Main Vulnerability Database SB2017113028

SB2017113028 - OpenSUSE Linux update for samba

Published: November 30, 2017

Security Bulletin ID SB2017113028

Severity

Medium

Patch available

YES

Number of vulnerabilities 2

Exploitation vector Adjecent network

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Use-after-free (CVE-ID: CVE-2017-14746)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a use-after-free error when processing SMB1 requests. A remote attacker can send a specially crafted SMB1 request to vulnerable server, trigger heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable SMB server.

2) Memory leak (CVE-ID: CVE-2017-15275)

The vulnerability allows a remote attacker to access potentially sensitive information.

The vulnerability exists due to uncleared heap memory is sent to the client. A remote attacker can obtain potentially sensitive information and use it in further attacks.

Remediation

Install update from vendor's website.

References

https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00064.html