Rapid7 Vulnerability & Exploit Database

RHSA-2016:0613: samba3x security update

Back to Search

RHSA-2016:0613: samba3x security update

Severity
4
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
04/12/2016
Created
07/25/2018
Added
04/14/2016
Modified
03/21/2018

Description

Samba is an open-source implementation of the Server Message Block (SMB) orCommon Internet File System (CIFS) protocol, which allows PC-compatible machinesto share files, printers, and other information.Security Fix(es):Note: While Samba packages as shipped in Red Hat Enterprise Linux do not supportrunning Samba as an AD DC, this flaw applies to all roles Samba implements.Red Hat would like to thank the Samba project for reporting these issues.Upstream acknowledges Jouni Knuutinen (Synopsis) as the original reporter ofCVE-2015-5370; and Stefan Metzmacher (SerNet) as the original reporter ofCVE-2016-2118, CVE-2016-2110, CVE-2016-2112, and CVE-2016-2115.

Solution(s)

  • redhat-upgrade-samba3x
  • redhat-upgrade-samba3x-client
  • redhat-upgrade-samba3x-common
  • redhat-upgrade-samba3x-debuginfo
  • redhat-upgrade-samba3x-doc
  • redhat-upgrade-samba3x-domainjoin-gui
  • redhat-upgrade-samba3x-swat
  • redhat-upgrade-samba3x-winbind
  • redhat-upgrade-samba3x-winbind-devel

References

  • redhat-upgrade-samba3x
  • redhat-upgrade-samba3x-client
  • redhat-upgrade-samba3x-common
  • redhat-upgrade-samba3x-debuginfo
  • redhat-upgrade-samba3x-doc
  • redhat-upgrade-samba3x-domainjoin-gui
  • redhat-upgrade-samba3x-swat
  • redhat-upgrade-samba3x-winbind
  • redhat-upgrade-samba3x-winbind-devel

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;