openchange-2.3-27.el8, samba-4.13.3-3.el8
エラータID: AXSA:2021-2082:01
リリース日:
2021/06/25 Friday - 08:39
題名:
openchange-2.3-27.el8, samba-4.13.3-3.el8
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- samba にはファイルやディレクトリのパーミッションを処理する方法に欠陥があり、認証
されたユーザーがこの欠陥を用いて、攻撃者には利用できないファイルやディレクトリ情報
へのアクセス権が取得される脆弱性があります。(CVE-2020-14318)
- sambaの Winbind サービスには NULL ポインタデリファレンス の問題があり、ローカル
ユーザーによりサービス拒否の原因となる、Winbind サービスのクラッシュを引き起こされる
脆弱性があります。(CVE-2020-14323)
- openchange や samba には Netlogon リモートプロトコル (MS-NRPC) 使用時に、攻撃者が
脆弱な Netlogon セキュアチャンネルとドメインコントローラーの接続を確立した際に、特権
が昇格する脆弱性があります。(CVE-2020-1472)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2020-14318
A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be unavailable to the attacker.
A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be unavailable to the attacker.
CVE-2020-14323
A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1. A local user could use this flaw to crash the winbind service causing denial of service.
A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1. A local user could use this flaw to crash the winbind service causing denial of service.
CVE-2020-1472
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka 'Netlogon Elevation of Privilege Vulnerability'.
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka 'Netlogon Elevation of Privilege Vulnerability'.
追加情報:
N/A
ダウンロード:
SRPMS
- openchange-2.3-27.el8.src.rpm
MD5: e0a9ec5758306ea3c3f3623d246d4551
SHA-256: 0c1fe73f860f8007860a1c2eabfd3d52ecee26a85e44d756671939202c43c33b
Size: 2.04 MB - samba-4.13.3-3.el8.src.rpm
MD5: 2205d1c2e5f149b246ee8d11d4fbd899
SHA-256: 263ba58a8538cb85718511db6d00d01df57b8d7ab5d3a657fc8a202175aa015d
Size: 11.61 MB
Asianux Server 8 for x86_64
- openchange-2.3-27.el8.x86_64.rpm
MD5: 3e929eac9c64796d791d62edde526ad4
SHA-256: d0488f57b24faa6657080a1082e72efebd00ba82a0b06ac30a459f6a67cc469b
Size: 492.44 kB - ctdb-4.13.3-3.el8.x86_64.rpm
MD5: 66b20933d5ce5f900df5550b9616a583
SHA-256: a265ebf19f1e422a1ee8b4ea3d20fdc6f0ea4d323f2aeaac192e95d932c16eeb
Size: 766.44 kB - ctdb-tests-4.13.3-3.el8.x86_64.rpm
MD5: 53983f1332526181ad45f9cf6322abc2
SHA-256: b3f849af9109f8a5509295a76b24f1e37085d635162e110c778c61d2b27fad9b
Size: 1.36 MB - libsmbclient-4.13.3-3.el8.x86_64.rpm
MD5: 5fbf983fab7054a8352184928f3e5f72
SHA-256: 189526630984ae67b4dd8f4408955b8f925a125fb1be94e35f93c178a8d26445
Size: 144.91 kB - libwbclient-4.13.3-3.el8.x86_64.rpm
MD5: 1132a772b860e5030260bac27dfa48af
SHA-256: b65002be3f4da24d32f19206236e549cc09404f27088c8b33156cc48be1b33aa
Size: 118.30 kB - python3-samba-4.13.3-3.el8.x86_64.rpm
MD5: 224662aca33c83282ac04f4e9cb51487
SHA-256: 7f63ccc14224cdf8ebe8cf5e044d6f8fd2d315c56fccf5fde3207dfb9ca536b4
Size: 3.14 MB - python3-samba-test-4.13.3-3.el8.x86_64.rpm
MD5: fcb7750ea1a78ef608d90da8730216e9
SHA-256: 3a79e7b171a38bfb0d4de28bb022ee06b88d6252638d194e0e2604837361a47d
Size: 743.91 kB - samba-4.13.3-3.el8.x86_64.rpm
MD5: da790d884d48195b59f5ac736e02c8de
SHA-256: f8bbac3d282c4930d5ba1dbac806d9f69aaffbc159005fcb250ae439107693ce
Size: 844.48 kB - samba-client-4.13.3-3.el8.x86_64.rpm
MD5: 3593bfd05f0ceca3c8c6fa770757f0e4
SHA-256: b7aab96061f9b2fe8927de33ebda15630c47a1558e8185fab1c347a3301a6c72
Size: 695.82 kB - samba-client-libs-4.13.3-3.el8.x86_64.rpm
MD5: 7e068704f3559811efcfbfc766c508c4
SHA-256: a23dd696d6d1411f4a3f098e34c2d3cd6878cb205f7d0a2d8328e9beea09d738
Size: 5.38 MB - samba-common-4.13.3-3.el8.noarch.rpm
MD5: 9b094414c1b23f692fa08c1deca1bc5d
SHA-256: ae71b7f815169f5c3dacd39e5c0661ab38f3a49200d9b3a19243b56b277c8e37
Size: 216.77 kB - samba-common-libs-4.13.3-3.el8.x86_64.rpm
MD5: e1b232a6ff7d0f9fc7f9e0d81bcaba20
SHA-256: 2d6a97c73bec3a7fd92865c15d4ba244eeb83c152ae7c90aa2a9ef794efc094c
Size: 170.46 kB - samba-common-tools-4.13.3-3.el8.x86_64.rpm
MD5: c73631ab2a34cb2eff4cee61ef562c4f
SHA-256: d39f3ea983afd8c2274aec819715387292ff4c7d5aa3239c915419ff1b65b43e
Size: 496.86 kB - samba-krb5-printing-4.13.3-3.el8.x86_64.rpm
MD5: bea72e3ac8a03d6d3af4afe7ac047194
SHA-256: f007ef2e11c2d44ef1b11abe1896160522902c667b7d6aba59212f309cb3d5b0
Size: 96.01 kB - samba-libs-4.13.3-3.el8.x86_64.rpm
MD5: 0d6e77d05d3d48547e0352c810da9646
SHA-256: e9f7626555f094acde9a2f31ed9ddfbbdf1a65366e08434397b622c53a3e7954
Size: 166.35 kB - samba-pidl-4.13.3-3.el8.noarch.rpm
MD5: 3f9b3bbf29cef4d18b3bbe12bb0cec69
SHA-256: 06b5be8845c6e43723a2228b8de8c1063575e40936ec131daa8eff83617ce1f2
Size: 193.76 kB - samba-test-4.13.3-3.el8.x86_64.rpm
MD5: cda8ee8012c716737c3e011267491e32
SHA-256: f4a545835ba76786aa331429788ae0ed8677c67da82d5c3da82c4f4a55969760
Size: 1.98 MB - samba-test-libs-4.13.3-3.el8.x86_64.rpm
MD5: f91aa3bbacc7dbc4bc2f82994509b1e3
SHA-256: 1ba1eae5a968b69dc8ae3284c38dd8f177922f35f729bc38b4d6ec64b5f8f79d
Size: 114.39 kB - samba-winbind-4.13.3-3.el8.x86_64.rpm
MD5: 417be4d3839cb9fb4b3949db38405d0b
SHA-256: ad2c2bab4cda33bb332aba6e807bbe771a7b523490e160233bf8028bb09b52bd
Size: 553.15 kB - samba-winbind-clients-4.13.3-3.el8.x86_64.rpm
MD5: f07ddb7484a00517bf7a38b7d4e09955
SHA-256: d3bfaf90317a1b24810e572876a8555d9ac2659b4fc50f15af310099c72ece71
Size: 148.71 kB - samba-winbind-krb5-locator-4.13.3-3.el8.x86_64.rpm
MD5: a3c007765a97df5b011aca84b55d4da6
SHA-256: 51695d1b114171bd32b256330e33675f775942fa175076e7f92635217493aa07
Size: 95.33 kB - samba-winbind-modules-4.13.3-3.el8.x86_64.rpm
MD5: d48dce75b2ee94b6b46584c1233a54cd
SHA-256: d6498ce9b3fb05594bccc4ffeafb6503f979fbd5d9805ec6dbb9ad8ac66cd7a6
Size: 124.67 kB - samba-winexe-4.13.3-3.el8.x86_64.rpm
MD5: 1e053232934dd28f96611869c88c5b7d
SHA-256: a53b51e29a011b933a928d1e32147783d6fccf91437ce250fc3813ac6d90821f
Size: 123.84 kB - openchange-2.3-27.el8.i686.rpm
MD5: 104c188006186622f895cac8d0f09566
SHA-256: 5a20b2b8685042629fdbc6beecec463d63b9c90b138958004003c9bb3c7aa039
Size: 533.82 kB - libsmbclient-4.13.3-3.el8.i686.rpm
MD5: 6e22272e884165637eb8709dbf1ec491
SHA-256: dd4d578a0556226acc8302f95a3c2635a1487e0a6ba50bb565f7bdab47c9becb
Size: 150.26 kB - libwbclient-4.13.3-3.el8.i686.rpm
MD5: af4d6f3b3e424cfb6af71dde56ae5dc5
SHA-256: 963ad6e20bd6317f96bbf83d03a8cef43eaea73724b024357d3eeafffd8833cf
Size: 121.20 kB - python3-samba-4.13.3-3.el8.i686.rpm
MD5: 0c7b46f6f9003a3c035322dbbe97882f
SHA-256: 57321245dd4378247e659c574838c1c62ab1c2f5249a25f7178d76fb22586a77
Size: 3.02 MB - samba-client-libs-4.13.3-3.el8.i686.rpm
MD5: 7e6ed22ddbf56b4ca5d30d9d12729d4c
SHA-256: 9e248bfc838241ef1fb33248191ac4c4f3b2255bc9d1255f9aab2ab9fe9cb6fb
Size: 5.79 MB - samba-libs-4.13.3-3.el8.i686.rpm
MD5: 8b5549e339a1eade834bd07699f9135a
SHA-256: 69f09f19af8eb7d2dfa6e555c400526577a51fbf247b8d82088c91f5cc1cfd57
Size: 172.05 kB - samba-winbind-modules-4.13.3-3.el8.i686.rpm
MD5: 30fc20655a01af0743d6b27034ec57b4
SHA-256: a263a0df009f77560af46686d37861a125183d399c51aa343f0ca8b4648360e9
Size: 126.01 kB
English