[3.3] samba: Several vulnerabilities (CVE-2016-2123, CVE-2016-2125, CVE-2016-2126)
CVE-2016-2123: NDR Parsing ndr_pull_dnsp_name Heap-based Buffer Overflow Remote Code Execution Vulnerability
Affected versions: Samba 4.0.0 to 4.5.2
Fixed in: Samba 4.5.3, 4.4.8 and 4.3.13
References:
https://www.samba.org/samba/security/CVE-2016-2123.html
https://www.samba.org/samba/history/security.html
CVE-2016-2125: Unconditional privilege delegation to Kerberos servers in trusted realms
Affected versions: Samba 3.0.25 to 4.5.2
Fixed in: Samba 4.5.3, 4.4.8 and 4.3.13
References:
https://www.samba.org/samba/security/CVE-2016-2125.html
https://www.samba.org/samba/history/security.html
CVE-2016-2126: Flaws in Kerberos PAC validation can trigger privilege elevation.
Affected versions: Samba 4.0.0 to 4.5.2
Fixed in: Samba 4.5.3, 4.4.8 and 4.3.13
References:
https://www.samba.org/samba/security/CVE-2016-2126.html
https://www.samba.org/samba/history/security.html
(from redmine: issue id 6560, created on 2016-12-20, closed on 2017-01-03)
- Relations:
- parent #6558 (closed)
- Changesets:
- Revision 70271759 by Sergei Lukin on 2017-01-03T09:00:47Z:
main/samba: security fixes #6560
CVE-2016-2123: NDR Parsing ndr_pull_dnsp_name Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://www.samba.org/samba/security/CVE-2016-2123.html
CVE-2016-2125: Unconditional privilege delegation to Kerberos servers in trusted realms
https://www.samba.org/samba/security/CVE-2016-2125.html
CVE-2016-2126: Flaws in Kerberos PAC validation can trigger privilege elevation
https://www.samba.org/samba/security/CVE-2016-2126.html
https://www.samba.org/samba/history/security.html