Amazon Linux AMI update for libldb



Published: 2016-01-18
Risk Medium
Patch available YES
Number of vulnerabilities 2
CVE-ID CVE-2015-3223
CVE-2015-5330
CWE-ID CWE-20
CWE-200
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		Amazon Linux AMI
Operating systems & Components / Operating system

Vendor Amazon Web Services

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Input validation error

EUVDB-ID: #VU33812

Risk: Medium

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2015-3223

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The ldb_wildcard_compare function in ldb_match.c in ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles certain zero values, which allows remote attackers to cause a denial of service (infinite loop) via crafted packets.

Mitigation

Update the affected packages:

i686:
    pyldb-1.1.20-1.7.amzn1.i686
    pyldb-devel-1.1.20-1.7.amzn1.i686
    libldb-devel-1.1.20-1.7.amzn1.i686
    libldb-debuginfo-1.1.20-1.7.amzn1.i686
    ldb-tools-1.1.20-1.7.amzn1.i686
    libldb-1.1.20-1.7.amzn1.i686

src:
    libldb-1.1.20-1.7.amzn1.src

x86_64:
    pyldb-1.1.20-1.7.amzn1.x86_64
    ldb-tools-1.1.20-1.7.amzn1.x86_64
    libldb-1.1.20-1.7.amzn1.x86_64
    pyldb-devel-1.1.20-1.7.amzn1.x86_64
    libldb-debuginfo-1.1.20-1.7.amzn1.x86_64
    libldb-devel-1.1.20-1.7.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

External links

http://alas.aws.amazon.com/ALAS-2016-633.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Information disclosure

EUVDB-ID: #VU32350

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2015-5330

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles string lengths, which allows remote attackers to obtain sensitive information from daemon heap memory by sending crafted packets and then reading (1) an error message or (2) a database value.

Mitigation

Update the affected packages:

i686:
    pyldb-1.1.20-1.7.amzn1.i686
    pyldb-devel-1.1.20-1.7.amzn1.i686
    libldb-devel-1.1.20-1.7.amzn1.i686
    libldb-debuginfo-1.1.20-1.7.amzn1.i686
    ldb-tools-1.1.20-1.7.amzn1.i686
    libldb-1.1.20-1.7.amzn1.i686

src:
    libldb-1.1.20-1.7.amzn1.src

x86_64:
    pyldb-1.1.20-1.7.amzn1.x86_64
    ldb-tools-1.1.20-1.7.amzn1.x86_64
    libldb-1.1.20-1.7.amzn1.x86_64
    pyldb-devel-1.1.20-1.7.amzn1.x86_64
    libldb-debuginfo-1.1.20-1.7.amzn1.x86_64
    libldb-devel-1.1.20-1.7.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

External links

http://alas.aws.amazon.com/ALAS-2016-633.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###