Web lists-archives.com

Re: [Samba] [Announce] Samba 4.7.6, 4.6.14 and 4.5.16 Security Releases Available for Download




Under what conditions are "server services = -ldap" an acceptable
workaround? would it work with a standalone AD with file sharing done
by other Samba servers?


On Tue, Mar 13, 2018 at 5:20 AM, Karolin Seeger via samba-technical
<samba-technical@xxxxxxxxxxxxxxx> wrote:
> Release Announcements
> ---------------------
>
> These are security release in order to address the following defects:
>
> o  CVE-2018-1050 (Denial of Service Attack on external print server.)
> o  CVE-2018-1057 (Authenticated users can change other users' password.)
>
>
> =======
> Details
> =======
>
> o  CVE-2018-1050:
>    All versions of Samba from 4.0.0 onwards are vulnerable to a denial of
>    service attack when the RPC spoolss service is configured to be run as
>    an external daemon. Missing input sanitization checks on some of the
>    input parameters to spoolss RPC calls could cause the print spooler
>    service to crash.
>
>    There is no known vulnerability associated with this error, merely a
>    denial of service. If the RPC spoolss service is left by default as an
>    internal service, all a client can do is crash its own authenticated
>    connection.
>
> o  CVE-2018-1057:
>    On a Samba 4 AD DC the LDAP server in all versions of Samba from
>    4.0.0 onwards incorrectly validates permissions to modify passwords
>    over LDAP allowing authenticated users to change any other users'
>    passwords, including administrative users.
>
>    Possible workarounds are described at a dedicated page in the Samba wiki:
>    https://wiki.samba.org/index.php/CVE-2018-1057
>
>
> Changes:
> --------
>
> o  Jeremy Allison <jra@xxxxxxxxx>
>    * BUG 11343: CVE-2018-1050: Codenomicon crashes in spoolss server code.
>
> o  Ralph Boehme <slow@xxxxxxxxx>
>    * BUG 13272: CVE-2018-1057: Unprivileged user can change any user (and admin)
>      password.
>
> o  Stefan Metzmacher <metze@xxxxxxxxx>
>    * BUG 13272: CVE-2018-1057: Unprivileged user can change any user (and admin)
>      password.
>
>
> #######################################
> Reporting bugs & Development Discussion
> #######################################
>
> Please discuss this release on the samba-technical mailing list or by
> joining the #samba-technical IRC channel on irc.freenode.net.
>
> If you do report problems then please try to send high quality
> feedback. If you don't provide vital information to help us track down
> the problem then you will probably be ignored.  All bug reports should
> be filed under the "Samba 4.1 and newer" product in the project's Bugzilla
> database (https://bugzilla.samba.org/).
>
>
> ======================================================================
> == Our Code, Our Bugs, Our Responsibility.
> == The Samba Team
> ======================================================================
>
>
>
> ================
> Download Details
> ================
>
> The uncompressed tarballs and patch files have been signed
> using GnuPG (ID 6F33915B6568B7EA).  The source code can be downloaded
> from:
>
>         https://download.samba.org/pub/samba/stable/
>
> The release notes are available online at:
>
>         https://www.samba.org/samba/history/samba-4.7.6.html
>         https://www.samba.org/samba/history/samba-4.6.14.html
>         https://www.samba.org/samba/history/samba-4.5.16.html
>
> Our Code, Our Bugs, Our Responsibility.
> (https://bugzilla.samba.org/)
>
>                         --Enjoy
>                         The Samba Team

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba