FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

samba -- multiple vulnerabilities

Affected packages
3.6.0 <= samba36 < 3.6.25_2
4.0.0 <= samba4 <= 4.0.26
4.1.0 <= samba41 < 4.1.22
4.2.0 <= samba42 < 4.2.7
4.3.0 <= samba43 < 4.3.3
1.0.0 <= ldb < 1.1.24

Details

VuXML ID ef434839-a6a4-11e5-8275-000c292e4fd8
Discovery 2015-12-16
Entry 2015-12-19
Modified 2016-02-05

Samba team reports:

[CVE-2015-3223] Malicious request can cause Samba LDAP server to hang, spinning using CPU.

[CVE-2015-5330] Malicious request can cause Samba LDAP server to return uninitialized memory that should not be part of the reply.

[CVE-2015-5296] Requesting encryption should also request signing when setting up the connection to protect against man-in-the-middle attacks.

[CVE-2015-5299] A missing access control check in the VFS shadow_copy2 module could allow unauthorized users to access snapshots.

[CVE-2015-7540] Malicious request can cause Samba LDAP server to return crash.

[CVE-2015-8467] Samba can expose Windows DCs to MS15-096 Denial of service via the creation of multiple machine accounts(The Microsoft issue is CVE-2015-2535).

[CVE-2015-5252] Insufficient symlink verification could allow data access outside share path.

References

CVE Name CVE-2015-3223
CVE Name CVE-2015-5252
CVE Name CVE-2015-5296
CVE Name CVE-2015-5299
CVE Name CVE-2015-5330
CVE Name CVE-2015-7540
CVE Name CVE-2015-8467
URL https://www.samba.org/samba/security/CVE-2015-3223.html
URL https://www.samba.org/samba/security/CVE-2015-5252.html
URL https://www.samba.org/samba/security/CVE-2015-5296.html
URL https://www.samba.org/samba/security/CVE-2015-5299.html
URL https://www.samba.org/samba/security/CVE-2015-5330.html
URL https://www.samba.org/samba/security/CVE-2015-7540.html
URL https://www.samba.org/samba/security/CVE-2015-8467.html