[3.2] samba: Several vulnerabilities (CVE-2016-2123, CVE-2016-2125, CVE-2016-2126)
CVE-2016-2123: NDR Parsing ndr_pull_dnsp_name Heap-based Buffer Overflow Remote Code Execution Vulnerability
Affected versions: Samba 4.0.0 to 4.5.2
Fixed in: Samba 4.5.3, 4.4.8 and 4.3.13
References:
https://www.samba.org/samba/security/CVE-2016-2123.html
https://www.samba.org/samba/history/security.html
CVE-2016-2125: Unconditional privilege delegation to Kerberos servers in trusted realms
Affected versions: Samba 3.0.25 to 4.5.2
Fixed in: Samba 4.5.3, 4.4.8 and 4.3.13
References:
https://www.samba.org/samba/security/CVE-2016-2125.html
https://www.samba.org/samba/history/security.html
CVE-2016-2126: Flaws in Kerberos PAC validation can trigger privilege elevation.
Affected versions: Samba 4.0.0 to 4.5.2
Fixed in: Samba 4.5.3, 4.4.8 and 4.3.13
References:
https://www.samba.org/samba/security/CVE-2016-2126.html
https://www.samba.org/samba/history/security.html
(from redmine: issue id 6561, created on 2016-12-20, closed on 2017-01-03)
- Relations:
- parent #6558 (closed)
- Changesets:
- Revision 3dfb0761 by Sergei Lukin on 2017-01-03T09:38:49Z:
main/samba: security fixes #6561
CVE-2016-2123: NDR Parsing ndr_pull_dnsp_name Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://www.samba.org/samba/security/CVE-2016-2123.html
CVE-2016-2125: Unconditional privilege delegation to Kerberos servers in trusted realms
https://www.samba.org/samba/security/CVE-2016-2125.html
CVE-2016-2126: Flaws in Kerberos PAC validation can trigger privilege elevation
https://www.samba.org/samba/security/CVE-2016-2126.html
https://www.samba.org/samba/history/security.html