|Category:||Debian Local Security Checks|
|Title:||Debian LTS Advisory ([SECURITY] [DLA 1754-1] samba security update)|
|Summary:||The remote host is missing an update for the 'samba'; package(s) announced via the DSA-1754-1 advisory.|
The remote host is missing an update for the 'samba'
package(s) announced via the DSA-1754-1 advisory.
Various vulnerabilities were discovered in Samba, SMB/CIFS file, print,
and login server/client for Unix
smbd in Samba had a denial of service vulnerability (fd_open_atomic
infinite loop with high CPU usage and memory consumption) due to
wrongly handling dangling symlinks.
Samba was vulnerable to a denial of service attack when the RPC
spoolss service was configured to be run as an external daemon.
Missing input sanitization checks on some of the input parameters to
spoolss RPC calls could have caused the print spooler service to
On a Samba 4 AD DC the LDAP server of Samba incorrectly validated
permissions to modify passwords over LDAP allowing authenticated
users to change any other users' passwords, including administrative
users and privileged service accounts (eg Domain Controllers).
Thanks to the Ubuntu security team for having backported the rather
invasive changeset to Samba in Ubuntu 14.04 (which we could use to
patch Samba in Debian jessie LTS).
A flaw was found in the way Samba implemented an RPC endpoint
emulating the Windows registry service API. An unprivileged attacker
could have used this flaw to create a new registry hive file anywhere
they had unix permissions which could have lead to creation of a new
file in the Samba share.
'samba' package(s) on Debian Linux.
For Debian 8 'Jessie', these problems have been fixed in version
We recommend that you upgrade your samba packages.
Common Vulnerability Exposure (CVE) ID: CVE-2017-9461|
BugTraq ID: 99455
RedHat Security Advisories: RHSA-2017:1950
RedHat Security Advisories: RHSA-2017:2338
RedHat Security Advisories: RHSA-2017:2778
Common Vulnerability Exposure (CVE) ID: CVE-2018-1050
BugTraq ID: 103387
Debian Security Information: DSA-4135 (Google Search)
RedHat Security Advisories: RHSA-2018:1860
RedHat Security Advisories: RHSA-2018:1883
RedHat Security Advisories: RHSA-2018:2612
RedHat Security Advisories: RHSA-2018:2613
RedHat Security Advisories: RHSA-2018:3056
Common Vulnerability Exposure (CVE) ID: CVE-2018-1057
BugTraq ID: 103382
Common Vulnerability Exposure (CVE) ID: CVE-2019-3880
SuSE Security Announcement: openSUSE-SU-2019:1180 (Google Search)
SuSE Security Announcement: openSUSE-SU-2019:1292 (Google Search)
|Copyright||Copyright (C) 2019 Greenbone Networks GmbH|
|This is only one of 73533 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.