samba-3.6.9-169.AXS4.0.1
エラータID: AXSA:2014-443:03
リリース日:
2014/07/11 Friday - 21:13
題名:
samba-3.6.9-169.AXS4.0.1
影響のあるチャネル:
Asianux Server 4 for x86
Asianux Server 4 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- Samba の nmbd の sys_recvfrom 関数には,不正な UDP パケットによって,リモートの攻撃者がサービス拒否 (無限ループと CPU 消費) を引き起こす脆弱性があります。 (CVE-2014-0244)
- Samba の smbd の push_ascii 関数には,ユニコードの使用を指定せずにユニコードのパス名を読み込むことによって,リモートの認証されたユーザがサービス拒否 (メモリ破壊とデーモンのクラッシュ) を引き起こす脆弱性があります。(CVE-2014-3493)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2014-0244
The sys_recvfrom function in nmbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed UDP packet.
The sys_recvfrom function in nmbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed UDP packet.
CVE-2014-3493
The push_ascii function in smbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote authenticated users to cause a denial of service (memory corruption and daemon crash) via an attempt to read a Unicode pathname without specifying use of Unicode, leading to a character-set conversion failure that triggers an invalid pointer dereference.
The push_ascii function in smbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote authenticated users to cause a denial of service (memory corruption and daemon crash) via an attempt to read a Unicode pathname without specifying use of Unicode, leading to a character-set conversion failure that triggers an invalid pointer dereference.
追加情報:
N/A
ダウンロード:
SRPMS
- samba-3.6.9-169.AXS4.0.1.src.rpm
MD5: 83e9cfe681b7be6d5b0e03cd90f661dc
SHA-256: 9379c4e56bb54e68928b2acc429d57f34650695b3ee07a076cd42c38f3980547
Size: 28.15 MB
Asianux Server 4 for x86
- libsmbclient-3.6.9-169.AXS4.0.1.i686.rpm
MD5: 86cff725cba90eb018bdaf0571b5eb26
SHA-256: e45f7a77efebf792bcad6141c0b8733abf79eff5e11c312af466d50de4a3115b
Size: 1.56 MB - samba-3.6.9-169.AXS4.0.1.i686.rpm
MD5: 28954155cefb67e6a93525ed8ed2a07a
SHA-256: 2170197344c47d8be33ffbf58f8a3be76ee1380fb60e1174cff1e44091983c92
Size: 5.02 MB - samba-client-3.6.9-169.AXS4.0.1.i686.rpm
MD5: cacf803d539606bf6a0bc1234470466b
SHA-256: c50fb11031100e0b55eb4b0ef4923fa732f1e8a278c4b359b433d35cd88312ae
Size: 10.67 MB - samba-common-3.6.9-169.AXS4.0.1.i686.rpm
MD5: b74b9247f91314ece89e673866e89f22
SHA-256: 5063995074293b976bdd3d2e0947d5fc4101b0ae976bdc93c0afe470a632d4eb
Size: 9.92 MB - samba-winbind-3.6.9-169.AXS4.0.1.i686.rpm
MD5: 40d51aa0d085eb618641dbf76dd7b9fe
SHA-256: 4c87fcb18ad7152f8fac0ae4daffd584389f30ea4e60164d6a98790f032c8ba8
Size: 2.17 MB - samba-winbind-clients-3.6.9-169.AXS4.0.1.i686.rpm
MD5: d0553a902a7a9a13a2013781a516a364
SHA-256: 93df954d35a01e396c9cc4096d83b9e991e3c264fba9faea0bd699518fd07cd9
Size: 1.98 MB
Asianux Server 4 for x86_64
- libsmbclient-3.6.9-169.AXS4.0.1.x86_64.rpm
MD5: aae5978d861c420d16382b244128fa22
SHA-256: a253bf4668c0feb76535e12167b65e8889976e6df10496d45aa34b5fc583fd1e
Size: 1.58 MB - samba-3.6.9-169.AXS4.0.1.x86_64.rpm
MD5: 5f11131ee68edd851118ef9bc8e14260
SHA-256: 46d704a49f4af03591617dbcccd28d417386b09d5640ac012e436accf56f6f5d
Size: 5.01 MB - samba-client-3.6.9-169.AXS4.0.1.x86_64.rpm
MD5: e08c073389d1ebd4fd6c97f18a5acc05
SHA-256: cefb23d9b941338aef2930ed06bff53906c25c967ceb86541dc178487b6a2c7d
Size: 10.76 MB - samba-common-3.6.9-169.AXS4.0.1.x86_64.rpm
MD5: 9c2ae0d3b4ef4a9528d6aee3deeab6c6
SHA-256: b812afeaa189a696f0814cc6a62db6ba5b5156da3f34b36c3a4a343531f08770
Size: 9.96 MB - samba-winbind-3.6.9-169.AXS4.0.1.x86_64.rpm
MD5: 7e903d875d58b00a7693c87c42faf844
SHA-256: dbcf69bf505939619275bd17c76c35ab770c1160f8d3110bc289e469df26efb4
Size: 2.17 MB - samba-winbind-clients-3.6.9-169.AXS4.0.1.x86_64.rpm
MD5: 34a697927a1ede4345ef0b810c8bad55
SHA-256: bcdfdc9eb4fdebfdb1b75c1f5c39a5c6493e8a858441096d72781afa266f76c4
Size: 1.99 MB - libsmbclient-3.6.9-169.AXS4.0.1.i686.rpm
MD5: 86cff725cba90eb018bdaf0571b5eb26
SHA-256: e45f7a77efebf792bcad6141c0b8733abf79eff5e11c312af466d50de4a3115b
Size: 1.56 MB - samba-common-3.6.9-169.AXS4.0.1.i686.rpm
MD5: b74b9247f91314ece89e673866e89f22
SHA-256: 5063995074293b976bdd3d2e0947d5fc4101b0ae976bdc93c0afe470a632d4eb
Size: 9.92 MB - samba-winbind-clients-3.6.9-169.AXS4.0.1.i686.rpm
MD5: d0553a902a7a9a13a2013781a516a364
SHA-256: 93df954d35a01e396c9cc4096d83b9e991e3c264fba9faea0bd699518fd07cd9
Size: 1.98 MB