CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
99.9%
CentOS Errata and Security Advisory CESA-2017:1270
Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information.
Security Fix(es):
Red Hat would like to thank the Samba project for reporting this issue. Upstream acknowledges steelo as the original reporter.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2017-May/084581.html
https://lists.centos.org/pipermail/centos-announce/2017-May/084582.html
Affected packages:
ctdb
ctdb-tests
libsmbclient
libsmbclient-devel
libwbclient
libwbclient-devel
samba
samba-client
samba-client-libs
samba-common
samba-common-libs
samba-common-tools
samba-dc
samba-dc-libs
samba-devel
samba-doc
samba-domainjoin-gui
samba-glusterfs
samba-krb5-printing
samba-libs
samba-pidl
samba-python
samba-swat
samba-test
samba-test-libs
samba-vfs-glusterfs
samba-winbind
samba-winbind-clients
samba-winbind-devel
samba-winbind-krb5-locator
samba-winbind-modules
Upstream details at:
https://access.redhat.com/errata/RHSA-2017:1270
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 6 | i686 | libsmbclient | < 3.6.23-43.el6_9 | libsmbclient-3.6.23-43.el6_9.i686.rpm |
CentOS | 6 | i686 | libsmbclient-devel | < 3.6.23-43.el6_9 | libsmbclient-devel-3.6.23-43.el6_9.i686.rpm |
CentOS | 6 | i686 | samba | < 3.6.23-43.el6_9 | samba-3.6.23-43.el6_9.i686.rpm |
CentOS | 6 | i686 | samba-client | < 3.6.23-43.el6_9 | samba-client-3.6.23-43.el6_9.i686.rpm |
CentOS | 6 | i686 | samba-common | < 3.6.23-43.el6_9 | samba-common-3.6.23-43.el6_9.i686.rpm |
CentOS | 6 | i686 | samba-doc | < 3.6.23-43.el6_9 | samba-doc-3.6.23-43.el6_9.i686.rpm |
CentOS | 6 | i686 | samba-domainjoin-gui | < 3.6.23-43.el6_9 | samba-domainjoin-gui-3.6.23-43.el6_9.i686.rpm |
CentOS | 6 | i686 | samba-swat | < 3.6.23-43.el6_9 | samba-swat-3.6.23-43.el6_9.i686.rpm |
CentOS | 6 | i686 | samba-winbind | < 3.6.23-43.el6_9 | samba-winbind-3.6.23-43.el6_9.i686.rpm |
CentOS | 6 | i686 | samba-winbind-clients | < 3.6.23-43.el6_9 | samba-winbind-clients-3.6.23-43.el6_9.i686.rpm |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
99.9%