USN-3092-1: Samba vulnerability
USN-3092-1: Samba vulnerability Ubuntu Security Notice USN-3092-1 28th September, 2016 samba vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary Samba could be tricked into connecting to impersonated servers. Software description samba – SMB/CIFS file, print, and login server for Unix Details Stefan Metzmacher discovered that Samba incorrectly handled certain flagsin SMB2/3 client connections. A remote attacker could use this issue todisable client signing and impersonate servers by performing a man in themiddle attack. Samba has been updated to 4.3.11 in Ubuntu 14.04 LTS and Ubuntu 16.04 LTS.In addition to the security fix, the updated packages contain bug fixes,new features, and possibly incompatible changes. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 16.04 LTS: samba 2:4.3.11+dfsg-0ubuntu0.16.04.1 Ubuntu 14.04 LTS: samba 2:4.3.11+dfsg-0ubuntu0.14.04.1 [ more… ]