Home / mailings [USN-2950-5] Samba regression
Posted on 25 May 2016
Ubuntu Security==========================
==========================
========================
Ubuntu Security Notice USN-2950-5
May 25, 2016
samba regression
==========================
==========================
========================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
- Ubuntu 15.10
- Ubuntu 14.04 LTS
Summary:
USN-2950-1 introduced a regression in Samba.
Software Description:
- samba: SMB/CIFS file, print, and login server for Unix
Details:
USN-2950-1 fixed vulnerabilities in Samba. USN-2950-3 updated Samba to
version 4.3.9, which introduced a regression when using the ntlm_auth too=
l.
This update fixes the problem.
Original advisory details:
Jouni Knuutinen discovered that Samba contained multiple flaws in the
DCE/RPC implementation. A remote attacker could use this issue to perfor=
m
a denial of service, downgrade secure connections by performing a man in=
the middle attack, or possibly execute arbitrary code. (CVE-2015-5370)
Stefan Metzmacher discovered that Samba contained multiple flaws in the=
NTLMSSP authentication implementation. A remote attacker could use this
issue to downgrade connections to plain text by performing a man in the
middle attack. (CVE-2016-2110)
Alberto Solino discovered that a Samba domain controller would establis=
h a
secure connection to a server with a spoofed computer name. A remote
attacker could use this issue to obtain sensitive information.
(CVE-2016-2111)
Stefan Metzmacher discovered that the Samba LDAP implementation did not=
enforce integrity protection. A remote attacker could use this issue to
hijack LDAP connections by performing a man in the middle attack.
(CVE-2016-2112)
Stefan Metzmacher discovered that Samba did not validate TLS certificat=
es.
A remote attacker could use this issue to spoof a Samba server.
(CVE-2016-2113)
Stefan Metzmacher discovered that Samba did not enforce SMB signing eve=
n if
configured to. A remote attacker could use this issue to perform a man i=
n
the middle attack. (CVE-2016-2114)
Stefan Metzmacher discovered that Samba did not enable integrity protec=
tion
for IPC traffic. A remote attacker could use this issue to perform a man=
in
the middle attack. (CVE-2016-2115)
Stefan Metzmacher discovered that Samba incorrectly handled the MS-SAMR=
and
MS-LSAD protocols. A remote attacker could use this flaw with a man in t=
he
middle attack to impersonate users and obtain sensitive information from=
the Security Account Manager database. This flaw is known as Badlock.
(CVE-2016-2118)
Samba has been updated to 4.3.8 in Ubuntu 14.04 LTS and Ubuntu 15.10.
Ubuntu 12.04 LTS has been updated to 3.6.25 with backported security fix=
es.
In addition to security fixes, the updated packages contain bug fixes,
new features, and possibly incompatible changes. Configuration changes m=
ay
be required in certain environments.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 LTS:
samba 2:4.3.9+dfsg-0ubuntu0.16.04.2
Ubuntu 15.10:
samba 2:4.3.9+dfsg-0ubuntu0.15.10.2
Ubuntu 14.04 LTS:
samba 2:4.3.9+dfsg-0ubuntu0.14.04.3
In general, a standard system update will make all the necessary changes.=
References:
http://www.ubuntu.com/usn/usn-2950-5
http://www.ubuntu.com/usn/usn-2950-1
https://launchpad.net/bugs/1578576
Package Information:
https://launchpad.net/ubuntu/+source/samba/2:4.3.9+dfsg-0ubuntu0.16.04.=
2
https://launchpad.net/ubuntu/+source/samba/2:4.3.9+dfsg-0ubuntu0.15.10.=
2
https://launchpad.net/ubuntu/+source/samba/2:4.3.9+dfsg-0ubuntu0.14.04.=
3
