Issued:: 2014-03-17
Updated:: 2014-03-17

RHSA-2014:0305 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: samba security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated samba packages that fix three security issues are now available for
Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having Moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

Description

Samba is an open-source implementation of the Server Message Block (SMB) or
Common Internet File System (CIFS) protocol, which allows PC-compatible
machines to share files, printers, and other information.

It was discovered that the Samba Web Administration Tool (SWAT) did not
protect against being opened in a web page frame. A remote attacker could
possibly use this flaw to conduct a clickjacking attack against SWAT users
or users with an active SWAT session. (CVE-2013-0213)

A flaw was found in the Cross-Site Request Forgery (CSRF) protection
mechanism implemented in SWAT. An attacker with the knowledge of a victim's
password could use this flaw to bypass CSRF protections and conduct a CSRF
attack against the victim SWAT user. (CVE-2013-0214)

An integer overflow flaw was found in the way Samba handled an Extended
Attribute (EA) list provided by a client. A malicious client could send a
specially crafted EA list that triggered an overflow, causing the server to
loop and reprocess the list using an excessive amount of memory.
(CVE-2013-4124)

Note: This issue did not affect the default configuration of the Samba
server.

Red Hat would like to thank the Samba project for reporting CVE-2013-0213
and CVE-2013-0214. Upstream acknowledges Jann Horn as the original reporter
of CVE-2013-0213 and CVE-2013-0214.

All users of Samba are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. After installing this
update, the smb service will be restarted automatically.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the
Red Hat Network to apply this update are available at
https://access.redhat.com/site/articles/11258

Affected Products

Red Hat Enterprise Linux Server 5 x86_64
Red Hat Enterprise Linux Server 5 ia64
Red Hat Enterprise Linux Server 5 i386
Red Hat Enterprise Linux Workstation 5 x86_64
Red Hat Enterprise Linux Workstation 5 i386
Red Hat Enterprise Linux Desktop 5 x86_64
Red Hat Enterprise Linux Desktop 5 i386
Red Hat Enterprise Linux for IBM z Systems 5 s390x
Red Hat Enterprise Linux for Power, big endian 5 ppc
Red Hat Enterprise Linux Server from RHUI 5 x86_64
Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

BZ - 905700 - CVE-2013-0213 samba: clickjacking vulnerability in SWAT
BZ - 905704 - CVE-2013-0214 samba: cross-site request forgery vulnerability in SWAT
BZ - 984401 - CVE-2013-4124 samba: DoS via integer overflow when reading an EA list

CVEs

References

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 5

SRPM
samba-3.0.33-3.40.el5_10.src.rpm	SHA-256: 3cf624e5809e6052a440d2c3c3b7171fd6f474289b8d8c9a3f208c4ac2e8a499
x86_64
libsmbclient-3.0.33-3.40.el5_10.i386.rpm	SHA-256: 0bfe6845dac6f19cc443099a0c1a8e5e1fe6e95c0b0d74ab7765264dc209e1cb
libsmbclient-3.0.33-3.40.el5_10.x86_64.rpm	SHA-256: 01087b6e9f35917c1613b84981f0ab0eb498036e7d0f4cc64478f7b48b3d7469
libsmbclient-devel-3.0.33-3.40.el5_10.i386.rpm	SHA-256: 77048125b45a843aafadab82aae5b8d9a6fc53631179c33c6ad0b56592ef95eb
libsmbclient-devel-3.0.33-3.40.el5_10.x86_64.rpm	SHA-256: e290bf418a536004838ecd218336b39204b1e5ce353d07aa494ec41720e77a48
samba-3.0.33-3.40.el5_10.x86_64.rpm	SHA-256: 50f0bf9a052c7dbce5b81748cbdbedd4ef6ed9d1c36e2213033e3470217e62da
samba-client-3.0.33-3.40.el5_10.x86_64.rpm	SHA-256: f22f50b3b8861f48360ed52845b8c659453953e82a75181d901cdbfe72fdfadd
samba-common-3.0.33-3.40.el5_10.i386.rpm	SHA-256: 858589220a58264f8c34855c850d0a6b0baac13d20e434b3cebbb3de64af376d
samba-common-3.0.33-3.40.el5_10.x86_64.rpm	SHA-256: afc070d0e00fb853d8431dd8d28cf715323afcf47f7de949d83b963c2141fce5
samba-debuginfo-3.0.33-3.40.el5_10.i386.rpm	SHA-256: 4e42174b762a63ee28c0fe0b2217c3d16a7170ff225ea37fb032e860be588878
samba-debuginfo-3.0.33-3.40.el5_10.x86_64.rpm	SHA-256: cd8bf365af199c4455a6ceb797048cdce217c69ef9e0c0332ae20bb2597b9327
samba-swat-3.0.33-3.40.el5_10.x86_64.rpm	SHA-256: c7271be3623b084116de005564c154e0f66c493f6fa4c805aa4805e87109def7
ia64
libsmbclient-3.0.33-3.40.el5_10.ia64.rpm	SHA-256: 69f2dc7b309c1571c6e017187c1a8e87124648c7d36235f22acd67b3fbc2700b
libsmbclient-devel-3.0.33-3.40.el5_10.ia64.rpm	SHA-256: 47e5491d6119ddc8e7e6ab010ea00cfb071a35e74b390fd84a4414beefbe3896
samba-3.0.33-3.40.el5_10.ia64.rpm	SHA-256: 41dd8c29765e59ced009fc9be4d6feea6414254014befad182bef8a35b7f6203
samba-client-3.0.33-3.40.el5_10.ia64.rpm	SHA-256: 9ca2c026ed825452cbbefd90fabf6bbed0ecc6fa63f711f480fe355a0ff49c4b
samba-common-3.0.33-3.40.el5_10.ia64.rpm	SHA-256: 24d2ada4e86be723d2a9d7516f65b06d70fe56b248e4d8c7a29ecbe25e9344cb
samba-debuginfo-3.0.33-3.40.el5_10.ia64.rpm	SHA-256: b6e991ee40c4c6c371dfee7a58288a4d46186108495104d2b0b4ad1568ea1a8f
samba-swat-3.0.33-3.40.el5_10.ia64.rpm	SHA-256: d35f26b445d5b0777e00c60e5632b9fb231e1df67755cd664b18b42018e12392
i386
libsmbclient-3.0.33-3.40.el5_10.i386.rpm	SHA-256: 0bfe6845dac6f19cc443099a0c1a8e5e1fe6e95c0b0d74ab7765264dc209e1cb
libsmbclient-devel-3.0.33-3.40.el5_10.i386.rpm	SHA-256: 77048125b45a843aafadab82aae5b8d9a6fc53631179c33c6ad0b56592ef95eb
samba-3.0.33-3.40.el5_10.i386.rpm	SHA-256: 3ac43a3222df2548e29f75ac7a2f99bedddd7807c8338716122e0f66abeb0ecf
samba-client-3.0.33-3.40.el5_10.i386.rpm	SHA-256: 9a153c8b6d9c04bd31497f933da9663b70014aa86fae958162df9800c869c4f2
samba-common-3.0.33-3.40.el5_10.i386.rpm	SHA-256: 858589220a58264f8c34855c850d0a6b0baac13d20e434b3cebbb3de64af376d
samba-debuginfo-3.0.33-3.40.el5_10.i386.rpm	SHA-256: 4e42174b762a63ee28c0fe0b2217c3d16a7170ff225ea37fb032e860be588878
samba-swat-3.0.33-3.40.el5_10.i386.rpm	SHA-256: 48cc9df271a827a54d88a7c363d4b3aa89356d04db00cdcb5e411268a0e4f8e8

Red Hat Enterprise Linux Workstation 5

SRPM
samba-3.0.33-3.40.el5_10.src.rpm	SHA-256: 3cf624e5809e6052a440d2c3c3b7171fd6f474289b8d8c9a3f208c4ac2e8a499
x86_64
libsmbclient-3.0.33-3.40.el5_10.i386.rpm	SHA-256: 0bfe6845dac6f19cc443099a0c1a8e5e1fe6e95c0b0d74ab7765264dc209e1cb
libsmbclient-3.0.33-3.40.el5_10.x86_64.rpm	SHA-256: 01087b6e9f35917c1613b84981f0ab0eb498036e7d0f4cc64478f7b48b3d7469
libsmbclient-devel-3.0.33-3.40.el5_10.i386.rpm	SHA-256: 77048125b45a843aafadab82aae5b8d9a6fc53631179c33c6ad0b56592ef95eb
libsmbclient-devel-3.0.33-3.40.el5_10.x86_64.rpm	SHA-256: e290bf418a536004838ecd218336b39204b1e5ce353d07aa494ec41720e77a48
samba-3.0.33-3.40.el5_10.x86_64.rpm	SHA-256: 50f0bf9a052c7dbce5b81748cbdbedd4ef6ed9d1c36e2213033e3470217e62da
samba-client-3.0.33-3.40.el5_10.x86_64.rpm	SHA-256: f22f50b3b8861f48360ed52845b8c659453953e82a75181d901cdbfe72fdfadd
samba-common-3.0.33-3.40.el5_10.i386.rpm	SHA-256: 858589220a58264f8c34855c850d0a6b0baac13d20e434b3cebbb3de64af376d
samba-common-3.0.33-3.40.el5_10.x86_64.rpm	SHA-256: afc070d0e00fb853d8431dd8d28cf715323afcf47f7de949d83b963c2141fce5
samba-debuginfo-3.0.33-3.40.el5_10.i386.rpm	SHA-256: 4e42174b762a63ee28c0fe0b2217c3d16a7170ff225ea37fb032e860be588878
samba-debuginfo-3.0.33-3.40.el5_10.i386.rpm	SHA-256: 4e42174b762a63ee28c0fe0b2217c3d16a7170ff225ea37fb032e860be588878
samba-debuginfo-3.0.33-3.40.el5_10.x86_64.rpm	SHA-256: cd8bf365af199c4455a6ceb797048cdce217c69ef9e0c0332ae20bb2597b9327
samba-debuginfo-3.0.33-3.40.el5_10.x86_64.rpm	SHA-256: cd8bf365af199c4455a6ceb797048cdce217c69ef9e0c0332ae20bb2597b9327
samba-swat-3.0.33-3.40.el5_10.x86_64.rpm	SHA-256: c7271be3623b084116de005564c154e0f66c493f6fa4c805aa4805e87109def7
i386
libsmbclient-3.0.33-3.40.el5_10.i386.rpm	SHA-256: 0bfe6845dac6f19cc443099a0c1a8e5e1fe6e95c0b0d74ab7765264dc209e1cb
libsmbclient-devel-3.0.33-3.40.el5_10.i386.rpm	SHA-256: 77048125b45a843aafadab82aae5b8d9a6fc53631179c33c6ad0b56592ef95eb
samba-3.0.33-3.40.el5_10.i386.rpm	SHA-256: 3ac43a3222df2548e29f75ac7a2f99bedddd7807c8338716122e0f66abeb0ecf
samba-client-3.0.33-3.40.el5_10.i386.rpm	SHA-256: 9a153c8b6d9c04bd31497f933da9663b70014aa86fae958162df9800c869c4f2
samba-common-3.0.33-3.40.el5_10.i386.rpm	SHA-256: 858589220a58264f8c34855c850d0a6b0baac13d20e434b3cebbb3de64af376d
samba-debuginfo-3.0.33-3.40.el5_10.i386.rpm	SHA-256: 4e42174b762a63ee28c0fe0b2217c3d16a7170ff225ea37fb032e860be588878
samba-debuginfo-3.0.33-3.40.el5_10.i386.rpm	SHA-256: 4e42174b762a63ee28c0fe0b2217c3d16a7170ff225ea37fb032e860be588878
samba-swat-3.0.33-3.40.el5_10.i386.rpm	SHA-256: 48cc9df271a827a54d88a7c363d4b3aa89356d04db00cdcb5e411268a0e4f8e8

Red Hat Enterprise Linux Desktop 5

SRPM
samba-3.0.33-3.40.el5_10.src.rpm	SHA-256: 3cf624e5809e6052a440d2c3c3b7171fd6f474289b8d8c9a3f208c4ac2e8a499
x86_64
libsmbclient-3.0.33-3.40.el5_10.i386.rpm	SHA-256: 0bfe6845dac6f19cc443099a0c1a8e5e1fe6e95c0b0d74ab7765264dc209e1cb
libsmbclient-3.0.33-3.40.el5_10.x86_64.rpm	SHA-256: 01087b6e9f35917c1613b84981f0ab0eb498036e7d0f4cc64478f7b48b3d7469
samba-3.0.33-3.40.el5_10.x86_64.rpm	SHA-256: 50f0bf9a052c7dbce5b81748cbdbedd4ef6ed9d1c36e2213033e3470217e62da
samba-client-3.0.33-3.40.el5_10.x86_64.rpm	SHA-256: f22f50b3b8861f48360ed52845b8c659453953e82a75181d901cdbfe72fdfadd
samba-common-3.0.33-3.40.el5_10.i386.rpm	SHA-256: 858589220a58264f8c34855c850d0a6b0baac13d20e434b3cebbb3de64af376d
samba-common-3.0.33-3.40.el5_10.x86_64.rpm	SHA-256: afc070d0e00fb853d8431dd8d28cf715323afcf47f7de949d83b963c2141fce5
samba-debuginfo-3.0.33-3.40.el5_10.i386.rpm	SHA-256: 4e42174b762a63ee28c0fe0b2217c3d16a7170ff225ea37fb032e860be588878
samba-debuginfo-3.0.33-3.40.el5_10.x86_64.rpm	SHA-256: cd8bf365af199c4455a6ceb797048cdce217c69ef9e0c0332ae20bb2597b9327
samba-swat-3.0.33-3.40.el5_10.x86_64.rpm	SHA-256: c7271be3623b084116de005564c154e0f66c493f6fa4c805aa4805e87109def7
i386
libsmbclient-3.0.33-3.40.el5_10.i386.rpm	SHA-256: 0bfe6845dac6f19cc443099a0c1a8e5e1fe6e95c0b0d74ab7765264dc209e1cb
samba-3.0.33-3.40.el5_10.i386.rpm	SHA-256: 3ac43a3222df2548e29f75ac7a2f99bedddd7807c8338716122e0f66abeb0ecf
samba-client-3.0.33-3.40.el5_10.i386.rpm	SHA-256: 9a153c8b6d9c04bd31497f933da9663b70014aa86fae958162df9800c869c4f2
samba-common-3.0.33-3.40.el5_10.i386.rpm	SHA-256: 858589220a58264f8c34855c850d0a6b0baac13d20e434b3cebbb3de64af376d
samba-debuginfo-3.0.33-3.40.el5_10.i386.rpm	SHA-256: 4e42174b762a63ee28c0fe0b2217c3d16a7170ff225ea37fb032e860be588878
samba-swat-3.0.33-3.40.el5_10.i386.rpm	SHA-256: 48cc9df271a827a54d88a7c363d4b3aa89356d04db00cdcb5e411268a0e4f8e8

Red Hat Enterprise Linux for IBM z Systems 5

SRPM
samba-3.0.33-3.40.el5_10.src.rpm	SHA-256: 3cf624e5809e6052a440d2c3c3b7171fd6f474289b8d8c9a3f208c4ac2e8a499
s390x
libsmbclient-3.0.33-3.40.el5_10.s390.rpm	SHA-256: d9a39be4921a157a352321264c52ce35bb0ed9a8b69f45abaff4723cfef3d236
libsmbclient-3.0.33-3.40.el5_10.s390x.rpm	SHA-256: 8b5d27495d80046202a3c58f4bb2ded470ad7a3e65dca30f63e8d6df832f23f5
libsmbclient-devel-3.0.33-3.40.el5_10.s390.rpm	SHA-256: 184de48b8cbfa72c7e7c8b93054d09461159f2b114eed30106fb554137cb3436
libsmbclient-devel-3.0.33-3.40.el5_10.s390x.rpm	SHA-256: 7bd207e5cbf92e2477c1749ad3edc8fd6b1e971a0f1e6261e087ec0c7f6d3017
samba-3.0.33-3.40.el5_10.s390x.rpm	SHA-256: b8fc2efe7ec2329b4b84449cbd60ec8be6646bb6e56b8c0068ef239487b37547
samba-client-3.0.33-3.40.el5_10.s390x.rpm	SHA-256: 9f66956edc3393301ac71c0264f8b3453c61ec9d846db65a3523479649c06a60
samba-common-3.0.33-3.40.el5_10.s390.rpm	SHA-256: 19d95a24a49d25f202a9655399b9e7266b0d97e9a729c297c1b7f788fdd54c96
samba-common-3.0.33-3.40.el5_10.s390x.rpm	SHA-256: 4875d4eacad3f29b0e96490d8efe5b4bf06fe83ef08035c06a1a6f415f2d2709
samba-debuginfo-3.0.33-3.40.el5_10.s390.rpm	SHA-256: 877430371d5ff0743d8147c1d33f9a18eb851a4db1a1ceaff8dd74701b9b5c36
samba-debuginfo-3.0.33-3.40.el5_10.s390x.rpm	SHA-256: 5e7e0aa5e7dfbf70c5079dc92bec8cda05f01d450c72e5fa80958163d7d1528e
samba-swat-3.0.33-3.40.el5_10.s390x.rpm	SHA-256: a79efd8408d8ee986e3856c95074b9e1d413492c2b90df0cd02e710689b0cbcc

Red Hat Enterprise Linux for Power, big endian 5

SRPM
samba-3.0.33-3.40.el5_10.src.rpm	SHA-256: 3cf624e5809e6052a440d2c3c3b7171fd6f474289b8d8c9a3f208c4ac2e8a499
ppc
libsmbclient-3.0.33-3.40.el5_10.ppc.rpm	SHA-256: 2d9cf804c25946968caa3911c41ee31e6bbbd547253ef382b32b1234a72a1754
libsmbclient-3.0.33-3.40.el5_10.ppc64.rpm	SHA-256: fe75b7f7864ee452998ee983940e82943b56e358fdc4e1b67af6dc70d2e88c25
libsmbclient-devel-3.0.33-3.40.el5_10.ppc.rpm	SHA-256: abf74ef55f43125595c0738f85c7d68e7673311164fadfbbe83b09262840137b
libsmbclient-devel-3.0.33-3.40.el5_10.ppc64.rpm	SHA-256: 97f6199f2bb57a51f96a7ab8523fc7b96c6557ef9ee464733a1938bade90fac4
samba-3.0.33-3.40.el5_10.ppc.rpm	SHA-256: e5006fd17f9d09f3028c2686cd85437d57dce7d47516ab0794372f80709e584a
samba-client-3.0.33-3.40.el5_10.ppc.rpm	SHA-256: 056976c1d4bba6c4bc04812c667d337bc968d54580fef79d8c64ed2248fe06fe
samba-common-3.0.33-3.40.el5_10.ppc.rpm	SHA-256: e15dcb37245113dfc5784c3c425a1158d31c13869eb6378831dc69720c2a1963
samba-common-3.0.33-3.40.el5_10.ppc64.rpm	SHA-256: b5931867c39b94556cf5f73d11641c3651e67750c2db3b6d86a6febdd9faa680
samba-debuginfo-3.0.33-3.40.el5_10.ppc.rpm	SHA-256: f2908fc4254d543ed459322029f9e84cfe4099b54744359338fbdf5b74ac74ea
samba-debuginfo-3.0.33-3.40.el5_10.ppc64.rpm	SHA-256: 646eba6fed753cb43b47c5b36e8381306a5d4b5f6dd4b082d87209f23f7c20a6
samba-swat-3.0.33-3.40.el5_10.ppc.rpm	SHA-256: 4e0542656fa3d7972a9c64557524d4951a3d67eadd280f8cb27c6a3949e6557a

Red Hat Enterprise Linux Server from RHUI 5

SRPM
samba-3.0.33-3.40.el5_10.src.rpm	SHA-256: 3cf624e5809e6052a440d2c3c3b7171fd6f474289b8d8c9a3f208c4ac2e8a499
x86_64
libsmbclient-3.0.33-3.40.el5_10.i386.rpm	SHA-256: 0bfe6845dac6f19cc443099a0c1a8e5e1fe6e95c0b0d74ab7765264dc209e1cb
libsmbclient-3.0.33-3.40.el5_10.x86_64.rpm	SHA-256: 01087b6e9f35917c1613b84981f0ab0eb498036e7d0f4cc64478f7b48b3d7469
libsmbclient-devel-3.0.33-3.40.el5_10.i386.rpm	SHA-256: 77048125b45a843aafadab82aae5b8d9a6fc53631179c33c6ad0b56592ef95eb
libsmbclient-devel-3.0.33-3.40.el5_10.x86_64.rpm	SHA-256: e290bf418a536004838ecd218336b39204b1e5ce353d07aa494ec41720e77a48
samba-3.0.33-3.40.el5_10.x86_64.rpm	SHA-256: 50f0bf9a052c7dbce5b81748cbdbedd4ef6ed9d1c36e2213033e3470217e62da
samba-client-3.0.33-3.40.el5_10.x86_64.rpm	SHA-256: f22f50b3b8861f48360ed52845b8c659453953e82a75181d901cdbfe72fdfadd
samba-common-3.0.33-3.40.el5_10.i386.rpm	SHA-256: 858589220a58264f8c34855c850d0a6b0baac13d20e434b3cebbb3de64af376d
samba-common-3.0.33-3.40.el5_10.x86_64.rpm	SHA-256: afc070d0e00fb853d8431dd8d28cf715323afcf47f7de949d83b963c2141fce5
samba-debuginfo-3.0.33-3.40.el5_10.i386.rpm	SHA-256: 4e42174b762a63ee28c0fe0b2217c3d16a7170ff225ea37fb032e860be588878
samba-debuginfo-3.0.33-3.40.el5_10.x86_64.rpm	SHA-256: cd8bf365af199c4455a6ceb797048cdce217c69ef9e0c0332ae20bb2597b9327
samba-swat-3.0.33-3.40.el5_10.x86_64.rpm	SHA-256: c7271be3623b084116de005564c154e0f66c493f6fa4c805aa4805e87109def7
i386
libsmbclient-3.0.33-3.40.el5_10.i386.rpm	SHA-256: 0bfe6845dac6f19cc443099a0c1a8e5e1fe6e95c0b0d74ab7765264dc209e1cb
libsmbclient-devel-3.0.33-3.40.el5_10.i386.rpm	SHA-256: 77048125b45a843aafadab82aae5b8d9a6fc53631179c33c6ad0b56592ef95eb
samba-3.0.33-3.40.el5_10.i386.rpm	SHA-256: 3ac43a3222df2548e29f75ac7a2f99bedddd7807c8338716122e0f66abeb0ecf
samba-client-3.0.33-3.40.el5_10.i386.rpm	SHA-256: 9a153c8b6d9c04bd31497f933da9663b70014aa86fae958162df9800c869c4f2
samba-common-3.0.33-3.40.el5_10.i386.rpm	SHA-256: 858589220a58264f8c34855c850d0a6b0baac13d20e434b3cebbb3de64af376d
samba-debuginfo-3.0.33-3.40.el5_10.i386.rpm	SHA-256: 4e42174b762a63ee28c0fe0b2217c3d16a7170ff225ea37fb032e860be588878
samba-swat-3.0.33-3.40.el5_10.i386.rpm	SHA-256: 48cc9df271a827a54d88a7c363d4b3aa89356d04db00cdcb5e411268a0e4f8e8

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation