exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2015-081

Mandriva Linux Security Advisory 2015-081
Posted Mar 30, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-081 - An uninitialized pointer use flaw was found in the Samba daemon (smbd). A malicious Samba client could send specially crafted netlogon packets that, when processed by smbd, could potentially lead to arbitrary code execution with the privileges of the user running smbd (by default, the root user).

tags | advisory, arbitrary, root, code execution
systems | linux, mandriva
advisories | CVE-2015-0240
SHA-256 | fa2365b1ed1e17c66739c446a1c933e66dcd0dca5792983245ef2a8408c4c002

Mandriva Linux Security Advisory 2015-081

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:081
https://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : samba
Date : March 28, 2015
Affected: Business Server 1.0
_______________________________________________________________________

Problem Description:

Updated samba packages fix security vulnerabilities:

An uninitialized pointer use flaw was found in the Samba daemon
(smbd). A malicious Samba client could send specially crafted netlogon
packets that, when processed by smbd, could potentially lead to
arbitrary code execution with the privileges of the user running smbd
(by default, the root user) (CVE-2015-0240).
_______________________________________________________________________

References:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0240
https://advisories.mageia.org/MGASA-2015-0084.html
_______________________________________________________________________

Updated Packages:

Mandriva Business Server 1/X86_64:
4ac8f8f9652ad4ca155e19153c6899c8 mbs1/x86_64/lib64netapi0-3.6.25-1.mbs1.x86_64.rpm
70811f103aaf352706212264cd1bdd07 mbs1/x86_64/lib64netapi-devel-3.6.25-1.mbs1.x86_64.rpm
124038bf590e4b24d44032ff319877cb mbs1/x86_64/lib64smbclient0-3.6.25-1.mbs1.x86_64.rpm
8654538cb5fe0ec9f4e1f843b48bfe3e mbs1/x86_64/lib64smbclient0-devel-3.6.25-1.mbs1.x86_64.rpm
0a0b66090334e58925651eaf5a93db4b mbs1/x86_64/lib64smbclient0-static-devel-3.6.25-1.mbs1.x86_64.rpm
af20d1ba0b94c53e49dcd62e9dc2862b mbs1/x86_64/lib64smbsharemodes0-3.6.25-1.mbs1.x86_64.rpm
5e52b9faf84405b9082073077e573b2c mbs1/x86_64/lib64smbsharemodes-devel-3.6.25-1.mbs1.x86_64.rpm
46a0608a84712e469dd32918391e8c3d mbs1/x86_64/lib64wbclient0-3.6.25-1.mbs1.x86_64.rpm
b9244f130c1bdfc160d3d720088e38ba mbs1/x86_64/lib64wbclient-devel-3.6.25-1.mbs1.x86_64.rpm
c715497f62eeeafa889ff7471c79bdfc mbs1/x86_64/nss_wins-3.6.25-1.mbs1.x86_64.rpm
d22d02173ec97c95eb7328024b9e82ee mbs1/x86_64/samba-client-3.6.25-1.mbs1.x86_64.rpm
00bd57d9b85d09366628b1f46505bd85 mbs1/x86_64/samba-common-3.6.25-1.mbs1.x86_64.rpm
9d4637b0de9d912bcd5506fed360d0a2 mbs1/x86_64/samba-doc-3.6.25-1.mbs1.noarch.rpm
7d7f6be0de70100422674ae8cf5172a5 mbs1/x86_64/samba-domainjoin-gui-3.6.25-1.mbs1.x86_64.rpm
55ea454169eb18e357a656872b9b6254 mbs1/x86_64/samba-server-3.6.25-1.mbs1.x86_64.rpm
8ee941751deb9362569b7d6396747408 mbs1/x86_64/samba-swat-3.6.25-1.mbs1.x86_64.rpm
05f58113d2b78614278ee9698d297e49 mbs1/x86_64/samba-virusfilter-clamav-3.6.25-1.mbs1.x86_64.rpm
c8ed9bb7d1636d82ca1aad0100d058a4 mbs1/x86_64/samba-virusfilter-fsecure-3.6.25-1.mbs1.x86_64.rpm
658617b2a62a7aba97bba8a0b81e2962 mbs1/x86_64/samba-virusfilter-sophos-3.6.25-1.mbs1.x86_64.rpm
c8071cdc97727ad4749c522f8eb7e1ba mbs1/x86_64/samba-winbind-3.6.25-1.mbs1.x86_64.rpm
ee22c6311d482ec4a8358d2d4a2a48e0 mbs1/SRPMS/samba-3.6.25-1.mbs1.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

https://www.mandriva.com/en/support/security/advisories/

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iD8DBQFVFlNBmqjQ0CJFipgRAne5AJ4l/PaNKpbcDYC6cDmOgUTaiaedoACgm+Bk
2v2AIePJXBUsvmVJ9qs7z0M=
=ZeNI
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close