Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Full Disclosure: Full-Disclosure

[ MDVSA-2012:067 ] samba

 

 

Full Disclosure full-disclosure RSS feed   Index | Next | Previous | View Threaded


security at mandriva

May 1, 2012, 3:55 AM

Post #1 of 1 (129 views)
Permalink
[ MDVSA-2012:067 ] samba

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2012:067
http://www.mandriva.com/security/
_______________________________________________________________________

Package : samba
Date : May 1, 2012
Affected: 2010.1, 2011.
_______________________________________________________________________

Problem Description:

A vulnerability has been found and corrected in samba:

Security checks were incorrectly applied to the Local Security
Authority (LSA) remote proceedure calls (RPC) CreateAccount,
OpenAccount, AddAccountRights and RemoveAccountRights allowing any
authenticated user to modify the privileges database (CVE-2012-2111).

The updated packages have been patched to correct this issue.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2111
http://www.samba.org/samba/security/CVE-2012-2111
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2010.1:
b0c16888573af1114e9ad0bfde46808b 2010.1/i586/libnetapi0-3.5.3-3.6mdv2010.2.i586.rpm
7c98470fb3a8c4081ebaf10f0c1332bb 2010.1/i586/libnetapi-devel-3.5.3-3.6mdv2010.2.i586.rpm
fb64c34589ac83010bc471489911fb2f 2010.1/i586/libsmbclient0-3.5.3-3.6mdv2010.2.i586.rpm
ea8dee1fc52bad7595724def30a6fd69 2010.1/i586/libsmbclient0-devel-3.5.3-3.6mdv2010.2.i586.rpm
986549d1f25d8c5c870eaf87b9e7cf08 2010.1/i586/libsmbclient0-static-devel-3.5.3-3.6mdv2010.2.i586.rpm
19b33f2132413cf36031f8d7d0f6f5c4 2010.1/i586/libsmbsharemodes0-3.5.3-3.6mdv2010.2.i586.rpm
145adf5071677e950fc071e894e45bd9 2010.1/i586/libsmbsharemodes-devel-3.5.3-3.6mdv2010.2.i586.rpm
ca052c237ab25c02f7366888ed6bde33 2010.1/i586/libwbclient0-3.5.3-3.6mdv2010.2.i586.rpm
b401a4c10ad4ff5b1b6209c43d0369fe 2010.1/i586/libwbclient-devel-3.5.3-3.6mdv2010.2.i586.rpm
e7f118657fea080c43a0a6377eb02d10 2010.1/i586/mount-cifs-3.5.3-3.6mdv2010.2.i586.rpm
cfb25b984affc20ff7b32245558a86bd 2010.1/i586/nss_wins-3.5.3-3.6mdv2010.2.i586.rpm
58b2405220ad8f461968d9213167b25c 2010.1/i586/samba-client-3.5.3-3.6mdv2010.2.i586.rpm
f790e91505f6e5b7cb7905a82ec37ab1 2010.1/i586/samba-common-3.5.3-3.6mdv2010.2.i586.rpm
73ad8d9bc99d605e7a3cf1e862b5acb7 2010.1/i586/samba-doc-3.5.3-3.6mdv2010.2.i586.rpm
72efce39b1ecf4f1fce38bbfb5d52a73 2010.1/i586/samba-domainjoin-gui-3.5.3-3.6mdv2010.2.i586.rpm
2a912520751bd6ee71cd3d7a2bcd652a 2010.1/i586/samba-server-3.5.3-3.6mdv2010.2.i586.rpm
f900b32e99a90b0e4b02f78739aec352 2010.1/i586/samba-swat-3.5.3-3.6mdv2010.2.i586.rpm
3416b4b6a0b581cee20ca92135cb81a9 2010.1/i586/samba-winbind-3.5.3-3.6mdv2010.2.i586.rpm
aa719946518e4cde4a7e246707447037 2010.1/SRPMS/samba-3.5.3-3.6mdv2010.2.src.rpm

Mandriva Linux 2010.1/X86_64:
4555cdf1cf1e309adf310020a0c2bacd 2010.1/x86_64/lib64netapi0-3.5.3-3.6mdv2010.2.x86_64.rpm
4324676ed91aff0cc726b5b1c9699914 2010.1/x86_64/lib64netapi-devel-3.5.3-3.6mdv2010.2.x86_64.rpm
6cad4c5c96ecf4aff1535461321381da 2010.1/x86_64/lib64smbclient0-3.5.3-3.6mdv2010.2.x86_64.rpm
89a56321c42cc94b4a8748d33d20b3cd 2010.1/x86_64/lib64smbclient0-devel-3.5.3-3.6mdv2010.2.x86_64.rpm
e2ab03c50e2daa90011cb12a7b3260e6 2010.1/x86_64/lib64smbclient0-static-devel-3.5.3-3.6mdv2010.2.x86_64.rpm
a1f6db735b484608a9adb6d71b2c6bf9 2010.1/x86_64/lib64smbsharemodes0-3.5.3-3.6mdv2010.2.x86_64.rpm
2316afe1be6ac09e8985447f906d78d1 2010.1/x86_64/lib64smbsharemodes-devel-3.5.3-3.6mdv2010.2.x86_64.rpm
7e20f319a9fbbf7eeb251adfc103bb22 2010.1/x86_64/lib64wbclient0-3.5.3-3.6mdv2010.2.x86_64.rpm
49604738194c0f13c268c79acfa3ed96 2010.1/x86_64/lib64wbclient-devel-3.5.3-3.6mdv2010.2.x86_64.rpm
e02391b2c8676786ea21268380e0c267 2010.1/x86_64/mount-cifs-3.5.3-3.6mdv2010.2.x86_64.rpm
c0bf73ba14ce610beeb84340d3dc3ff7 2010.1/x86_64/nss_wins-3.5.3-3.6mdv2010.2.x86_64.rpm
e091ae55c4018bb218dfeafcc57620a3 2010.1/x86_64/samba-client-3.5.3-3.6mdv2010.2.x86_64.rpm
79d7d55c5413db0c5143d3aadaed9498 2010.1/x86_64/samba-common-3.5.3-3.6mdv2010.2.x86_64.rpm
5164c31f03228f112ea76d2abbbe1cc6 2010.1/x86_64/samba-doc-3.5.3-3.6mdv2010.2.x86_64.rpm
92cd364fa5d300b86484eb967b960bc3 2010.1/x86_64/samba-domainjoin-gui-3.5.3-3.6mdv2010.2.x86_64.rpm
8e928172bb0b614635e01c52d05f96a9 2010.1/x86_64/samba-server-3.5.3-3.6mdv2010.2.x86_64.rpm
c2615e1db28f1eefb713c115e82e8ba8 2010.1/x86_64/samba-swat-3.5.3-3.6mdv2010.2.x86_64.rpm
25a7e8cad30bf78f9ea217cc68e27a1a 2010.1/x86_64/samba-winbind-3.5.3-3.6mdv2010.2.x86_64.rpm
aa719946518e4cde4a7e246707447037 2010.1/SRPMS/samba-3.5.3-3.6mdv2010.2.src.rpm

Mandriva Linux 2011:
cff0ff110611aa92de13e1e6d21047d1 2011/i586/libnetapi0-3.5.10-1.3-mdv2011.0.i586.rpm
089dc3e2e37fe8ee0a3ad0385ae03e6b 2011/i586/libnetapi-devel-3.5.10-1.3-mdv2011.0.i586.rpm
04954a46b3938198545553a644bf01f0 2011/i586/libsmbclient0-3.5.10-1.3-mdv2011.0.i586.rpm
89d114cddad50da83a4d53d513441e47 2011/i586/libsmbclient0-devel-3.5.10-1.3-mdv2011.0.i586.rpm
3909db914cdbbf99edf58c6795b5dff8 2011/i586/libsmbclient0-static-devel-3.5.10-1.3-mdv2011.0.i586.rpm
cec79a0acd368786713468870122f4f3 2011/i586/libsmbsharemodes0-3.5.10-1.3-mdv2011.0.i586.rpm
d3c78587799b381737b0feb00e50f287 2011/i586/libsmbsharemodes-devel-3.5.10-1.3-mdv2011.0.i586.rpm
994f5c96f6c4d87b66d77efe9aededd0 2011/i586/libwbclient0-3.5.10-1.3-mdv2011.0.i586.rpm
9250693ddfb45284676f1fe1f037791f 2011/i586/libwbclient-devel-3.5.10-1.3-mdv2011.0.i586.rpm
88a93a320f0785258f3b3915589bd7d2 2011/i586/mount-cifs-3.5.10-1.3-mdv2011.0.i586.rpm
b568d3cac9ee0dbe647e86b1e5579d3f 2011/i586/nss_wins-3.5.10-1.3-mdv2011.0.i586.rpm
4b62e10c477f054e1b1108f1de52e9ba 2011/i586/samba-client-3.5.10-1.3-mdv2011.0.i586.rpm
15e3ab4b525a3e09c5e81724e53d16da 2011/i586/samba-common-3.5.10-1.3-mdv2011.0.i586.rpm
7e6028bcd35c577ef1921ac2569690b9 2011/i586/samba-doc-3.5.10-1.3-mdv2011.0.noarch.rpm
0dc103d9ee84e0f249cc89344e278143 2011/i586/samba-domainjoin-gui-3.5.10-1.3-mdv2011.0.i586.rpm
66c78b0f067f3fd2209ab7e1b970c68e 2011/i586/samba-server-3.5.10-1.3-mdv2011.0.i586.rpm
f302f1867604fafbf74d74e09604a71b 2011/i586/samba-swat-3.5.10-1.3-mdv2011.0.i586.rpm
0d0d8649d3d426c5f8cc50c31c76f8c8 2011/i586/samba-winbind-3.5.10-1.3-mdv2011.0.i586.rpm
be1dff8504d05199b02576691f5ae86b 2011/SRPMS/samba-3.5.10-1.3.src.rpm

Mandriva Linux 2011/X86_64:
1a851b2f20ee67453467a23727a2424a 2011/x86_64/lib64netapi0-3.5.10-1.3-mdv2011.0.x86_64.rpm
44603aa8df1c8307a3deccf291e42f7b 2011/x86_64/lib64netapi-devel-3.5.10-1.3-mdv2011.0.x86_64.rpm
556104aef89a4b9ebd9bb66a833236d0 2011/x86_64/lib64smbclient0-3.5.10-1.3-mdv2011.0.x86_64.rpm
0d5dc0adf88bd341f7218585e7e33228 2011/x86_64/lib64smbclient0-devel-3.5.10-1.3-mdv2011.0.x86_64.rpm
38ea7589c0013ffada677dfe2def0e98 2011/x86_64/lib64smbclient0-static-devel-3.5.10-1.3-mdv2011.0.x86_64.rpm
b04f159a984c3b693ff89b7cc179136d 2011/x86_64/lib64smbsharemodes0-3.5.10-1.3-mdv2011.0.x86_64.rpm
50ea8303bebbc5c751ab911d539b8535 2011/x86_64/lib64smbsharemodes-devel-3.5.10-1.3-mdv2011.0.x86_64.rpm
8d80e36d55a5609504bdd0bfca353b5c 2011/x86_64/lib64wbclient0-3.5.10-1.3-mdv2011.0.x86_64.rpm
e8ac81e9b840ffc2449af46e8824156b 2011/x86_64/lib64wbclient-devel-3.5.10-1.3-mdv2011.0.x86_64.rpm
0904a4afc0df9a00839b90a5bf92f2e0 2011/x86_64/mount-cifs-3.5.10-1.3-mdv2011.0.x86_64.rpm
0e60aefdd6f434a0889013246f1471a0 2011/x86_64/nss_wins-3.5.10-1.3-mdv2011.0.x86_64.rpm
8ecb1369ad46eae88cf8d273b0cbad07 2011/x86_64/samba-client-3.5.10-1.3-mdv2011.0.x86_64.rpm
e4b3cc6e3a32b33012c36a17f7ab4b1d 2011/x86_64/samba-common-3.5.10-1.3-mdv2011.0.x86_64.rpm
b6511465523ffd89ff81f7f528eb3335 2011/x86_64/samba-doc-3.5.10-1.3-mdv2011.0.noarch.rpm
34abf2242369315d0346d26509b6efbf 2011/x86_64/samba-domainjoin-gui-3.5.10-1.3-mdv2011.0.x86_64.rpm
f412fafe8607022394bb6ec927f966b0 2011/x86_64/samba-server-3.5.10-1.3-mdv2011.0.x86_64.rpm
f896be75e59f63a3e207ab66f5c5a870 2011/x86_64/samba-swat-3.5.10-1.3-mdv2011.0.x86_64.rpm
01821aace53b923c7ad4a1bc096fd456 2011/x86_64/samba-winbind-3.5.10-1.3-mdv2011.0.x86_64.rpm
be1dff8504d05199b02576691f5ae86b 2011/SRPMS/samba-3.5.10-1.3.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iD8DBQFPn5QSmqjQ0CJFipgRAimcAKDL/VVweXcfXSX5OfXwJhvzBnpoUgCfT7Ny
IkCl21bp34aGCX78vKk8a0E=
=Gfjg
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Full Disclosure full-disclosure RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.