Oval Definition:oval:com.redhat.rhsa:def:20172791
Revision Date:2017-09-26Version:635
Title:RHSA-2017:2791: samba4 security update (Moderate)
Description:Samba is an open-source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information.

Security Fix(es):

  • It was found that samba did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text. (CVE-2017-12150)

  • An information leak flaw was found in the way SMB1 protocol was implemented by Samba. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server memory cannot be controlled by the attacker. (CVE-2017-12163)

    Red Hat would like to thank the Samba project for reporting CVE-2017-12150 and Yihan Lian and Zhibin Hu (Qihoo 360 GearTeam), Stefan Metzmacher (SerNet), and Jeremy Allison (Google) for reporting CVE-2017-12163. Upstream acknowledges Stefan Metzmacher (SerNet) as the original reporter of CVE-2017-12150.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2017-12150
    CVE-2017-12163
    RHSA-2017:2791
    RHSA-2017:2791-00
    RHSA-2017:2791-01
    RHSA-2017:2791-02
    Platform(s):Red Hat Enterprise Linux 6
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 6 is installed
  • AND
  • samba4 is earlier than 0:4.2.10-11.el6_9
  • AND samba4 is signed with Red Hat redhatrelease2 key
  • samba4-client is earlier than 0:4.2.10-11.el6_9
  • AND samba4-client is signed with Red Hat redhatrelease2 key
  • samba4-common is earlier than 0:4.2.10-11.el6_9
  • AND samba4-common is signed with Red Hat redhatrelease2 key
  • samba4-dc is earlier than 0:4.2.10-11.el6_9
  • AND samba4-dc is signed with Red Hat redhatrelease2 key
  • samba4-dc-libs is earlier than 0:4.2.10-11.el6_9
  • AND samba4-dc-libs is signed with Red Hat redhatrelease2 key
  • samba4-devel is earlier than 0:4.2.10-11.el6_9
  • AND samba4-devel is signed with Red Hat redhatrelease2 key
  • samba4-libs is earlier than 0:4.2.10-11.el6_9
  • AND samba4-libs is signed with Red Hat redhatrelease2 key
  • samba4-pidl is earlier than 0:4.2.10-11.el6_9
  • AND samba4-pidl is signed with Red Hat redhatrelease2 key
  • samba4-python is earlier than 0:4.2.10-11.el6_9
  • AND samba4-python is signed with Red Hat redhatrelease2 key
  • samba4-test is earlier than 0:4.2.10-11.el6_9
  • AND samba4-test is signed with Red Hat redhatrelease2 key
  • samba4-winbind is earlier than 0:4.2.10-11.el6_9
  • AND samba4-winbind is signed with Red Hat redhatrelease2 key
  • samba4-winbind-clients is earlier than 0:4.2.10-11.el6_9
  • AND samba4-winbind-clients is signed with Red Hat redhatrelease2 key
  • samba4-winbind-krb5-locator is earlier than 0:4.2.10-11.el6_9
  • AND samba4-winbind-krb5-locator is signed with Red Hat redhatrelease2 key
    • BACK