1. Ubuntu Security Notices
  2. USN-2054-1

USN-2054-1: Samba vulnerabilities

Publication date

11 December 2013

Overview

Several security issues were fixed in Samba.

Releases

Packages

  • samba - SMB/CIFS file, print, and login server for Unix

Details

It was discovered that Winbind incorrectly handled invalid group names with
the require_membership_of parameter. If an administrator used an invalid
group name by mistake, access was granted instead of having the login fail.
(CVE-2012-6150)

Stefan Metzmacher and Michael Adam discovered that Samba incorrectly
handled DCE-RPC fragment length fields. A remote attacker could use this
issue to cause Samba to crash, resulting in a denial of service, or
possibly execute arbitrary code as the root user. (CVE-2013-4408)

Hemanth Thummala discovered that Samba incorrectly handled file
permissions when vfs_streams_depot or vfs_streams_xattr were enabled. A
remote attacker could use this issue to bypass intended restrictions.
(CVE-2013-4475)

It was discovered that Winbind incorrectly handled invalid group names with
the require_membership_of parameter. If an administrator used an invalid
group name by mistake, access was granted instead of having the login fail.
(CVE-2012-6150)

Stefan Metzmacher and Michael Adam discovered that Samba incorrectly
handled DCE-RPC fragment length fields. A remote attacker could use this
issue to cause Samba to crash, resulting in a denial of service, or
possibly execute arbitrary code as the root user. (CVE-2013-4408)

Hemanth Thummala discovered that Samba incorrectly handled file
permissions when vfs_streams_depot or vfs_streams_xattr were enabled. A
remote attacker could use this issue to bypass intended restrictions.
(CVE-2013-4475)

Update instructions

In general, a standard system update will make all the necessary changes.

Learn more about how to get the fixes.

The problem can be corrected by updating your system to the following package versions:

Ubuntu Release Package Version
13.10 saucy samba –  2:3.6.18-1ubuntu3.1
libpam-winbind –  2:3.6.18-1ubuntu3.1
13.04 raring samba –  2:3.6.9-1ubuntu1.2
libpam-winbind –  2:3.6.9-1ubuntu1.2
12.10 quantal samba –  2:3.6.6-3ubuntu5.3
libpam-winbind –  2:3.6.6-3ubuntu5.3
12.04 precise samba –  2:3.6.3-2ubuntu2.9
libpam-winbind –  2:3.6.3-2ubuntu2.9
10.04 lucid winbind –  2:3.4.7~dfsg-1ubuntu3.13
samba –  2:3.4.7~dfsg-1ubuntu3.13

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.

Get Ubuntu Pro

References

Have additional questions?

Talk to a member of the team ›