Уязвимость CVE-2017-12163: Информация
Описание
An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server memory cannot be controlled by the attacker.
Важность: HIGH (7,1) Вектор: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
Исправленные пакеты
Имя пакета | Ветка | Исправлено в версии | Версия в репозитории | Errata ID | № Задания | Состояние |
---|---|---|---|---|---|---|
samba | sisyphus | 4.6.8-alt1.S1 | 4.19.6-alt1 | ALT-PU-2017-2287-1 | 188537 | Исправлено |
samba | p10 | 4.6.8-alt1.S1 | 4.19.6-alt1 | ALT-PU-2017-2287-1 | 188537 | Исправлено |
samba | p9 | 4.6.8-alt1.S1 | 4.14.10-alt2 | ALT-PU-2017-2287-1 | 188537 | Исправлено |
samba | p8 | 4.6.8-alt1.M80P.1 | 4.9.18-alt1 | ALT-PU-2017-2292-1 | 188486 | Исправлено |
samba | c10f1 | 4.6.8-alt1.S1 | 4.16.11-alt2 | ALT-PU-2017-2287-1 | 188537 | Исправлено |
samba | c9f2 | 4.6.8-alt1.S1 | 4.14.14-alt0.c9.1 | ALT-PU-2017-2287-1 | 188537 | Исправлено |
samba | c7 | 4.6.14-alt1.M70C.1.1 | 4.6.15-alt1.M70C.1 | ALT-PU-2018-1440-1 | 202075 | Исправлено |
samba-DC | p8 | 4.6.8-alt1.M80P.1 | 4.9.18-alt1 | ALT-PU-2017-2293-1 | 188486 | Исправлено |
samba-DC | c7 | 4.6.14-alt1.M70C.1.1 | 4.6.15-alt1.M70C.1 | ALT-PU-2018-1441-1 | 202075 | Исправлено |
Ссылки на рекомендации, решения и инструменты
Ссылка | Ресурс |
---|---|
https://www.samba.org/samba/security/CVE-2017-12163.html |
|
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12163 |
|
https://www.synology.com/support/security/Synology_SA_17_57_Samba |
|
DSA-3983 |
|
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03817en_us |
|
https://security.netapp.com/advisory/ntap-20170921-0001/ |
|
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03775en_us |
|
RHSA-2017:2858 |
|
RHSA-2017:2791 |
|
RHSA-2017:2790 |
|
RHSA-2017:2789 |
|
1039401 |
|
100925 |
|