Synopsis

Important: samba security update

Type/Severity

Security Advisory: Important

Topic

An update for samba is now available for Red Hat Enterprise Linux 5.

Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.

[Updated 14 April 2016]
This advisory previously incorrectly listed the CVE-2016-2112 issue as addressed
by this update. However, this issue did not affect the samba packages on Red Hat
Enterprise Linux 5. The CVE-2016-2115 was also incorrectly listed as addressed
by this update. This issue does affect the samba packages on Red Hat Enterprise
Linux 5. Customers are advised to use the "client signing = required"
configuration option in the smb.conf file to mitigate CVE-2016-2115. No changes
have been made to the packages.

Description

Samba is an open-source implementation of the Server Message Block (SMB)
protocol and the related Common Internet File System (CIFS) protocol, which
allow PC-compatible machines to share files, printers, and various information.

Security Fix(es):

• A protocol flaw, publicly referred to as Badlock, was found in the Security
  Account Manager Remote Protocol (MS-SAMR) and the Local Security Authority
  (Domain Policy) Remote Protocol (MS-LSAD). Any authenticated DCE/RPC connection
  that a client initiates against a server could be used by a man-in-the-middle
  attacker to impersonate the authenticated user against the SAMR or LSA service
  on the server. As a result, the attacker would be able to get read/write access
  to the Security Account Manager database, and use this to reveal all passwords
  or any other potentially sensitive information in that database. (CVE-2016-2118)
  
• Several flaws were found in Samba's implementation of NTLMSSP authentication.
  An unauthenticated, man-in-the-middle attacker could use this flaw to clear the
  encryption and integrity flags of a connection, causing data to be transmitted
  in plain text. The attacker could also force the client or server into sending
  data in plain text even if encryption was explicitly requested for that
  connection. (CVE-2016-2110)
  
• It was discovered that Samba configured as a Domain Controller would establish
  a secure communication channel with a machine using a spoofed computer name. A
  remote attacker able to observe network traffic could use this flaw to obtain
  session-related information about the spoofed machine. (CVE-2016-2111)
  

Red Hat would like to thank the Samba project for reporting these issues.
Upstream acknowledges Stefan Metzmacher (SerNet) as the original reporter of
CVE-2016-2118 and CVE-2016-2110.

Solution

For details on how to apply this update, which includes the changes described in
this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, the smb service will be restarted automatically.

Affected Products

• Red Hat Enterprise Linux Server 5 x86_64
• Red Hat Enterprise Linux Server 5 ia64
• Red Hat Enterprise Linux Server 5 i386
• Red Hat Enterprise Linux Workstation 5 x86_64
• Red Hat Enterprise Linux Workstation 5 i386
• Red Hat Enterprise Linux Desktop 5 x86_64
• Red Hat Enterprise Linux Desktop 5 i386
• Red Hat Enterprise Linux for IBM z Systems 5 s390x
• Red Hat Enterprise Linux for Power, big endian 5 ppc
• Red Hat Enterprise Linux Server from RHUI 5 x86_64
• Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

• BZ - 1311893 - CVE-2016-2110 samba: Man-in-the-middle attacks possible with NTLMSSP authentication
• BZ - 1311902 - CVE-2016-2111 samba: Spoofing vulnerability when domain controller is configured
• BZ - 1317990 - CVE-2016-2118 samba: SAMR and LSA man in the middle attacks

CVEs

• CVE-2016-2118
• CVE-2016-2111
• CVE-2016-2110

References

• https://access.redhat.com/security/updates/classification/#important
• https://access.redhat.com/security/vulnerabilities/badlock
• https://access.redhat.com/articles/2253041
• http://badlock.org/
• https://access.redhat.com/articles/2243351

Red Hat Enterprise Linux Server 5

SRPM
samba-3.0.33-3.41.el5_11.src.rpm	SHA-256: 3cdec38cef12c4efcce23e315783820f321e054b76f48377e595915c7bb835e5
x86_64
libsmbclient-3.0.33-3.41.el5_11.i386.rpm	SHA-256: e181838e02bccbf1101a57be49a878489575ef58f79afd057b6502dd4de9ffd1
libsmbclient-3.0.33-3.41.el5_11.x86_64.rpm	SHA-256: add4d235c0b6399eeff319e63df058d129b5239e1810b1480e20963952d27152
libsmbclient-devel-3.0.33-3.41.el5_11.i386.rpm	SHA-256: c0fda9223806127b37f88574b20e5954964e8e6606f4ef39d8f786ab1ac34ecd
libsmbclient-devel-3.0.33-3.41.el5_11.x86_64.rpm	SHA-256: 80b4f335ff524e255578f3cdf57590fa090bc8657a03be723042d47505590790
samba-3.0.33-3.41.el5_11.x86_64.rpm	SHA-256: 1619806f615cdee0da6e641f24c2b14c1d3c19659f50afe69698ebe22365fc13
samba-client-3.0.33-3.41.el5_11.x86_64.rpm	SHA-256: a3957350f65d6f59556d7dd30ce4ef48228b2497eb9c8c820399a23bf5821f22
samba-common-3.0.33-3.41.el5_11.i386.rpm	SHA-256: 807819894d04dcf1f0e60ad96269905c630539e446dc59f78975af72fea65870
samba-common-3.0.33-3.41.el5_11.x86_64.rpm	SHA-256: 80af10da2fc39237cd4b92e5b53f874413d2ebf32f39e332e6c573cf4c71ded7
samba-debuginfo-3.0.33-3.41.el5_11.i386.rpm	SHA-256: ee5212bffd5d80d8a7ef7b86bb93a8bb21668bfe5d5bf0d8b13a46fa921c0f9f
samba-debuginfo-3.0.33-3.41.el5_11.x86_64.rpm	SHA-256: 089e20c872eb8d2b6e621126de96f25361a9280498907b557ea9221f304d8add
samba-swat-3.0.33-3.41.el5_11.x86_64.rpm	SHA-256: d703fc9d41721e0cfc3f620d33a9dbbef783d3902286691520825d2140f02457
ia64
libsmbclient-3.0.33-3.41.el5_11.ia64.rpm	SHA-256: 5ddb859bd322959e640a024bd42f071c5bf852ef91d2f053c7ee39ef1ba8b639
libsmbclient-devel-3.0.33-3.41.el5_11.ia64.rpm	SHA-256: 00316fdeae234a616b8603e0d2a82001a026cf56b13a3323149993047ce29c8e
samba-3.0.33-3.41.el5_11.ia64.rpm	SHA-256: 351c84e3e90572306f084b17f065fc944383826ddff4e29a279f3ed8e260ccb7
samba-client-3.0.33-3.41.el5_11.ia64.rpm	SHA-256: e66b9e0a5bbbfa73a62df96a05e0c28b742fec83fcdf17ea0b2bac3edc5f2e2e
samba-common-3.0.33-3.41.el5_11.ia64.rpm	SHA-256: a328437f5ece44c6f3f0c0b9b3b7bff7aae51719eb3b8ad13a9dd8382137d9f8
samba-debuginfo-3.0.33-3.41.el5_11.ia64.rpm	SHA-256: 2938b05791c44389fe6a174c8c05d2d6be5145b965e37a83fef9238625a74be8
samba-swat-3.0.33-3.41.el5_11.ia64.rpm	SHA-256: 9e32c05b22c31fc4516b684460530b9fb8164644d29761a6e956e3c58412d67c
i386
libsmbclient-3.0.33-3.41.el5_11.i386.rpm	SHA-256: e181838e02bccbf1101a57be49a878489575ef58f79afd057b6502dd4de9ffd1
libsmbclient-devel-3.0.33-3.41.el5_11.i386.rpm	SHA-256: c0fda9223806127b37f88574b20e5954964e8e6606f4ef39d8f786ab1ac34ecd
samba-3.0.33-3.41.el5_11.i386.rpm	SHA-256: 97e25b74ab8327c7c121cafb9aa4d50229146195c4ebb5fed848ee6a9a117a3c
samba-client-3.0.33-3.41.el5_11.i386.rpm	SHA-256: 33106606080580396d9dddbd325b9902a212afb4e7cbba13537e30a287838aef
samba-common-3.0.33-3.41.el5_11.i386.rpm	SHA-256: 807819894d04dcf1f0e60ad96269905c630539e446dc59f78975af72fea65870
samba-debuginfo-3.0.33-3.41.el5_11.i386.rpm	SHA-256: ee5212bffd5d80d8a7ef7b86bb93a8bb21668bfe5d5bf0d8b13a46fa921c0f9f
samba-swat-3.0.33-3.41.el5_11.i386.rpm	SHA-256: 522cb06e96cd6d7dfb437c227e99885cc9e25b8fca6863373c11d179a6804a0c

Red Hat Enterprise Linux Workstation 5

SRPM
samba-3.0.33-3.41.el5_11.src.rpm	SHA-256: 3cdec38cef12c4efcce23e315783820f321e054b76f48377e595915c7bb835e5
x86_64
libsmbclient-3.0.33-3.41.el5_11.i386.rpm	SHA-256: e181838e02bccbf1101a57be49a878489575ef58f79afd057b6502dd4de9ffd1
libsmbclient-3.0.33-3.41.el5_11.x86_64.rpm	SHA-256: add4d235c0b6399eeff319e63df058d129b5239e1810b1480e20963952d27152
libsmbclient-devel-3.0.33-3.41.el5_11.i386.rpm	SHA-256: c0fda9223806127b37f88574b20e5954964e8e6606f4ef39d8f786ab1ac34ecd
libsmbclient-devel-3.0.33-3.41.el5_11.x86_64.rpm	SHA-256: 80b4f335ff524e255578f3cdf57590fa090bc8657a03be723042d47505590790
samba-3.0.33-3.41.el5_11.x86_64.rpm	SHA-256: 1619806f615cdee0da6e641f24c2b14c1d3c19659f50afe69698ebe22365fc13
samba-client-3.0.33-3.41.el5_11.x86_64.rpm	SHA-256: a3957350f65d6f59556d7dd30ce4ef48228b2497eb9c8c820399a23bf5821f22
samba-common-3.0.33-3.41.el5_11.i386.rpm	SHA-256: 807819894d04dcf1f0e60ad96269905c630539e446dc59f78975af72fea65870
samba-common-3.0.33-3.41.el5_11.x86_64.rpm	SHA-256: 80af10da2fc39237cd4b92e5b53f874413d2ebf32f39e332e6c573cf4c71ded7
samba-debuginfo-3.0.33-3.41.el5_11.i386.rpm	SHA-256: ee5212bffd5d80d8a7ef7b86bb93a8bb21668bfe5d5bf0d8b13a46fa921c0f9f
samba-debuginfo-3.0.33-3.41.el5_11.i386.rpm	SHA-256: ee5212bffd5d80d8a7ef7b86bb93a8bb21668bfe5d5bf0d8b13a46fa921c0f9f
samba-debuginfo-3.0.33-3.41.el5_11.x86_64.rpm	SHA-256: 089e20c872eb8d2b6e621126de96f25361a9280498907b557ea9221f304d8add
samba-debuginfo-3.0.33-3.41.el5_11.x86_64.rpm	SHA-256: 089e20c872eb8d2b6e621126de96f25361a9280498907b557ea9221f304d8add
samba-swat-3.0.33-3.41.el5_11.x86_64.rpm	SHA-256: d703fc9d41721e0cfc3f620d33a9dbbef783d3902286691520825d2140f02457
i386
libsmbclient-3.0.33-3.41.el5_11.i386.rpm	SHA-256: e181838e02bccbf1101a57be49a878489575ef58f79afd057b6502dd4de9ffd1
libsmbclient-devel-3.0.33-3.41.el5_11.i386.rpm	SHA-256: c0fda9223806127b37f88574b20e5954964e8e6606f4ef39d8f786ab1ac34ecd
samba-3.0.33-3.41.el5_11.i386.rpm	SHA-256: 97e25b74ab8327c7c121cafb9aa4d50229146195c4ebb5fed848ee6a9a117a3c
samba-client-3.0.33-3.41.el5_11.i386.rpm	SHA-256: 33106606080580396d9dddbd325b9902a212afb4e7cbba13537e30a287838aef
samba-common-3.0.33-3.41.el5_11.i386.rpm	SHA-256: 807819894d04dcf1f0e60ad96269905c630539e446dc59f78975af72fea65870
samba-debuginfo-3.0.33-3.41.el5_11.i386.rpm	SHA-256: ee5212bffd5d80d8a7ef7b86bb93a8bb21668bfe5d5bf0d8b13a46fa921c0f9f
samba-debuginfo-3.0.33-3.41.el5_11.i386.rpm	SHA-256: ee5212bffd5d80d8a7ef7b86bb93a8bb21668bfe5d5bf0d8b13a46fa921c0f9f
samba-swat-3.0.33-3.41.el5_11.i386.rpm	SHA-256: 522cb06e96cd6d7dfb437c227e99885cc9e25b8fca6863373c11d179a6804a0c

Red Hat Enterprise Linux Desktop 5

SRPM
samba-3.0.33-3.41.el5_11.src.rpm	SHA-256: 3cdec38cef12c4efcce23e315783820f321e054b76f48377e595915c7bb835e5
x86_64
libsmbclient-3.0.33-3.41.el5_11.i386.rpm	SHA-256: e181838e02bccbf1101a57be49a878489575ef58f79afd057b6502dd4de9ffd1
libsmbclient-3.0.33-3.41.el5_11.x86_64.rpm	SHA-256: add4d235c0b6399eeff319e63df058d129b5239e1810b1480e20963952d27152
samba-3.0.33-3.41.el5_11.x86_64.rpm	SHA-256: 1619806f615cdee0da6e641f24c2b14c1d3c19659f50afe69698ebe22365fc13
samba-client-3.0.33-3.41.el5_11.x86_64.rpm	SHA-256: a3957350f65d6f59556d7dd30ce4ef48228b2497eb9c8c820399a23bf5821f22
samba-common-3.0.33-3.41.el5_11.i386.rpm	SHA-256: 807819894d04dcf1f0e60ad96269905c630539e446dc59f78975af72fea65870
samba-common-3.0.33-3.41.el5_11.x86_64.rpm	SHA-256: 80af10da2fc39237cd4b92e5b53f874413d2ebf32f39e332e6c573cf4c71ded7
samba-debuginfo-3.0.33-3.41.el5_11.i386.rpm	SHA-256: ee5212bffd5d80d8a7ef7b86bb93a8bb21668bfe5d5bf0d8b13a46fa921c0f9f
samba-debuginfo-3.0.33-3.41.el5_11.x86_64.rpm	SHA-256: 089e20c872eb8d2b6e621126de96f25361a9280498907b557ea9221f304d8add
samba-swat-3.0.33-3.41.el5_11.x86_64.rpm	SHA-256: d703fc9d41721e0cfc3f620d33a9dbbef783d3902286691520825d2140f02457
i386
libsmbclient-3.0.33-3.41.el5_11.i386.rpm	SHA-256: e181838e02bccbf1101a57be49a878489575ef58f79afd057b6502dd4de9ffd1
samba-3.0.33-3.41.el5_11.i386.rpm	SHA-256: 97e25b74ab8327c7c121cafb9aa4d50229146195c4ebb5fed848ee6a9a117a3c
samba-client-3.0.33-3.41.el5_11.i386.rpm	SHA-256: 33106606080580396d9dddbd325b9902a212afb4e7cbba13537e30a287838aef
samba-common-3.0.33-3.41.el5_11.i386.rpm	SHA-256: 807819894d04dcf1f0e60ad96269905c630539e446dc59f78975af72fea65870
samba-debuginfo-3.0.33-3.41.el5_11.i386.rpm	SHA-256: ee5212bffd5d80d8a7ef7b86bb93a8bb21668bfe5d5bf0d8b13a46fa921c0f9f
samba-swat-3.0.33-3.41.el5_11.i386.rpm	SHA-256: 522cb06e96cd6d7dfb437c227e99885cc9e25b8fca6863373c11d179a6804a0c

Red Hat Enterprise Linux for IBM z Systems 5

SRPM
samba-3.0.33-3.41.el5_11.src.rpm	SHA-256: 3cdec38cef12c4efcce23e315783820f321e054b76f48377e595915c7bb835e5
s390x
libsmbclient-3.0.33-3.41.el5_11.s390.rpm	SHA-256: f9e8dee12cafa95bbd6216715316ae9c3f682648dada3ed88bad1e05148188fb
libsmbclient-3.0.33-3.41.el5_11.s390x.rpm	SHA-256: 9bed20bc3f29c5dc995d3af9d41f873fbbfca73a6f9a16afbb836e969dacc7e7
libsmbclient-devel-3.0.33-3.41.el5_11.s390.rpm	SHA-256: 2bdbd5ae0d0852a833a4e9b0c6cef8f91d650b944a82636ccf8ead5e1cc7b7d5
libsmbclient-devel-3.0.33-3.41.el5_11.s390x.rpm	SHA-256: 9ddd636057e87c49d6981bd0bd528415de51a898aab1e06622695af8da6f3f15
samba-3.0.33-3.41.el5_11.s390x.rpm	SHA-256: 7e65c2641bce057b21607ae0d8b031c73b0e1ec832972fd8d5838649ed4bad8a
samba-client-3.0.33-3.41.el5_11.s390x.rpm	SHA-256: 697be1dc9d0747318625035894bd9070b981e35b938df8041c12e365f13d24f4
samba-common-3.0.33-3.41.el5_11.s390.rpm	SHA-256: a8ce6974f3e809115e1d050d5d1b28cffe8bd778c586ffab27df57c7812b4021
samba-common-3.0.33-3.41.el5_11.s390x.rpm	SHA-256: 0c00912824c0b7e8173e9463126e3c8514e154aede5f4181e6bc01427be4cc56
samba-debuginfo-3.0.33-3.41.el5_11.s390.rpm	SHA-256: 291b6400d08c4713df98183c0623e2fb0b138c5ba8284fcb0eef1b524715bf8e
samba-debuginfo-3.0.33-3.41.el5_11.s390x.rpm	SHA-256: b2e4362be99b0b9a4f6a0174898ceb51786dbe52f08544edb535e9669d2e0702
samba-swat-3.0.33-3.41.el5_11.s390x.rpm	SHA-256: 6b582967667528a4621e4c103c66faaf1416b59c5d6946a333eb8b7ca126d6f8

Red Hat Enterprise Linux for Power, big endian 5

SRPM
samba-3.0.33-3.41.el5_11.src.rpm	SHA-256: 3cdec38cef12c4efcce23e315783820f321e054b76f48377e595915c7bb835e5
ppc
libsmbclient-3.0.33-3.41.el5_11.ppc.rpm	SHA-256: 45074b9db2b4f0cecaebc2e4cfea56100c77e224414660c50ef0af4f7083c6fd
libsmbclient-3.0.33-3.41.el5_11.ppc64.rpm	SHA-256: 88888b60f33d75c371917d8f486888d5997d4cdaf2044ed16a9941bc9b2f3129
libsmbclient-devel-3.0.33-3.41.el5_11.ppc.rpm	SHA-256: 3c739083bad3b1a6994f54f6b04ea51630b9ed6ceae6ae5683b0ae9151000c8f
libsmbclient-devel-3.0.33-3.41.el5_11.ppc64.rpm	SHA-256: fb4dd124df76552d98be8d28ac77a6506c9d149b5e7922f2e26b1ee50a0d9d62
samba-3.0.33-3.41.el5_11.ppc.rpm	SHA-256: 89fa370b085fc60a8c7e835496f16c07bebe609aa07622a84e569c45dbdfd0d9
samba-client-3.0.33-3.41.el5_11.ppc.rpm	SHA-256: 45cd606079095a9fbeed3ec72e16339e9ccd11e2e970789e8bedb36c8606b4c7
samba-common-3.0.33-3.41.el5_11.ppc.rpm	SHA-256: 73a520835a8c496c36d739c4b4fa4840f46dd49a38c82bed33d46eb27f0242a7
samba-common-3.0.33-3.41.el5_11.ppc64.rpm	SHA-256: df475dc01fdb8fd60f5412ba10dbddee9b2ec380bb87efd82352583276c0b49d
samba-debuginfo-3.0.33-3.41.el5_11.ppc.rpm	SHA-256: d86b99615a59382842429bade2da06605d882b6ebc4973d788bb1d0475ffc657
samba-debuginfo-3.0.33-3.41.el5_11.ppc64.rpm	SHA-256: a2c8a18ef8a80beac4c57750fc6f3b15943cde51a178ef5215ee63eb4a20d9b5
samba-swat-3.0.33-3.41.el5_11.ppc.rpm	SHA-256: fb50f2fb2d9b0dc688694dfefcb6f36bd7368ab3ea97fc34e1b24bed85e77ead

Red Hat Enterprise Linux Server from RHUI 5

SRPM
samba-3.0.33-3.41.el5_11.src.rpm	SHA-256: 3cdec38cef12c4efcce23e315783820f321e054b76f48377e595915c7bb835e5
x86_64
libsmbclient-3.0.33-3.41.el5_11.i386.rpm	SHA-256: e181838e02bccbf1101a57be49a878489575ef58f79afd057b6502dd4de9ffd1
libsmbclient-3.0.33-3.41.el5_11.x86_64.rpm	SHA-256: add4d235c0b6399eeff319e63df058d129b5239e1810b1480e20963952d27152
libsmbclient-devel-3.0.33-3.41.el5_11.i386.rpm	SHA-256: c0fda9223806127b37f88574b20e5954964e8e6606f4ef39d8f786ab1ac34ecd
libsmbclient-devel-3.0.33-3.41.el5_11.x86_64.rpm	SHA-256: 80b4f335ff524e255578f3cdf57590fa090bc8657a03be723042d47505590790
samba-3.0.33-3.41.el5_11.x86_64.rpm	SHA-256: 1619806f615cdee0da6e641f24c2b14c1d3c19659f50afe69698ebe22365fc13
samba-client-3.0.33-3.41.el5_11.x86_64.rpm	SHA-256: a3957350f65d6f59556d7dd30ce4ef48228b2497eb9c8c820399a23bf5821f22
samba-common-3.0.33-3.41.el5_11.i386.rpm	SHA-256: 807819894d04dcf1f0e60ad96269905c630539e446dc59f78975af72fea65870
samba-common-3.0.33-3.41.el5_11.x86_64.rpm	SHA-256: 80af10da2fc39237cd4b92e5b53f874413d2ebf32f39e332e6c573cf4c71ded7
samba-debuginfo-3.0.33-3.41.el5_11.i386.rpm	SHA-256: ee5212bffd5d80d8a7ef7b86bb93a8bb21668bfe5d5bf0d8b13a46fa921c0f9f
samba-debuginfo-3.0.33-3.41.el5_11.x86_64.rpm	SHA-256: 089e20c872eb8d2b6e621126de96f25361a9280498907b557ea9221f304d8add
samba-swat-3.0.33-3.41.el5_11.x86_64.rpm	SHA-256: d703fc9d41721e0cfc3f620d33a9dbbef783d3902286691520825d2140f02457
i386
libsmbclient-3.0.33-3.41.el5_11.i386.rpm	SHA-256: e181838e02bccbf1101a57be49a878489575ef58f79afd057b6502dd4de9ffd1
libsmbclient-devel-3.0.33-3.41.el5_11.i386.rpm	SHA-256: c0fda9223806127b37f88574b20e5954964e8e6606f4ef39d8f786ab1ac34ecd
samba-3.0.33-3.41.el5_11.i386.rpm	SHA-256: 97e25b74ab8327c7c121cafb9aa4d50229146195c4ebb5fed848ee6a9a117a3c
samba-client-3.0.33-3.41.el5_11.i386.rpm	SHA-256: 33106606080580396d9dddbd325b9902a212afb4e7cbba13537e30a287838aef
samba-common-3.0.33-3.41.el5_11.i386.rpm	SHA-256: 807819894d04dcf1f0e60ad96269905c630539e446dc59f78975af72fea65870
samba-debuginfo-3.0.33-3.41.el5_11.i386.rpm	SHA-256: ee5212bffd5d80d8a7ef7b86bb93a8bb21668bfe5d5bf0d8b13a46fa921c0f9f
samba-swat-3.0.33-3.41.el5_11.i386.rpm	SHA-256: 522cb06e96cd6d7dfb437c227e99885cc9e25b8fca6863373c11d179a6804a0c