Rapid7 VulnDB

RHSA-2016:0611: samba security update

Back to Search

RHSA-2016:0611: samba security update

Severity
4
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
04/12/2016
Created
07/25/2018
Added
04/14/2016
Modified
03/21/2018

Description

Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information.Security Fix(es):Note: While Samba packages as shipped in Red Hat Enterprise Linux do not support running Samba as an AD DC, this flaw applies to all roles Samba implements.Red Hat would like to thank the Samba project for reporting these issues. Upstream acknowledges Jouni Knuutinen (Synopsis) as the original reporter of CVE-2015-5370; and Stefan Metzmacher (SerNet) as the original reporter of CVE-2016-2118, CVE-2016-2110, CVE-2016-2112, and CVE-2016-2115.

Solution(s)

  • redhat-upgrade-libsmbclient
  • redhat-upgrade-libsmbclient-devel
  • redhat-upgrade-samba
  • redhat-upgrade-samba-client
  • redhat-upgrade-samba-common
  • redhat-upgrade-samba-debuginfo
  • redhat-upgrade-samba-doc
  • redhat-upgrade-samba-domainjoin-gui
  • redhat-upgrade-samba-glusterfs
  • redhat-upgrade-samba-swat
  • redhat-upgrade-samba-winbind
  • redhat-upgrade-samba-winbind-clients
  • redhat-upgrade-samba-winbind-devel
  • redhat-upgrade-samba-winbind-krb5-locator

References

  • redhat-upgrade-libsmbclient
  • redhat-upgrade-libsmbclient-devel
  • redhat-upgrade-samba
  • redhat-upgrade-samba-client
  • redhat-upgrade-samba-common
  • redhat-upgrade-samba-debuginfo
  • redhat-upgrade-samba-doc
  • redhat-upgrade-samba-domainjoin-gui
  • redhat-upgrade-samba-glusterfs
  • redhat-upgrade-samba-swat
  • redhat-upgrade-samba-winbind
  • redhat-upgrade-samba-winbind-clients
  • redhat-upgrade-samba-winbind-devel
  • redhat-upgrade-samba-winbind-krb5-locator

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;