Description: | Samba is an open-source implementation of the Server Message Block (SMB) orCommon Internet File System (CIFS) protocol, which allows PC-compatiblemachines to share files, printers, and other information.It was found that certain Samba configurations did not enforce the passwordlockout mechanism. A remote attacker could use this flaw to performpassword guessing attacks on Samba user accounts. Note: this flaw onlyaffected Samba when deployed as a Primary Domain Controller.(CVE-2013-4496)A flaw was found in the way the pam_winbind module handled configurationsthat specified a non-existent group as required. An authenticated usercould possibly use this flaw to gain access to a service using pam_winbindin its PAM configuration when group restriction was intended for access tothe service. (CVE-2012-6150)Red Hat would like to thank the Samba project for reporting CVE-2013-4496and Sam Richardson for reporting CVE-2012-6150. Upstream acknowledgesAndrew Bartlett as the original reporter of CVE-2013-4496.All users of Samba are advised to upgrade to these updated packages, whichcontain backported patches to correct these issues. After installing thisupdate, the smb service will be restarted automatically. |