Lucene search
RedHatRHSA-2017:2338HistoryAug 01, 2017 - 6:33 a.m.
(RHSA-2017:2338) Moderate: samba security update
2017-08-0106:33:39
access.redhat.com
40
EPSS
0.015
Percentile
87.1%
Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information.
Security Fix(es):
-
A race condition was found in samba server. A malicious samba client could use this flaw to access files and directories, in areas of the server file system not exported under the share definitions. (CVE-2017-2619)
-
A flaw was found in the way Samba handled dangling symlinks. An authenticated malicious Samba client could use this flaw to cause the smbd daemon to enter an infinite loop and use an excessive amount of CPU and memory. (CVE-2017-9461)
Red Hat would like to thank the Samba project for reporting CVE-2017-2619. Upstream acknowledges Jann Horn (Google) as the original reporter of CVE-2017-2619.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 7 | x86_64 | samba-winbind-clients | < 4.6.3-4.el7rhgs | samba-winbind-clients-4.6.3-4.el7rhgs.x86_64.rpm |
| RedHat | 7 | x86_64 | ctdb | < 4.6.3-4.el7rhgs | ctdb-4.6.3-4.el7rhgs.x86_64.rpm |
| RedHat | 7 | x86_64 | libsmbclient | < 4.6.3-4.el7rhgs | libsmbclient-4.6.3-4.el7rhgs.x86_64.rpm |
| RedHat | 7 | x86_64 | samba-test | < 4.6.3-4.el7rhgs | samba-test-4.6.3-4.el7rhgs.x86_64.rpm |
| RedHat | 7 | x86_64 | samba-devel | < 4.6.3-4.el7rhgs | samba-devel-4.6.3-4.el7rhgs.x86_64.rpm |
| RedHat | 7 | x86_64 | samba-libs | < 4.6.3-4.el7rhgs | samba-libs-4.6.3-4.el7rhgs.x86_64.rpm |
| RedHat | 7 | x86_64 | samba-python | < 4.6.3-4.el7rhgs | samba-python-4.6.3-4.el7rhgs.x86_64.rpm |
| RedHat | 7 | x86_64 | libwbclient | < 4.6.3-4.el7rhgs | libwbclient-4.6.3-4.el7rhgs.x86_64.rpm |
| RedHat | 7 | x86_64 | samba-dc-libs | < 4.6.3-4.el7rhgs | samba-dc-libs-4.6.3-4.el7rhgs.x86_64.rpm |
| RedHat | 7 | x86_64 | samba-dc | < 4.6.3-4.el7rhgs | samba-dc-4.6.3-4.el7rhgs.x86_64.rpm |
Related
redhat
redhat
(RHSA-2017:2778) Moderate: samba security, bug fix, and enhancement update
2017-09-21 04:06:21
(RHSA-2017:1950) Low: samba security, bug fix, and enhancement update
2017-08-01 05:56:25
(RHSA-2017:2789) Moderate: samba security update
2017-09-21 09:33:11
nessus
nessus
RHEL 6 : Storage Server (RHSA-2017:2778)
2017-09-25 00:00:00
RHEL 7 : Red Hat Gluster Storage (RHSA-2017:2338)
2017-08-03 00:00:00
Ubuntu 14.04 LTS / 16.04 LTS : Samba vulnerability (USN-3348-1)
2017-07-06 00:00:00
oraclelinux
oraclelinux
samba security, bug fix, and enhancement update
2017-08-07 00:00:00
samba security and bug fix update
2017-05-22 00:00:00
samba security update
2017-09-26 00:00:00
openvas
openvas
Samba 'fd_open_atomic infinite loop' Denial-of-Service Vulnerability
2017-06-07 00:00:00
RedHat Update for samba RHSA-2017:1950-01
2017-08-04 00:00:00
Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2017-1220)
2020-01-23 00:00:00
centos
centos
ctdb, libsmbclient, libwbclient, samba security update
2017-08-24 01:41:27
ctdb, libsmbclient, libwbclient, samba security update
2017-05-22 16:26:22
libsmbclient, samba security update
2017-09-21 14:43:52
nvd
nvd
CVE-2017-9461
2017-06-06 21:29:00
CVE-2017-2619
2018-03-12 15:29:00
redhatcve
redhatcve
CVE-2017-9461
2017-06-07 09:37:18
CVE-2017-2619
2017-03-23 09:48:01
osv
osv
CVE-2017-9461
2017-06-06 21:29:00
samba - security update
2017-04-11 00:00:00
samba - security update
2017-03-23 00:00:00
ubuntu
ubuntu
Samba vulnerability
2017-07-05 00:00:00
Samba vulnerability
2017-04-25 00:00:00
Samba vulnerability
2017-03-23 00:00:00
cve
cve
CVE-2017-9461
2017-06-06 21:29:00
CVE-2017-2619
2018-03-12 15:29:00
ibm
ibm
debiancve
debiancve
CVE-2017-9461
2017-06-06 21:29:00
CVE-2017-2619
2018-03-12 15:29:00
ubuntucve
ubuntucve
CVE-2017-9461
2017-06-06 00:00:00
CVE-2017-2619
2017-03-23 00:00:00
prion
prion
Denial of service
2017-06-06 21:29:00
Design/Logic Flaw
2018-03-12 15:29:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:18:48
Remote Code Execution (RCE)
2019-01-15 09:18:59
cvelist
cvelist
CVE-2017-9461
2017-06-06 21:00:00
CVE-2017-2619
2017-03-27 00:00:00
fedora
fedora
[SECURITY] Fedora 26 Update: samba-4.6.2-0.fc26
2017-04-06 13:46:48
[SECURITY] Fedora 24 Update: samba-4.4.13-1.fc24
2017-04-15 22:49:44
[SECURITY] Fedora 25 Update: samba-4.5.8-0.fc25
2017-04-02 20:56:24
slackware
slackware
[slackware-security] samba
2017-03-24 05:44:58
[slackware-security] samba
2017-04-01 05:21:31
debian
debian
[SECURITY] [DLA 894-1] samba security update
2017-04-11 14:04:01
[SECURITY] [DSA 3816-1] samba security update
2017-03-23 11:27:29
[SECURITY] [DSA 3816-1] samba security update
2017-03-23 11:27:29
zdt
zdt
altlinux
altlinux
Security fix for the ALT Linux 7 package samba version 4.5.7-alt1.M70P.1
2017-03-23 00:00:00
Security fix for the ALT Linux 8 package samba-DC version 4.6.1-alt1
2017-03-23 00:00:00
Security fix for the ALT Linux 10 package samba version 4.6.1-alt1.S1
2017-03-23 00:00:00
alpinelinux
alpinelinux
CVE-2017-2619
2018-03-12 15:29:00
samba
samba
Symlink race allows access outside share definition.
2017-03-23 00:00:00
suse
suse
Security update for samba (important)
2017-04-05 18:23:27
Security update for samba (important)
2017-03-29 21:08:41
Security update for samba (important)
2017-05-08 21:12:01
freebsd
freebsd
samba -- symlink race allows access outside share definition
2017-03-23 00:00:00
checkpoint_advisories
checkpoint_advisories
Samba Symlink Unauthorized File Access (CVE-2017-2619)
2017-06-29 00:00:00
f5
f5
K20722197 : Samba vulnerability CVE-2017-2619
2018-03-20 00:00:00
seebug
seebug
mageia
mageia
Updated samba packages fix security vulnerability
2017-05-25 17:37:42
amazon
amazon
Important: samba
2017-05-30 23:54:00