漏洞类别:Ubuntu
漏洞等级: 
漏洞信息
It was discovered that the ndr_pull_dnsp_nam function in Samba contained an integer overflow.
It was discovered that Samba clients always requested a forwardable ticket when using Kerberos authentication.
It was discovered that Kerberos PAC validation implementation in Samba contained multiple vulnerabilities.
漏洞危害
An authenticated attacker could use this to gain administrative privileges. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 16.10. (CVE-2016-2123)
An attacker could use this to impersonate an authenticated user or service. (CVE-2016-2125)
An authenticated attacker could use this to cause a denial of service or gain administrative privileges. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 16.10. (CVE-2016-2126)
解决方案
Refer to Ubuntu advisory USN-3158-1 for affected packages and patching details, or update with your package manager.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
USN-3158-1: 16.10 (Yakkety) on src (winbind)
USN-3158-1: 16.04 (Xenial) on src (winbind)
USN-3158-1: 16.04 (Xenial) on src (samba)
USN-3158-1: 12.04 (Precise) on src (samba)
USN-3158-1: 14.04 (Kylin) on src (libsmbclient)
USN-3158-1: 16.10 (Yakkety) on src (samba)
USN-3158-1: 16.10 (Yakkety) on src (libsmbclient)
USN-3158-1: 14.04 (Kylin) on src (winbind)
USN-3158-1: 14.04 (Kylin) on src (samba)
0day
文章评论