Re: [Samba] Error running CVE-2018-1057_helper on 4.5
- Date: Wed, 14 Mar 2018 10:31:43 +0100
- From: Denis Cardon via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] Error running CVE-2018-1057_helper on 4.5
I tried to run this script on a system running 4.5.15 built from source
under Ubuntu 16.04, but I get the following exception:
Temporarily overriding 'dsdb:schema update allowed' setting
Traceback (most recent call last):
File "./samba_CVE-2018-1057_helper", line 139, in <module>
line 40, in modify_sd_on_dn
m.dn = Dn(self.ldb, object_dn)
TypeError: argument 2 must be string, not ldb.Dn
A transaction is still active in ldb context [0x2337ea0] on
I tried doing "kinit Administrator" and then repeating, but that didn't
change the error.
you don't need to kinit. The script directly goes to ldb files.
The script is ok for 4.7 but there is a small fix to make it run for
earlier Samba version, cf. the diff in attachment.
I see samba 4.8.0 was released yesterday, which means 4.5.x technically
dropped out of support yesterday too:
the fix for this security flaw has been backport from 4.8 to 4.3, so yes
4.5 can be patched. But I would advise you to use the mitigation script
first and prepare and update to 4.7.6 in the coming weeks because, like
you said, 4.5 won't get any feature fixes from upstream anymore since
4.8 is out.
However, I also note that a security patch was released for 4.5.15:
Obviously I will have to proceed with the underlying patching and/or
upgrading of Samba. But if anyone can help me get the short-term fix
working for 4.5, that would be a useful stop-gap.
Tranquil IT Systems
Les Espaces Jules Verne, bâtiment A
12 avenue Jules Verne
44230 Saint Sébastien sur Loire
tel : +33 (0) 184.108.40.206.55
Samba install wiki for Frenchies : https://dev.tranquil.it
WAPT, software deployment made easy : https://wapt.fr
--- samba_CVE-2018-1057_helper.orig 2018-03-12 18:05:53.000000000 +0100
+++ samba_CVE-2018-1057_helper 2018-03-13 17:30:12.478546263 +0100
@@ -136,7 +136,8 @@ for msg in res:
operation = "Would modify"
if not opts.dry_run:
- sd_helper.modify_sd_on_dn(msg.dn, new_desc)
+ dn_string = str(msg.dn)
+ sd_helper.modify_sd_on_dn(dn_string, new_desc)
operation = "Modified"
print("%s change-password ACL right for world on: %s" % (
To unsubscribe from this list go to the following URL and read the