Security Advisory Moderate: samba security update

Advisory: RHSA-2014:0305-1
Type: Security Advisory
Severity: Moderate
Issued on: 2014-03-17
Last updated on: 2014-03-17
Affected Products: RHEL Desktop Workstation (v. 5 client)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
CVEs (cve.mitre.org): CVE-2013-0213
CVE-2013-0214
CVE-2013-4124

Details

Updated samba packages that fix three security issues are now available for
Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having Moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

Samba is an open-source implementation of the Server Message Block (SMB) or
Common Internet File System (CIFS) protocol, which allows PC-compatible
machines to share files, printers, and other information.

It was discovered that the Samba Web Administration Tool (SWAT) did not
protect against being opened in a web page frame. A remote attacker could
possibly use this flaw to conduct a clickjacking attack against SWAT users
or users with an active SWAT session. (CVE-2013-0213)

A flaw was found in the Cross-Site Request Forgery (CSRF) protection
mechanism implemented in SWAT. An attacker with the knowledge of a victim's
password could use this flaw to bypass CSRF protections and conduct a CSRF
attack against the victim SWAT user. (CVE-2013-0214)

An integer overflow flaw was found in the way Samba handled an Extended
Attribute (EA) list provided by a client. A malicious client could send a
specially crafted EA list that triggered an overflow, causing the server to
loop and reprocess the list using an excessive amount of memory.
(CVE-2013-4124)

Note: This issue did not affect the default configuration of the Samba
server.

Red Hat would like to thank the Samba project for reporting CVE-2013-0213
and CVE-2013-0214. Upstream acknowledges Jann Horn as the original reporter
of CVE-2013-0213 and CVE-2013-0214.

All users of Samba are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. After installing this
update, the smb service will be restarted automatically.


Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the
Red Hat Network to apply this update are available at
https://access.redhat.com/site/articles/11258

Updated packages

RHEL Desktop Workstation (v. 5 client)

SRPMS:
samba-3.0.33-3.40.el5_10.src.rpm     MD5: 22c8ab5eb188dee0db821422ec7304bd
SHA-256: 3cf624e5809e6052a440d2c3c3b7171fd6f474289b8d8c9a3f208c4ac2e8a499
 
IA-32:
libsmbclient-devel-3.0.33-3.40.el5_10.i386.rpm     MD5: e4d2b79c58490f9177b7f19f1426bb81
SHA-256: 77048125b45a843aafadab82aae5b8d9a6fc53631179c33c6ad0b56592ef95eb
samba-debuginfo-3.0.33-3.40.el5_10.i386.rpm     MD5: c5f266e25d574ccee3b51dae5ec1e230
SHA-256: 4e42174b762a63ee28c0fe0b2217c3d16a7170ff225ea37fb032e860be588878
 
x86_64:
libsmbclient-devel-3.0.33-3.40.el5_10.i386.rpm     MD5: e4d2b79c58490f9177b7f19f1426bb81
SHA-256: 77048125b45a843aafadab82aae5b8d9a6fc53631179c33c6ad0b56592ef95eb
libsmbclient-devel-3.0.33-3.40.el5_10.x86_64.rpm     MD5: 3d3860ae0600db9e06b5df3562f5fa28
SHA-256: e290bf418a536004838ecd218336b39204b1e5ce353d07aa494ec41720e77a48
samba-debuginfo-3.0.33-3.40.el5_10.i386.rpm     MD5: c5f266e25d574ccee3b51dae5ec1e230
SHA-256: 4e42174b762a63ee28c0fe0b2217c3d16a7170ff225ea37fb032e860be588878
samba-debuginfo-3.0.33-3.40.el5_10.x86_64.rpm     MD5: a8cd2e09f10bb662cc6c39c53228bce4
SHA-256: cd8bf365af199c4455a6ceb797048cdce217c69ef9e0c0332ae20bb2597b9327
 
Red Hat Enterprise Linux (v. 5 server)

SRPMS:
samba-3.0.33-3.40.el5_10.src.rpm     MD5: 22c8ab5eb188dee0db821422ec7304bd
SHA-256: 3cf624e5809e6052a440d2c3c3b7171fd6f474289b8d8c9a3f208c4ac2e8a499
 
IA-32:
libsmbclient-3.0.33-3.40.el5_10.i386.rpm     MD5: a14c2e96604a8ede79a74f8322058feb
SHA-256: 0bfe6845dac6f19cc443099a0c1a8e5e1fe6e95c0b0d74ab7765264dc209e1cb
libsmbclient-devel-3.0.33-3.40.el5_10.i386.rpm     MD5: e4d2b79c58490f9177b7f19f1426bb81
SHA-256: 77048125b45a843aafadab82aae5b8d9a6fc53631179c33c6ad0b56592ef95eb
samba-3.0.33-3.40.el5_10.i386.rpm     MD5: 64dbec7f76a31cf8125543932606cf76
SHA-256: 3ac43a3222df2548e29f75ac7a2f99bedddd7807c8338716122e0f66abeb0ecf
samba-client-3.0.33-3.40.el5_10.i386.rpm     MD5: fc0950f4997689d514cd21f7305f6eea
SHA-256: 9a153c8b6d9c04bd31497f933da9663b70014aa86fae958162df9800c869c4f2
samba-common-3.0.33-3.40.el5_10.i386.rpm     MD5: 3828b02070c1b2357801008f9948b993
SHA-256: 858589220a58264f8c34855c850d0a6b0baac13d20e434b3cebbb3de64af376d
samba-debuginfo-3.0.33-3.40.el5_10.i386.rpm     MD5: c5f266e25d574ccee3b51dae5ec1e230
SHA-256: 4e42174b762a63ee28c0fe0b2217c3d16a7170ff225ea37fb032e860be588878
samba-swat-3.0.33-3.40.el5_10.i386.rpm     MD5: 4d99f7f46fb729b6c473801eada5ef89
SHA-256: 48cc9df271a827a54d88a7c363d4b3aa89356d04db00cdcb5e411268a0e4f8e8
 
IA-64:
libsmbclient-3.0.33-3.40.el5_10.ia64.rpm     MD5: 932f018bae122803cb2c6f694f53ac3a
SHA-256: 69f2dc7b309c1571c6e017187c1a8e87124648c7d36235f22acd67b3fbc2700b
libsmbclient-devel-3.0.33-3.40.el5_10.ia64.rpm     MD5: 25de605a6f46a11bbaad79df5cf65ce5
SHA-256: 47e5491d6119ddc8e7e6ab010ea00cfb071a35e74b390fd84a4414beefbe3896
samba-3.0.33-3.40.el5_10.ia64.rpm     MD5: b76acf428c817c922d87171d2e61c2c8
SHA-256: 41dd8c29765e59ced009fc9be4d6feea6414254014befad182bef8a35b7f6203
samba-client-3.0.33-3.40.el5_10.ia64.rpm     MD5: b23537a411a44f371fd65dd8c681da03
SHA-256: 9ca2c026ed825452cbbefd90fabf6bbed0ecc6fa63f711f480fe355a0ff49c4b
samba-common-3.0.33-3.40.el5_10.ia64.rpm     MD5: f3a2855a11c25780da6646b635c532d5
SHA-256: 24d2ada4e86be723d2a9d7516f65b06d70fe56b248e4d8c7a29ecbe25e9344cb
samba-debuginfo-3.0.33-3.40.el5_10.ia64.rpm     MD5: 1f69aa8c5fabd57d20d7d52885ce063c
SHA-256: b6e991ee40c4c6c371dfee7a58288a4d46186108495104d2b0b4ad1568ea1a8f
samba-swat-3.0.33-3.40.el5_10.ia64.rpm     MD5: 6b475cd03594bf1388072ec13dd784c9
SHA-256: d35f26b445d5b0777e00c60e5632b9fb231e1df67755cd664b18b42018e12392
 
PPC:
libsmbclient-3.0.33-3.40.el5_10.ppc.rpm     MD5: 417e37de034e297df0c0a4ea74021ae1
SHA-256: 2d9cf804c25946968caa3911c41ee31e6bbbd547253ef382b32b1234a72a1754
libsmbclient-3.0.33-3.40.el5_10.ppc64.rpm     MD5: 45ad8184f2658be27e24240101ed67f9
SHA-256: fe75b7f7864ee452998ee983940e82943b56e358fdc4e1b67af6dc70d2e88c25
libsmbclient-devel-3.0.33-3.40.el5_10.ppc.rpm     MD5: e9088df1e8ce0b098f07e9c4ecf6f10b
SHA-256: abf74ef55f43125595c0738f85c7d68e7673311164fadfbbe83b09262840137b
libsmbclient-devel-3.0.33-3.40.el5_10.ppc64.rpm     MD5: 12a26c6f8635e127dc22a643980a5303
SHA-256: 97f6199f2bb57a51f96a7ab8523fc7b96c6557ef9ee464733a1938bade90fac4
samba-3.0.33-3.40.el5_10.ppc.rpm     MD5: 407f818106ebc0a6e1d918bba79c53e4
SHA-256: e5006fd17f9d09f3028c2686cd85437d57dce7d47516ab0794372f80709e584a
samba-client-3.0.33-3.40.el5_10.ppc.rpm     MD5: 72077d859152e0648f0bd22d00aee180
SHA-256: 056976c1d4bba6c4bc04812c667d337bc968d54580fef79d8c64ed2248fe06fe
samba-common-3.0.33-3.40.el5_10.ppc.rpm     MD5: a34dbe76fe72708e6f51f67f8ab63a09
SHA-256: e15dcb37245113dfc5784c3c425a1158d31c13869eb6378831dc69720c2a1963
samba-common-3.0.33-3.40.el5_10.ppc64.rpm     MD5: 414f00ca7b48f76e6c018b5fc437096b
SHA-256: b5931867c39b94556cf5f73d11641c3651e67750c2db3b6d86a6febdd9faa680
samba-debuginfo-3.0.33-3.40.el5_10.ppc.rpm     MD5: a34ec0739a5dbf407508b7f2a9b20a06
SHA-256: f2908fc4254d543ed459322029f9e84cfe4099b54744359338fbdf5b74ac74ea
samba-debuginfo-3.0.33-3.40.el5_10.ppc64.rpm     MD5: 18b4f8b96e25b5fdffecead591000995
SHA-256: 646eba6fed753cb43b47c5b36e8381306a5d4b5f6dd4b082d87209f23f7c20a6
samba-swat-3.0.33-3.40.el5_10.ppc.rpm     MD5: 97c31d30ce0366af60397a9fe79a94d2
SHA-256: 4e0542656fa3d7972a9c64557524d4951a3d67eadd280f8cb27c6a3949e6557a
 
s390x:
libsmbclient-3.0.33-3.40.el5_10.s390.rpm     MD5: 5ca86341aa86a8e9efc882efb9a05592
SHA-256: d9a39be4921a157a352321264c52ce35bb0ed9a8b69f45abaff4723cfef3d236
libsmbclient-3.0.33-3.40.el5_10.s390x.rpm     MD5: 2f2a5837b308a77487aac5f077d7e21c
SHA-256: 8b5d27495d80046202a3c58f4bb2ded470ad7a3e65dca30f63e8d6df832f23f5
libsmbclient-devel-3.0.33-3.40.el5_10.s390.rpm     MD5: cc5e06c5ac9d4071ae3457f2967485c2
SHA-256: 184de48b8cbfa72c7e7c8b93054d09461159f2b114eed30106fb554137cb3436
libsmbclient-devel-3.0.33-3.40.el5_10.s390x.rpm     MD5: 13d270b0ec4a398c0b558df537ce480f
SHA-256: 7bd207e5cbf92e2477c1749ad3edc8fd6b1e971a0f1e6261e087ec0c7f6d3017
samba-3.0.33-3.40.el5_10.s390x.rpm     MD5: 253d65df6e7c28b925bb37467e7ab748
SHA-256: b8fc2efe7ec2329b4b84449cbd60ec8be6646bb6e56b8c0068ef239487b37547
samba-client-3.0.33-3.40.el5_10.s390x.rpm     MD5: 00e2665ac70699a4e4b42de51d18c22e
SHA-256: 9f66956edc3393301ac71c0264f8b3453c61ec9d846db65a3523479649c06a60
samba-common-3.0.33-3.40.el5_10.s390.rpm     MD5: 82cb2b7944e2c04487feb9e5a3e4b2b4
SHA-256: 19d95a24a49d25f202a9655399b9e7266b0d97e9a729c297c1b7f788fdd54c96
samba-common-3.0.33-3.40.el5_10.s390x.rpm     MD5: f1294163238ecf1e5805ba898608f398
SHA-256: 4875d4eacad3f29b0e96490d8efe5b4bf06fe83ef08035c06a1a6f415f2d2709
samba-debuginfo-3.0.33-3.40.el5_10.s390.rpm     MD5: 3229ee0f7eb089dfa6b52158fd9ee736
SHA-256: 877430371d5ff0743d8147c1d33f9a18eb851a4db1a1ceaff8dd74701b9b5c36
samba-debuginfo-3.0.33-3.40.el5_10.s390x.rpm     MD5: 872d60d94df644237fcd70d93a0501ef
SHA-256: 5e7e0aa5e7dfbf70c5079dc92bec8cda05f01d450c72e5fa80958163d7d1528e
samba-swat-3.0.33-3.40.el5_10.s390x.rpm     MD5: e0b4c922777fe95836bbe1623062cc44
SHA-256: a79efd8408d8ee986e3856c95074b9e1d413492c2b90df0cd02e710689b0cbcc
 
x86_64:
libsmbclient-3.0.33-3.40.el5_10.i386.rpm     MD5: a14c2e96604a8ede79a74f8322058feb
SHA-256: 0bfe6845dac6f19cc443099a0c1a8e5e1fe6e95c0b0d74ab7765264dc209e1cb
libsmbclient-3.0.33-3.40.el5_10.x86_64.rpm     MD5: 0bb27f92bdab37f153aa455d2c259d0d
SHA-256: 01087b6e9f35917c1613b84981f0ab0eb498036e7d0f4cc64478f7b48b3d7469
libsmbclient-devel-3.0.33-3.40.el5_10.i386.rpm     MD5: e4d2b79c58490f9177b7f19f1426bb81
SHA-256: 77048125b45a843aafadab82aae5b8d9a6fc53631179c33c6ad0b56592ef95eb
libsmbclient-devel-3.0.33-3.40.el5_10.x86_64.rpm     MD5: 3d3860ae0600db9e06b5df3562f5fa28
SHA-256: e290bf418a536004838ecd218336b39204b1e5ce353d07aa494ec41720e77a48
samba-3.0.33-3.40.el5_10.x86_64.rpm     MD5: 641c20afacf571c41f62e0ebb2d034a0
SHA-256: 50f0bf9a052c7dbce5b81748cbdbedd4ef6ed9d1c36e2213033e3470217e62da
samba-client-3.0.33-3.40.el5_10.x86_64.rpm     MD5: ea9879b1345d1b4908b9927b06c37a00
SHA-256: f22f50b3b8861f48360ed52845b8c659453953e82a75181d901cdbfe72fdfadd
samba-common-3.0.33-3.40.el5_10.i386.rpm     MD5: 3828b02070c1b2357801008f9948b993
SHA-256: 858589220a58264f8c34855c850d0a6b0baac13d20e434b3cebbb3de64af376d
samba-common-3.0.33-3.40.el5_10.x86_64.rpm     MD5: 47600c51c37f12c978c1e2ac1150f3d5
SHA-256: afc070d0e00fb853d8431dd8d28cf715323afcf47f7de949d83b963c2141fce5
samba-debuginfo-3.0.33-3.40.el5_10.i386.rpm     MD5: c5f266e25d574ccee3b51dae5ec1e230
SHA-256: 4e42174b762a63ee28c0fe0b2217c3d16a7170ff225ea37fb032e860be588878
samba-debuginfo-3.0.33-3.40.el5_10.x86_64.rpm     MD5: a8cd2e09f10bb662cc6c39c53228bce4
SHA-256: cd8bf365af199c4455a6ceb797048cdce217c69ef9e0c0332ae20bb2597b9327
samba-swat-3.0.33-3.40.el5_10.x86_64.rpm     MD5: 4f59a93a136145c2d2b4b1f45f5778c2
SHA-256: c7271be3623b084116de005564c154e0f66c493f6fa4c805aa4805e87109def7
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
samba-3.0.33-3.40.el5_10.src.rpm     MD5: 22c8ab5eb188dee0db821422ec7304bd
SHA-256: 3cf624e5809e6052a440d2c3c3b7171fd6f474289b8d8c9a3f208c4ac2e8a499
 
IA-32:
libsmbclient-3.0.33-3.40.el5_10.i386.rpm     MD5: a14c2e96604a8ede79a74f8322058feb
SHA-256: 0bfe6845dac6f19cc443099a0c1a8e5e1fe6e95c0b0d74ab7765264dc209e1cb
samba-3.0.33-3.40.el5_10.i386.rpm     MD5: 64dbec7f76a31cf8125543932606cf76
SHA-256: 3ac43a3222df2548e29f75ac7a2f99bedddd7807c8338716122e0f66abeb0ecf
samba-client-3.0.33-3.40.el5_10.i386.rpm     MD5: fc0950f4997689d514cd21f7305f6eea
SHA-256: 9a153c8b6d9c04bd31497f933da9663b70014aa86fae958162df9800c869c4f2
samba-common-3.0.33-3.40.el5_10.i386.rpm     MD5: 3828b02070c1b2357801008f9948b993
SHA-256: 858589220a58264f8c34855c850d0a6b0baac13d20e434b3cebbb3de64af376d
samba-debuginfo-3.0.33-3.40.el5_10.i386.rpm     MD5: c5f266e25d574ccee3b51dae5ec1e230
SHA-256: 4e42174b762a63ee28c0fe0b2217c3d16a7170ff225ea37fb032e860be588878
samba-swat-3.0.33-3.40.el5_10.i386.rpm     MD5: 4d99f7f46fb729b6c473801eada5ef89
SHA-256: 48cc9df271a827a54d88a7c363d4b3aa89356d04db00cdcb5e411268a0e4f8e8
 
x86_64:
libsmbclient-3.0.33-3.40.el5_10.i386.rpm     MD5: a14c2e96604a8ede79a74f8322058feb
SHA-256: 0bfe6845dac6f19cc443099a0c1a8e5e1fe6e95c0b0d74ab7765264dc209e1cb
libsmbclient-3.0.33-3.40.el5_10.x86_64.rpm     MD5: 0bb27f92bdab37f153aa455d2c259d0d
SHA-256: 01087b6e9f35917c1613b84981f0ab0eb498036e7d0f4cc64478f7b48b3d7469
samba-3.0.33-3.40.el5_10.x86_64.rpm     MD5: 641c20afacf571c41f62e0ebb2d034a0
SHA-256: 50f0bf9a052c7dbce5b81748cbdbedd4ef6ed9d1c36e2213033e3470217e62da
samba-client-3.0.33-3.40.el5_10.x86_64.rpm     MD5: ea9879b1345d1b4908b9927b06c37a00
SHA-256: f22f50b3b8861f48360ed52845b8c659453953e82a75181d901cdbfe72fdfadd
samba-common-3.0.33-3.40.el5_10.i386.rpm     MD5: 3828b02070c1b2357801008f9948b993
SHA-256: 858589220a58264f8c34855c850d0a6b0baac13d20e434b3cebbb3de64af376d
samba-common-3.0.33-3.40.el5_10.x86_64.rpm     MD5: 47600c51c37f12c978c1e2ac1150f3d5
SHA-256: afc070d0e00fb853d8431dd8d28cf715323afcf47f7de949d83b963c2141fce5
samba-debuginfo-3.0.33-3.40.el5_10.i386.rpm     MD5: c5f266e25d574ccee3b51dae5ec1e230
SHA-256: 4e42174b762a63ee28c0fe0b2217c3d16a7170ff225ea37fb032e860be588878
samba-debuginfo-3.0.33-3.40.el5_10.x86_64.rpm     MD5: a8cd2e09f10bb662cc6c39c53228bce4
SHA-256: cd8bf365af199c4455a6ceb797048cdce217c69ef9e0c0332ae20bb2597b9327
samba-swat-3.0.33-3.40.el5_10.x86_64.rpm     MD5: 4f59a93a136145c2d2b4b1f45f5778c2
SHA-256: c7271be3623b084116de005564c154e0f66c493f6fa4c805aa4805e87109def7
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

905700 - CVE-2013-0213 samba: clickjacking vulnerability in SWAT
905704 - CVE-2013-0214 samba: cross-site request forgery vulnerability in SWAT
984401 - CVE-2013-4124 samba: DoS via integer overflow when reading an EA list


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/