切片 切片 切片 切片 切片 切片 切片 切片 切片 切片 切片 编组 3 切片 切片 路径 2 download 工具 配置对比 手册 切片 切片
Samba 远程代码执行漏洞
2016-03-02知识编号:147159
催更新

Lenovo 安全公告:LEN-2015-016



潜在影响:执行任意代码



重要性



摘要:



Samba 是服务器消息块(SMB)或通用 Internet 文件系统(CIFS)协议的一种开源实现,兼容 PC 的机器可通过它共享文件、打印机和其他信息。已发现 Samba 后台程序(smbd)中存在未初始化指针使用缺陷。恶意 Samba 客户端可能会发送特别制作的 Netlogon 数据包,这可能使其能够使用运行 smbd 的用户的权限来执行任意代码。



LenovoEMC 网络存储设备随附的 Lifeline 固件就采用了 Samba。 有关修复的信息,请参阅“产品影响”部分。


产品影响:




     

受影响的产品



     


     

最低 Lifeline 版本,包括修复程序



     


     

链接



     


     

LenovoEMC px12-400r



     


     

 4.1.110.33149



     


     

https://lenovo-na-en.custhelp.com/app/answers/detail/a_id/32028



     


     

LenovoEMC EZ Media & Backup(hm3)



     


     

 4.1.110.33149



     


     

https://lenovo-na-en.custhelp.com/app/answers/detail/a_id/32028



     


     

LenovoEMC ix2(包括 DL)



     


     

4.1.110.33149



     


     

https://lenovo-na-en.custhelp.com/app/answers/detail/a_id/31178



     


     

LenovoEMC ix4-300d(包括 DL)



     


     

4.1.110.33149



     


     

https://lenovo-na-en.custhelp.com/app/answers/detail/a_id/32094



     


     

LenovoEMC px2-300d(包括 NVR)



     


     

4.1.110.33149



     


     

https://lenovo-na-en.custhelp.com/app/answers/detail/a_id/32094



     


     

LenovoEMC px4-300d(包括 NVR)



     


     

4.1.110.33149



     


     

https://lenovo-na-en.custhelp.com/app/answers/detail/a_id/27363



     


     

LenovoEMC px4-300r



     


     

4.1.110.33149



     


     

https://lenovo-na-en.custhelp.com/app/answers/detail/a_id/27368



     


     

LenovoEMC px4-400d



     


     

4.1.110.33149



     


     

https://lenovo-na-en.custhelp.com/app/answers/detail/a_id/33814



     


     

LenovoEMC px4-400d NVR



     


     

4.1.110.33149



     


     

https://lenovo-na-en.custhelp.com/app/answers/detail/a_id/33814



     


     

LenovoEMC px4-400r



     


     

4.1.110.33149



     


     

https://lenovo-na-en.custhelp.com/app/answers/detail/a_id/33824



     


     

LenovoEMC px6-300d



     


     

4.1.110.33149



     


     

https://lenovo-na-en.custhelp.com/app/answers/detail/a_id/27366



     


     

LenovoEMC px12-400r



     


     

4.1.110.33149



     


     

https://lenovo-na-en.custhelp.com/app/answers/detail/a_id/32092



     


     

LenovoEMC px12-450r



     


     

4.1.110.33149



     


     

https://lenovo-na-en.custhelp.com/app/answers/detail/a_id/32092



     


     

LenovoEMC ix12-300r



     


     

4.0.18.33013



     


     

https://lenovo-na-en.custhelp.com/app/answers/detail/a_id/23142



     


     

LenovoEMC px12-350r



     


     

4.0.18.33013



     


     

https://lenovo-na-en.custhelp.com/app/answers/detail/a_id/23142



     


     

LenovoEMC Home Media Cloud Edition(hm2)



     


     

3.2.12.30116



     


     

https://lenovo-na-en.custhelp.com/app/answers/detail/a_id/26784



     


     

LenovoEMC ix2-200 Cloud Edition



     


     

3.2.12.30116



     


     

https://lenovo-na-en.custhelp.com/app/answers/detail/a_id/26784



     


     

LenovoEMC ix4-200d Cloud Edition



     


     

3.2.12.30116



     


     

https://lenovo-na-en.custhelp.com/app/answers/detail/a_id/26784



     


备注:

致谢:



无。



其他信息和参考资料:



https://www.us-cert.gov/ncas/current-activity/2015/02/24/Samba-Remote-Code-Execution-Vulnerability



CVE ID:CVE-2015-0240



修订历史:



     

版本



     


     

日期



     


     

描述



     


     

1.1



     


     

06/06/2015



     


     

发布其他修复程序



     


     

1.0



     


     

04/03/2015



     


     

初始版本



     


                       

0
知识有用,就点一下~
0
收藏 :
分享 :

鐢ㄦ埛鍚嶄笉姝g‘

鐧诲綍
鍏朵粬鐧诲綍鏂瑰紡

鎵撳紑鑱旀兂鏅洪€堿pp鎵爜杩涜鐧诲綍

鎵弿鎴愬姛!

璇峰嬁鍒锋柊鏈〉闈紝鎸夋墜鏈烘彁绀烘搷浣滐紒

浜岀淮鐮佸凡澶辨晥
鍒锋柊