The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of Samba: code execution

Synthesis of the vulnerability 

An attacker can put a shared library into a folder exported with Samba, in order to make it run arbitrary machine code.
Vulnerable systems: Debian, Fedora, HP-UX, Junos Space, openSUSE Leap, Solaris, RHEL, Samba, Slackware, Sonus SBC, SUSE Linux Enterprise Desktop, SLES, Synology DSM, Synology DS***, Synology RS***, Ubuntu.
Severity of this threat: 3/4.
Creation date: 24/05/2017.
Revision date: 29/05/2017.
Références of this weakness: 1450347, bulletinapr2017, CERTFR-2017-AVI-165, CERTFR-2017-AVI-365, CVE-2017-7494, DLA-951-1, DSA-3860-1, FEDORA-2017-570c0071c4, FEDORA-2017-642a0eca75, FEDORA-2017-c729c6123c, HPESBUX03759, JSA10824, JSA10826, openSUSE-SU-2017:1401-1, openSUSE-SU-2017:1415-1, RHSA-2017:1270-01, RHSA-2017:1271-01, RHSA-2017:1272-01, RHSA-2017:1390-01, SSA:2017-144-01, SUSE-SU-2017:1391-1, SUSE-SU-2017:1392-1, SUSE-SU-2017:1393-1, USN-3296-1, VIGILANCE-VUL-22808.

Description of the vulnerability 

An attacker can put a shared library into a folder exported with Samba, in order to make it run arbitrary machine code.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This weakness impacts software or systems such as Debian, Fedora, HP-UX, Junos Space, openSUSE Leap, Solaris, RHEL, Samba, Slackware, Sonus SBC, SUSE Linux Enterprise Desktop, SLES, Synology DSM, Synology DS***, Synology RS***, Ubuntu.

Our Vigil@nce team determined that the severity of this vulnerability announce is important.

The trust level is of type confirmed by the editor, with an origin of intranet client.

A proof of concept or an attack tool is available, so your teams have to process this alert. An attacker with a beginner ability can exploit this threat bulletin.

Solutions for this threat 

Samba: versions 4.6.4, 4.5.10 and 4.4.14.
Versions 4.6.4, 4.5.10 and 4.4.14 are fixed:
  https://download.samba.org/pub/samba/stable/samba-4.6.4.tar.gz
  https://download.samba.org/pub/samba/stable/samba-4.5.10.tar.gz
  https://download.samba.org/pub/samba/stable/samba-4.4.14.tar.gz

Samba: patch for named pipes.
A patch is indicated in information sources (or https://download.samba.org/pub/samba/patches/).

Debian: new samba packages.
New packages are available:
  Debian 7: samba 2:3.6.6-6+deb7u13
  Debian 8: samba 2:4.2.14+dfsg-0+deb8u6

Fedora: new samba packages.
New packages are available:
  Fedora 24: samba 4.4.14-0.fc24
  Fedora 25: samba 4.5.10-0.fc25
  Fedora 26: samba 4.6.4-0.fc26

HP-UX: solution for Samba.
The solution is indicated in information sources.

Juniper Junos Space: solution.
The solution is indicated in information sources.

openSUSE Leap: new samba packages.
New packages are available:
  openSUSE Leap 42.1: samba 4.2.4-33.1
  openSUSE Leap 42.2: samba 4.4.2-11.9.1

Oracle Solaris: patch for third party software of April 2017 v3.
A patch is available:
  https://support.oracle.com/rs?type=doc&id=1448883.1

RHEL 5: new samba3x packages.
New packages are available:
  RHEL 5: samba3x 3.6.23-14.el5_11

RHEL 6.9: new samba4 packages.
New packages are available:
  RHEL 6: samba4 4.2.10-10.el6_9

RHEL: new samba packages.
New packages are available:
  RHEL 7: samba 4.4.4-14.el7_3
  RHEL 7.2: samba 4.2.10-11.el7_2
  RHEL 6: samba 3.6.23-43.el6_9
  RHEL 6.7: samba 3.6.23-32.el6_7
  RHEL 6.6: samba 3.6.23-32.el6_6
  RHEL 6.5: samba 3.6.23-32.el6_5
  RHEL 6.4: samba 3.6.23-32.el6_4
  RHEL 6.2: samba 3.6.23-32.el6_2

Slackware: new samba packages.
New packages are available:
  Slackware 13.1: samba 3.5.22-*-2_slack13.1
  Slackware 13.37: samba 3.5.22-*-2_slack13.37
  Slackware 14.0: samba 4.4.14-*-1_slack14.0
  Slackware 14.1: samba 4.4.14-*-1_slack14.1
  Slackware 14.2: samba 4.4.14-*-1_slack14.2

Sonus: solution for Samba.
The solution is indicated in information sources.

SUSE LE: new samba packages.
New packages are available:
  SUSE LE 11 SP3: samba 3.6.3-93.1
  SUSE LE 11 SP4: samba 3.6.3-93.1
  SUSE LE 12 SP1: samba 4.2.4-28.14.1
  SUSE LE 12 SP2: samba 4.4.2-38.6.1

Synology DiskStation Manager: version 5.2-5967-3.
The version 5.2-5967-3 is fixed.

Synology DiskStation Manager: versions 6.1.1-4 and 6.0.3-1.
Versions 6.1.1-4 and 6.0.3-1 are fixed.

Ubuntu: new samba packages.
New packages are available:
  Ubuntu 17.04: samba 2:4.5.8+dfsg-0ubuntu0.17.04.2
  Ubuntu 16.10: samba 2:4.4.5+dfsg-2ubuntu5.6
  Ubuntu 16.04 LTS: samba 2:4.3.11+dfsg-0ubuntu0.16.04.7
  Ubuntu 14.04 LTS: samba 2:4.3.11+dfsg-0ubuntu0.14.04.8
  Ubuntu 12.04 ESM: samba 2:3.6.25-0ubuntu0.12.04.11

Wind River Linux: solution of Mid-July 2017.
The solution is indicated in information sources.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides a computer security note. The Vigil@nce vulnerability database contains several thousand vulnerabilities.