CESA-2017:0744 -- centos 6 samba4ID: oval:org.secpod.oval:def:204654 | Date: (C)2018-04-30 (M)2023-07-28 |
Class: PATCH | Family: unix |
Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. Security Fix: * It was found that Samba always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users. * A flaw was found in the way Samba handled PAC checksums. A remote, authenticated attacker could use this flaw to crash the winbindd process. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 6.9 Release Notes and Red Hat Enterprise Linux 6.9 Technical Notes linked from the References section.