CVE-2016-0771

Package Information:
https://launchpad.net/ubuntu/+source/samba/2:4.1.17+dfsg-4ubuntu3.3
https://launchpad.net/ubuntu/+source/samba/2:4.1.6+dfsg-1ubuntu2.14.04.13
https://launchpad.net/ubuntu/+source/samba/2:3.6.3-2ubuntu2.17

Original Source

Url : http://www.ubuntu.com/usn/USN-2922-1

CWE : Common Weakness Enumeration

% Id Name
25 % CWE-352 Cross-Site Request Forgery (CSRF) (CWE/SANS Top 25)
25 % CWE-284 Access Control (Authorization) Issues
25 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
25 % CWE-20 Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:18555
 
Oval ID: oval:org.mitre.oval:def:18555
Title: DSA-2617-1 samba - several issues
Description: Jann Horn had reported two vulnerabilities in Samba, a popular cross-platform network file and printer sharing suite. In particular, these vulnerabilities affect to SWAT, the Samba Web Administration Tool.
Family: unix Class: patch
Reference(s): DSA-2617-1
CVE-2013-0213
CVE-2013-0214
Version: 5
Platform(s): Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
Product(s): samba
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25694
 
Oval ID: oval:org.mitre.oval:def:25694
Title: SUSE-SU-2013:0326-1 -- Security update for Samba
Description: The Samba Web Administration Tool (SWAT) in Samba versions 3.0.x to 4.0.1 was affected by a cross-site request forgery (CVE-2013-0214) and a click-jacking attack (CVE-2013-0213). This has been fixed.
Family: unix Class: patch
Reference(s): SUSE-SU-2013:0326-1
CVE-2013-0214
CVE-2013-0213
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Desktop 11
Product(s): Samba
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 320
Os 3
Os 2

Nessus® Vulnerability Scanner

Date Description
2017-05-01 Name : The remote EulerOS host is missing a security update.
File : EulerOS_SA-2016-1006.nasl - Type : ACT_GATHER_INFO
2016-04-21 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-490.nasl - Type : ACT_GATHER_INFO
2016-04-18 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-462.nasl - Type : ACT_GATHER_INFO
2016-04-01 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-0905-1.nasl - Type : ACT_GATHER_INFO
2016-04-01 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2016-674.nasl - Type : ACT_GATHER_INFO
2016-03-28 Name : The remote Fedora host is missing a security update.
File : fedora_2016-4b55f00d00.nasl - Type : ACT_GATHER_INFO
2016-03-25 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-399.nasl - Type : ACT_GATHER_INFO
2016-03-23 Name : The remote Samba server is affected by multiple vulnerabilities.
File : samba_4_3_6.nasl - Type : ACT_GATHER_INFO
2016-03-22 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-0837-1.nasl - Type : ACT_GATHER_INFO
2016-03-21 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-0816-1.nasl - Type : ACT_GATHER_INFO
2016-03-21 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-0814-1.nasl - Type : ACT_GATHER_INFO
2016-03-21 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-359.nasl - Type : ACT_GATHER_INFO
2016-03-17 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-0447.nasl - Type : ACT_GATHER_INFO
2016-03-16 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20160315_samba_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2016-03-16 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20160315_samba4_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2016-03-16 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-0449.nasl - Type : ACT_GATHER_INFO
2016-03-16 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-0448.nasl - Type : ACT_GATHER_INFO
2016-03-16 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2016-0449.nasl - Type : ACT_GATHER_INFO
2016-03-16 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2016-0448.nasl - Type : ACT_GATHER_INFO
2016-03-16 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2016-0449.nasl - Type : ACT_GATHER_INFO
2016-03-16 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2016-0448.nasl - Type : ACT_GATHER_INFO
2016-03-14 Name : The remote Fedora host is missing a security update.
File : fedora_2016-ed1587f6ba.nasl - Type : ACT_GATHER_INFO
2016-03-14 Name : The remote Fedora host is missing a security update.
File : fedora_2016-cad77a4576.nasl - Type : ACT_GATHER_INFO
2016-03-14 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3514.nasl - Type : ACT_GATHER_INFO
2016-03-09 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2016-068-02.nasl - Type : ACT_GATHER_INFO
2016-03-09 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2922-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-0723-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2013-0325-1.nasl - Type : ACT_GATHER_INFO
2015-01-19 Name : The remote Solaris system is missing a security patch for third-party software.
File : solaris11_samba_20130521.nasl - Type : ACT_GATHER_INFO
2014-11-12 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-1542.nasl - Type : ACT_GATHER_INFO
2014-11-12 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-1310.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2013-107.nasl - Type : ACT_GATHER_INFO
2014-03-18 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0305.nasl - Type : ACT_GATHER_INFO
2014-03-18 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-0305.nasl - Type : ACT_GATHER_INFO
2014-03-18 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-0305.nasl - Type : ACT_GATHER_INFO
2014-03-18 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20140317_samba_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-12-04 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20131121_samba_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2013-11-27 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-1542.nasl - Type : ACT_GATHER_INFO
2013-11-21 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1542.nasl - Type : ACT_GATHER_INFO
2013-10-11 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20130930_samba3x_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-10-09 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-1310.nasl - Type : ACT_GATHER_INFO
2013-10-01 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1310.nasl - Type : ACT_GATHER_INFO
2013-02-24 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_cifs-mount-130131.nasl - Type : ACT_GATHER_INFO
2013-02-23 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_cifs-mount-8449.nasl - Type : ACT_GATHER_INFO
2013-02-14 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-011.nasl - Type : ACT_GATHER_INFO
2013-02-13 Name : The remote Fedora host is missing a security update.
File : fedora_2013-1718.nasl - Type : ACT_GATHER_INFO
2013-02-13 Name : The remote Fedora host is missing a security update.
File : fedora_2013-1716.nasl - Type : ACT_GATHER_INFO
2013-02-13 Name : The remote Fedora host is missing a security update.
File : fedora_2013-1667.nasl - Type : ACT_GATHER_INFO
2013-02-13 Name : The remote Fedora host is missing a security update.
File : fedora_2013-1654.nasl - Type : ACT_GATHER_INFO
2013-02-04 Name : The remote Samba server is affected by multiple vulnerabilities.
File : samba_4_0_2.nasl - Type : ACT_GATHER_INFO
2013-02-04 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2617.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
Date Informations
2016-03-14 05:29:09
  • Multiple Updates
2016-03-10 13:25:20
  • Multiple Updates
2016-03-08 17:27:20
  • Multiple Updates
2016-03-08 17:22:54
  • First insertion