samba4-4.2.10-7.AXS4
エラータID: AXSA:2016-577:04
リリース日:
2016/07/28 Thursday - 19:00
題名:
samba4-4.2.10-7.AXS4
影響のあるチャネル:
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity:
Moderate
Description:
[修正内容]
以下項目について対処しました。
[Security Fix]
- Samba の libcli/smb/smbXcli_base.c には、(1) SMB2_SESSION_FLAG_IS_GUEST あるいは (2) SMB2_SESSION_FLAG_IS_NULL フラグを介して、中間者攻撃を行う攻撃者が、クライアント署名の保護メカニズムを回避し、SMB2 と SMB3 サーバになりすます脆弱性があります。 (CVE-2016-2119)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2016-2119
libcli/smb/smbXcli_base.c in Samba 4.x before 4.2.14, 4.3.x before 4.3.11, and 4.4.x before 4.4.5 allows man-in-the-middle attackers to bypass a client-signing protection mechanism, and consequently spoof SMB2 and SMB3 servers, via the (1) SMB2_SESSION_FLAG_IS_GUEST or (2) SMB2_SESSION_FLAG_IS_NULL flag.
libcli/smb/smbXcli_base.c in Samba 4.x before 4.2.14, 4.3.x before 4.3.11, and 4.4.x before 4.4.5 allows man-in-the-middle attackers to bypass a client-signing protection mechanism, and consequently spoof SMB2 and SMB3 servers, via the (1) SMB2_SESSION_FLAG_IS_GUEST or (2) SMB2_SESSION_FLAG_IS_NULL flag.
追加情報:
N/A
ダウンロード:
SRPMS
- samba4-4.2.10-7.AXS4.src.rpm
MD5: 91b2816a407244237156b658af6702bf
SHA-256: cc0a45a7e6626c3ccbe8e96c5d7987974665841097a50017ab3318654fb939ee
Size: 16.04 MB
Asianux Server 4 for x86
- samba4-4.2.10-7.AXS4.i686.rpm
MD5: c3d7d2e16b4af3144961dc2bbd6cfb6c
SHA-256: a8a48139615684d5c44652633e6ca76eedf425638ab3c8b8700e77e302d80644
Size: 425.68 kB - samba4-client-4.2.10-7.AXS4.i686.rpm
MD5: cf229b251a8fee5912b9c433b9ce0b13
SHA-256: 1d995de3b477e4441ad4f6754235025f0239763fbd02be2984c72ab4b4d931c4
Size: 411.45 kB - samba4-common-4.2.10-7.AXS4.i686.rpm
MD5: 9b4f0a0ad9d93a689c7428824f549bfc
SHA-256: 9f2f4edc14e134fc29ac975c89e6252782777f905460608325c10f9ab51ac61f
Size: 652.73 kB - samba4-dc-4.2.10-7.AXS4.i686.rpm
MD5: 31cb8b445d3415a525142e1df829e179
SHA-256: f9c2b052634ab517bbbe262452e163e9dfe77bd5a1c78398a3013b50cac874b0
Size: 14.21 kB - samba4-dc-libs-4.2.10-7.AXS4.i686.rpm
MD5: 0fddc77213c0566e45c49f7261729f24
SHA-256: 19335b91978afdf703c203d63e4707ce6c4ed79b04c8ddd252caa0bdd68e5e68
Size: 14.24 kB - samba4-devel-4.2.10-7.AXS4.i686.rpm
MD5: 5b4abdc73ddea3663225cbfe45910a62
SHA-256: 129ecec12e4c6ce327bf99ab6155ea89f2fa31dd14869c6abe88c9b972c1a782
Size: 315.88 kB - samba4-libs-4.2.10-7.AXS4.i686.rpm
MD5: a3f1997e24bcbe187eff9eb92409c205
SHA-256: 0d01d074788f28a72853b314b3c849e5c3184fbe762b5c5ebd4f073b4ebad453
Size: 4.42 MB - samba4-pidl-4.2.10-7.AXS4.i686.rpm
MD5: c17eda778ac7ae2302e0745a80392928
SHA-256: 7d3e03fdde0bbcaa668efa8d8d119cd8856640bfbcf3e174c92bca0937ad09b1
Size: 110.33 kB - samba4-python-4.2.10-7.AXS4.i686.rpm
MD5: 1b8f2879111a0ff1a9ec98ee78f5ca1a
SHA-256: c6cdfc96f6a97dfed5eca58c9eaa84d6f14bd091bc9b138f3ab44226e507f8d3
Size: 1.87 MB - samba4-test-4.2.10-7.AXS4.i686.rpm
MD5: 6c44152e6b0524014b55abf7adebcd65
SHA-256: 7016032f982a2fc52054cf0d5c21716ede0fe0da016aeb0ea8618e59d402a3cc
Size: 1.53 MB - samba4-winbind-4.2.10-7.AXS4.i686.rpm
MD5: 9db73ed3d984e8b88e6277e2ea79fc3c
SHA-256: 48e17c4e8e22c604b0c99c5e3b310db484ceb91cec4ec6b35515f07edcd12f0c
Size: 404.98 kB - samba4-winbind-clients-4.2.10-7.AXS4.i686.rpm
MD5: ae8ddac397ee92c6e10eaf80c5f6d23d
SHA-256: 01e88f6b7599880aee6cb3f0551cf6a9c751e81226f15a9738f6d2753798de69
Size: 90.58 kB - samba4-winbind-krb5-locator-4.2.10-7.AXS4.i686.rpm
MD5: 204f727d8d418ea854b1bbae574c301d
SHA-256: 376d33dfd4b391cf2e4ae28586c733ebc69f68ec86ee5e8980a9709a3b18747c
Size: 18.68 kB
Asianux Server 4 for x86_64
- samba4-4.2.10-7.AXS4.x86_64.rpm
MD5: dc7600d3b56a5983b0c2437913bfddc8
SHA-256: 4613a31d531246edad1c5f9b30448344e7eff11a67fab3149d02a93c0743f6db
Size: 426.02 kB - samba4-client-4.2.10-7.AXS4.x86_64.rpm
MD5: a0de2db8563fa5f490c7b4172ae9774e
SHA-256: 40ebcb84e5a59738134d58600ae2045a85a29830e813d772b84dd7fbe285a436
Size: 404.46 kB - samba4-common-4.2.10-7.AXS4.x86_64.rpm
MD5: 6a14d3dc298ef6ba8bc14feb6b759641
SHA-256: b801a5c1e808a62508a2df87bbe10f3f2a5cfd82dad018667dc2654fabd37278
Size: 644.49 kB - samba4-dc-4.2.10-7.AXS4.x86_64.rpm
MD5: 63baf735782fb66e92cec2ba816ef669
SHA-256: 3f30c5f49f9421462e80a7dbb07ce661f7768c3b5e8cce031ac988487992cf1f
Size: 13.76 kB - samba4-dc-libs-4.2.10-7.AXS4.x86_64.rpm
MD5: 755f1681370e64127aa79545487bbbbb
SHA-256: 167eed92049b09f97dcb3fd1a3350ad7b287454b129fb12ebd6e1e96d49c3c74
Size: 13.79 kB - samba4-devel-4.2.10-7.AXS4.x86_64.rpm
MD5: f9696ec676d7765a7e542623a252854c
SHA-256: 47aa8c2521f2d56880ae4c9f6b14616bfda7c652b743c265677974043e34068a
Size: 315.59 kB - samba4-libs-4.2.10-7.AXS4.x86_64.rpm
MD5: 5ab380f26efab3d7e3d479bdd047e1a6
SHA-256: 71ae138962ef8b7854467db123b69ff45fbf5c946816a584fb6fe52563b79e19
Size: 4.35 MB - samba4-pidl-4.2.10-7.AXS4.x86_64.rpm
MD5: ba92f31db4e3a8f180f43f4e9678f16d
SHA-256: 3c4eef92b28353b4ae0fd29d1afe0a382a5f158e5c9afd0716eca402048bd22f
Size: 109.89 kB - samba4-python-4.2.10-7.AXS4.x86_64.rpm
MD5: e795effaa1776ee1e973cf4f0cf6036e
SHA-256: 01490cf2fb434258dbf8644e89fcad2b8465a33a826ff7336ed768082f6153c7
Size: 1.92 MB - samba4-test-4.2.10-7.AXS4.x86_64.rpm
MD5: 3fc85a448f07b5aff4700552c2812b22
SHA-256: 5331906e008860eae16828094e1e8341ea814f69c0179671a9c00ceb8bbaf200
Size: 1.45 MB - samba4-winbind-4.2.10-7.AXS4.x86_64.rpm
MD5: 1cf093002decf2e0f43e3318d7792903
SHA-256: 18e863525bf433ded9905872b09d9e1e5a4fcbd7b574a48adbd1a993f409ad15
Size: 394.17 kB - samba4-winbind-clients-4.2.10-7.AXS4.x86_64.rpm
MD5: 5512f6cd585f4f65fb4ccb2fdfec29f6
SHA-256: 82fec4a6521c309276813f621ae06c0595719ecd86ac3a107a7426ce9ff246e3
Size: 91.32 kB - samba4-winbind-krb5-locator-4.2.10-7.AXS4.x86_64.rpm
MD5: e7485c4465cd88b174b1b54077fa0237
SHA-256: ca479ccb837dbba9e60725c512c67527b3ceaa04944bd26cf429ffa6b94358b7
Size: 18.34 kB