Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : samba regression (USN-2855-2)

Ubuntu Security Notice (C) 2016 Canonical, Inc. / NASL script (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote Ubuntu host is missing a security-related patch.

Description :

USN-2855-1 fixed vulnerabilities in Samba. The upstream fix for
CVE-2015-5252 introduced a regression in certain specific
environments. This update fixes the problem.

Thilo Uttendorfer discovered that the Samba LDAP server incorrectly
handled certain packets. A remote attacker could use this issue to
cause the LDAP server to stop responding, resulting in a denial of
service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 15.04 and
Ubuntu 15.10. (CVE-2015-3223)

Jan Kasprzak discovered that Samba incorrectly handled
certain symlinks. A remote attacker could use this issue to
access files outside the exported share path.
(CVE-2015-5252)

Stefan Metzmacher discovered that Samba did not enforce
signing when creating encrypted connections. If a remote
attacker were able to perform a man-in-the-middle attack,
this flaw could be exploited to view sensitive information.
(CVE-2015-5296)

It was discovered that Samba incorrectly performed access
control when using the VFS shadow_copy2 module. A remote
attacker could use this issue to access snapshots, contrary
to intended permissions. (CVE-2015-5299)

Douglas Bagnall discovered that Samba incorrectly handled
certain string lengths. A remote attacker could use this
issue to possibly access sensitive information.
(CVE-2015-5330)

It was discovered that the Samba LDAP server incorrectly
handled certain packets. A remote attacker could use this
issue to cause the LDAP server to stop responding, resulting
in a denial of service. This issue only affected Ubuntu
14.04 LTS, Ubuntu 15.04 and Ubuntu 15.10. (CVE-2015-7540)

Andrew Bartlett discovered that Samba incorrectly checked
administrative privileges during creation of machine
accounts. A remote attacker could possibly use this issue to
bypass intended access restrictions in certain environments.
This issue only affected Ubuntu 14.04 LTS, Ubuntu 15.04 and
Ubuntu 15.10. (CVE-2015-8467).

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

Solution :

Update the affected samba package.

Risk factor :

Medium / CVSS Base Score : 6.0
(CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P)
CVSS Temporal Score : 4.4
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Ubuntu Local Security Checks

Nessus Plugin ID: 88804 ()

Bugtraq ID:

CVE ID: CVE-2015-3223
CVE-2015-5252
CVE-2015-5296
CVE-2015-5299
CVE-2015-5330
CVE-2015-7540
CVE-2015-8467

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now