Security Bulletin
Summary
Open Source Samba is used by IBM Netezza Host Mangement. IBM Netezza Host Management has addressed the applicable CVEs.
Vulnerability Details
CVEID: CVE-2017-12163
DESCRIPTION: Samba could allow a remote authenticated attacker to obtain sensitive information, caused by a memory leak over SMB1. By sending specially crafted SMB1 data, an attacker could exploit this vulnerability to cause portions of server memory contents to be written to a file and obtain sensitive information.
CVSS Base Score: 6.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/132351 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)
CVEID: CVE-2017-12151
DESCRIPTION: Samba could provide weaker than expected security, caused by the failure to properly sign and encrypt DFS redirects when the max protocol for the original connection is set as 'SMB3'. An attacker could exploit this vulnerability using man-in-the-middle techniques to read and alter confidential documents.
CVSS Base Score: 7.4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/132350 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N)
CVEID: CVE-2017-12150
DESCRIPTION: Samba could allow a remote attacker to obtain sensitive information, caused by the failure to require SMB signing in SMB1/2/3 connections. An attacker could exploit this vulnerability using man-in-the-middle techniques to hijack client connections and obtain sensitive information.
CVSS Base Score: 5.9
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/132349 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVEID: CVE-2017-14746
DESCRIPTION: Samba could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free memory error. By sending a specially crafted SMB1 request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base Score: 9.8
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/135222 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2017-15275
DESCRIPTION: Samba could allow a remote attacker to obtain sensitive information, caused by a heap memory information leak. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain password hashes or other high-value data.
CVSS Base Score: 7.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/135221 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
Affected Products and Versions
- IBM Netezza Host Management 5.4.5.0 - 5.4.15.0
Remediation/Fixes
To resolve the reported CVE CVE-2017-12163, CVE-2017-12150, CVE-2017-14746 and CVE-2017-15275 for Red Hat Enterprise Linux (RHEL) on PureData System for Analytics N200x and N3001 platforms only, update to the following IBM Netezza Host Management release:
| Product | VRMF | Remediation/First Fix |
| IBM Netezza Host Management | 5.4.16.0 | Link to Fix Central |
The Netezza Host Management software contains the latest RHEL updates for the operating systems certified for use on IBM Netezza/PureData System for Analytics appliances. IBM recommends upgrading to the latest Netezza Host Management version to ensure that your hosts have the latest fixes, security changes, and operating system updates. IBM Support can assist you with planning for the Netezza Host Management and operating system upgrades to your appliances.
For more details on IBM Netezza Host Management security patching:
Workarounds and Mitigations
Mitigation of the reported CVE CVE-2017-12163 and CVE-2017-12150 applies to the following platforms only:
PureData System for Analytics N1001
IBM Netezza High Capacity Appliance C1000
IBM Netezza 1000
IBM Netezza 100
Execute below steps using "root" user on both ha1/ha2 hosts
Step 1. Check if Samba module is installed in the host
[host]# rpm -qa | grep samba
Step 2. Check if Samba service is running
[host]# /etc/init.d/smb status
Step 3. If Samba service is running, stop the smb service
[host]# /etc/init.d/smb stop
Step 4. Backup the /etc/samba/smb.conf file
[host]# cp /etc/samba/smb.conf /etc/samba/smb.conf_backup
Step 5. Edit the /etc/samba/smb.conf and set following parameter as below:
client signing = required
Also add following parameter in global settings as below:
#============ Global Settings ==========
[global]
server min protocol = SMB2_02
Step 6. Start the smb services using below command:
[host]# /etc/init.d/smb start
Note : If samba configuration file smb.conf is changed/modified in future, please verify if above settings is changed. If changed please make sure to mitigate this issue by following steps 2 to 6.
Mitigation of the reported CVE CVE-2017-12151 on PureData System for Analytics N200x and N3001 platforms only :
Execute below steps using "root" user on both ha1/ha2 hosts
Step 1. Check if Samba module is installed in the host
[host]# rpm -qa | grep samba
Step 2. Check if Samba service is running
[host]# /etc/init.d/smb status
Step 3. If Samba service is running, stop the smb service
[host]# /etc/init.d/smb stop
Step 4. Backup the /etc/samba/smb.conf file
[host]# cp /etc/samba/smb.conf /etc/samba/smb.conf_backup
Step 5. Edit the /etc/samba/smb.conf and set following parameters as below:
client max protocol = NT1
Step 6. Start the smb services using below command:
[host]# /etc/init.d/smb start
Note : If samba configuration file smb.conf is changed/modified in future, please verify if above settings is changed. If changed please make sure to mitigate this issue by following steps 2 to 6.
Get Notified about Future Security Bulletins
References
Change History
21 December 2017: Original version published
*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.
Disclaimer
Review the IBM security bulletin disclaimer and definitions regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.
Was this topic helpful?
Document Information
Modified date:
17 October 2019
UID
swg22009491