[GLSA-201805-07] Samba: Multiple vulnerabilities
Severity
Normal
Affected Packages
1
Unaffected Packages
1
CVEs
6
Multiple vulnerabilities have been found in Samba, the worst of which may allow remote execution of arbitrary code.
Background
Samba is a suite of SMB and CIFS client/server programs.
Description
Multiple vulnerabilities have been discovered in Samba. Please review
the CVE identifiers referenced below for details.
Impact
A remote attacker could possibly execute arbitrary code, cause a Denial
of Service condition, conduct a man-in-the-middle attack, or obtain
sensitive information.
Workaround
There is no known workaround at this time.
Resolution
All Samba users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-fs/samba-4.5.16"
Package | Affected Version |
---|---|
pkg:ebuild/net-fs/samba?distro=gentoo | < 4.5.16 |
Package | Unaffected Version |
---|---|
pkg:ebuild/net-fs/samba?distro=gentoo | >= 4.5.16 |
- ID
- GLSA-201805-07
- Severity
- normal
- URL
- https://security.gentoo.org/glsa/201805-07
- Published
-
2018-05-22T00:00:00
(6 years ago) - Modified
-
2018-05-22T00:00:00
(6 years ago) - Rights
- Gentoo Foundation, Inc.
- Other Advisories
-
- ALAS-2016-732
- ALAS-2017-834
- ALAS-2017-933
- ALAS-2018-1126
- ALAS2-2018-1126
- ALPINE:CVE-2017-14746
- ALPINE:CVE-2017-15275
- ALPINE:CVE-2017-7494
- ALPINE:CVE-2018-1050
- ALPINE:CVE-2018-1057
- ASA-201705-22
- ASA-201712-1
- ASA-201803-10
- CISA-2023:0330
- CISCO-SA-20170530-SAMBA
- DSA-3740-1
- DSA-3860-1
- DSA-4043-1
- DSA-4135-1
- ELSA-2016-1486
- ELSA-2016-1487
- ELSA-2017-1270
- ELSA-2017-1271
- ELSA-2017-1272
- ELSA-2017-3260
- ELSA-2017-3278
- ELSA-2018-1860
- ELSA-2018-1883
- ELSA-2018-3056
- FEDORA-2016-0acec022f4
- FEDORA-2016-48b53757a9
- FEDORA-2017-366046c758
- FEDORA-2017-570c0071c4
- FEDORA-2017-642a0eca75
- FEDORA-2017-791c5d52be
- FEDORA-2017-c729c6123c
- FEDORA-2018-7d0acd608b
- FEDORA-2018-8e4d871867
- FEDORA-2018-bc22d6c7bc
- FEDORA-2018-c2a93f8e1b
- FEDORA-2018-c5c651ac44
- FEDORA-2019-019c5314a0
- FREEBSD:4729C849-4897-11E6-B704-000C292E4FD8
- FREEBSD:6F4D96C0-4062-11E7-B291-B499BAEBFEAF
- FREEBSD:FB26F78A-26A9-11E8-A1C2-00505689D4AE
- RHSA-2016:1486
- RHSA-2016:1487
- RHSA-2017:1270
- RHSA-2017:1271
- RHSA-2017:3260
- RHSA-2017:3278
- RHSA-2018:1860
- RHSA-2018:1883
- RHSA-2018:3056
- SSA:2016-189-01
- SSA:2017-144-01
- SSA:2017-332-01
- SSA:2018-072-02
- SUSE-SU-2016:2306-1
- SUSE-SU-2016:2570-1
- SUSE-SU-2017:1391-1
- SUSE-SU-2017:1392-1
- SUSE-SU-2017:1393-1
- SUSE-SU-2017:1396-1
- SUSE-SU-2017:3086-1
- SUSE-SU-2017:3104-1
- SUSE-SU-2017:3155-1
- SUSE-SU-2018:0018-1
- SUSE-SU-2018:0754-1
- SUSE-SU-2018:0774-1
- SUSE-SU-2018:0832-1
- SUSE-SU-2018:1687-1
- SUSE-SU-2018:2321-1
- SUSE-SU-2018:2339-1
- SUSE-SU-2018:2339-2
- USN-3092-1
- USN-3296-1
- USN-3296-2
- USN-3486-1
- USN-3486-2
- USN-3595-1
- USN-3595-2
Source | # ID | Name | URL |
---|---|---|---|
CVE | CVE-2016-2119 | CVE-2016-2119 | https://nvd.nist.gov/vuln/detail/CVE-2016-2119 |
CVE | CVE-2017-14746 | CVE-2017-14746 | https://nvd.nist.gov/vuln/detail/CVE-2017-14746 |
CVE | CVE-2017-15275 | CVE-2017-15275 | https://nvd.nist.gov/vuln/detail/CVE-2017-15275 |
CVE | CVE-2017-7494 | CVE-2017-7494 | https://nvd.nist.gov/vuln/detail/CVE-2017-7494 |
CVE | CVE-2018-1050 | CVE-2018-1050 | https://nvd.nist.gov/vuln/detail/CVE-2018-1050 |
CVE | CVE-2018-1057 | CVE-2018-1057 | https://nvd.nist.gov/vuln/detail/CVE-2018-1057 |
Bugzilla | 588262 | Bugzilla #588262 | https://bugs.gentoo.org/show_bug.cgi?id=588262 |
Bugzilla | 619516 | Bugzilla #619516 | https://bugs.gentoo.org/show_bug.cgi?id=619516 |
Bugzilla | 639024 | Bugzilla #639024 | https://bugs.gentoo.org/show_bug.cgi?id=639024 |
Bugzilla | 650382 | Bugzilla #650382 | https://bugs.gentoo.org/show_bug.cgi?id=650382 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |