Security Update:Critical Vulnerability in Samba (Linux and Unix Users)
Date and Time
Linux and Unix Samba Users
The United States-Computer Emergency Response Team reports Linux and Unix based operating systems employing Samba versions 3.5.0 through 4.2.0rc4 contains a critical vulnerability.
Advanced Users: For a complete description of the vulnerability refer to Samba – CVE-2015-0240 at https://www.samba.org/samba/security/CVE-2015-0240.
- Samba versions 3.5.0 through 4.2.0rc4
WHAT'S THE PROBLEM?
Exploitation of this vulnerability could lead to someone taking control of your computer.
HOW DO I PROTECT MY COMPUTER?
Update your software
- If you are supported by ITFS or have different IT support, no action on your part is required.
- If you do not have IT support or they do not support your computer, refer to your respective Linux OS vendor(s) for an appropriate patch.
- Debian Security Advisory DSA-3171-1 - http://www.debian.org/security/2015/dsa-3171
- Red Hat Samba vulnerability (CVE-2015-0240) - https://securityblog.redhat.com/2015/02/23/samba-vulnerability-cve-2015-...
- SUSE Bugzilla Bug 917376 - https://bugzilla.suse.com/show_bug.cgi?id=917376
- Ubuntu Security Notice USN-2508-1 - http://www.ubuntu.com/usn/usn-2508-1/
- IT Security – http://it.ucsf.edu/security