Oval Definition:oval:com.redhat.rhsa:def:20170744
Revision Date:2017-03-21Version:642
Title:RHSA-2017:0744: samba4 security and bug fix update (Moderate)
Description:Samba is an open-source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information.

Security Fix(es):

  • It was found that Samba always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users. (CVE-2016-2125)

  • A flaw was found in the way Samba handled PAC (Privilege Attribute Certificate) checksums. A remote, authenticated attacker could use this flaw to crash the winbindd process. (CVE-2016-2126)

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 6.9 Release Notes and Red Hat Enterprise Linux 6.9 Technical Notes linked from the References section.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2016-2125
    CVE-2016-2126
    RHSA-2017:0744
    RHSA-2017:0744-00
    RHSA-2017:0744-01
    RHSA-2017:0744-01
    Platform(s):Red Hat Enterprise Linux 6
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 6 is installed
  • AND
  • samba4 is earlier than 0:4.2.10-9.el6
  • AND samba4 is signed with Red Hat redhatrelease2 key
  • samba4-client is earlier than 0:4.2.10-9.el6
  • AND samba4-client is signed with Red Hat redhatrelease2 key
  • samba4-common is earlier than 0:4.2.10-9.el6
  • AND samba4-common is signed with Red Hat redhatrelease2 key
  • samba4-dc is earlier than 0:4.2.10-9.el6
  • AND samba4-dc is signed with Red Hat redhatrelease2 key
  • samba4-dc-libs is earlier than 0:4.2.10-9.el6
  • AND samba4-dc-libs is signed with Red Hat redhatrelease2 key
  • samba4-devel is earlier than 0:4.2.10-9.el6
  • AND samba4-devel is signed with Red Hat redhatrelease2 key
  • samba4-libs is earlier than 0:4.2.10-9.el6
  • AND samba4-libs is signed with Red Hat redhatrelease2 key
  • samba4-pidl is earlier than 0:4.2.10-9.el6
  • AND samba4-pidl is signed with Red Hat redhatrelease2 key
  • samba4-python is earlier than 0:4.2.10-9.el6
  • AND samba4-python is signed with Red Hat redhatrelease2 key
  • samba4-test is earlier than 0:4.2.10-9.el6
  • AND samba4-test is signed with Red Hat redhatrelease2 key
  • samba4-winbind is earlier than 0:4.2.10-9.el6
  • AND samba4-winbind is signed with Red Hat redhatrelease2 key
  • samba4-winbind-clients is earlier than 0:4.2.10-9.el6
  • AND samba4-winbind-clients is signed with Red Hat redhatrelease2 key
  • samba4-winbind-krb5-locator is earlier than 0:4.2.10-9.el6
  • AND samba4-winbind-krb5-locator is signed with Red Hat redhatrelease2 key
    • BACK