LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: April 7th, 2014
Linux Advisory Watch: April 4th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Mandriva: 2012:025: samba Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Mandrake A vulnerability has been found and corrected in samba: Heap-based buffer overflow in process.c in smbd in Samba allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a Batched (aka AndX) request that triggers [More...]
 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2012:025
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : samba
 Date    : February 28, 2012
 Affected: Enterprise Server 5.0
 _______________________________________________________________________

 Problem Description:

 A vulnerability has been found and corrected in samba:
 
 Heap-based buffer overflow in process.c in smbd in Samba allows remote
 attackers to cause a denial of service (daemon crash) or possibly
 execute arbitrary code via a Batched (aka AndX) request that triggers
 infinite recursion (CVE-2012-0870).
 
 The updated packages have been patched to correct this issue.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0870
 _______________________________________________________________________

 Updated Packages:

 Mandriva Enterprise Server 5:
 f1c5c40a39960bf0be8b4f7b0eb07f1c  mes5/i586/libnetapi0-3.3.12-0.8mdvmes5.2.i586.rpm
 c09851ea48666122ce67fb3bb5d863b7  mes5/i586/libnetapi-devel-3.3.12-0.8mdvmes5.2.i586.rpm
 574874125ee63e520110e73158fa1c53  mes5/i586/libsmbclient0-3.3.12-0.8mdvmes5.2.i586.rpm
 ed39a5badbcb3dff984d099d995e4654  mes5/i586/libsmbclient0-devel-3.3.12-0.8mdvmes5.2.i586.rpm
 37f6c8edc6af9e4439fe1cfa74162fd4  mes5/i586/libsmbclient0-static-devel-3.3.12-0.8mdvmes5.2.i586.rpm
 e06527be75deb64802f8bfa4c266f9bc  mes5/i586/libsmbsharemodes0-3.3.12-0.8mdvmes5.2.i586.rpm
 9926b5aa94649fe5e4563d7d30eea094  mes5/i586/libsmbsharemodes-devel-3.3.12-0.8mdvmes5.2.i586.rpm
 13ed1d18924705829149f27c89cff483  mes5/i586/libtalloc1-3.3.12-0.8mdvmes5.2.i586.rpm
 0dcc0cadaff5d3e9e9b26a4aa76320b9  mes5/i586/libtalloc-devel-3.3.12-0.8mdvmes5.2.i586.rpm
 f66dc353d8f7cc28d9e9922bc731bd06  mes5/i586/libtdb1-3.3.12-0.8mdvmes5.2.i586.rpm
 87689dca4f04ccc56c8b7e2958f870a5  mes5/i586/libtdb-devel-3.3.12-0.8mdvmes5.2.i586.rpm
 eac4493389bdd505786b2a813800ec21  mes5/i586/libwbclient0-3.3.12-0.8mdvmes5.2.i586.rpm
 0a4d9665399a405ec33352bac8b085d7  mes5/i586/libwbclient-devel-3.3.12-0.8mdvmes5.2.i586.rpm
 31d01f8f5ac236bdeb5da6c0b1103c26  mes5/i586/mount-cifs-3.3.12-0.8mdvmes5.2.i586.rpm
 4d65a41c7adf287f33146cb51976c12f  mes5/i586/nss_wins-3.3.12-0.8mdvmes5.2.i586.rpm
 95851e4895bebace6a800c21411c2c98  mes5/i586/samba-client-3.3.12-0.8mdvmes5.2.i586.rpm
 615ae2342634aa724e233fe7c38e1021  mes5/i586/samba-common-3.3.12-0.8mdvmes5.2.i586.rpm
 593f4559e2e7927c3d2be07c75f69fc2  mes5/i586/samba-doc-3.3.12-0.8mdvmes5.2.i586.rpm
 082b8b10f48f87102f5f4e5734192274  mes5/i586/samba-server-3.3.12-0.8mdvmes5.2.i586.rpm
 671a8293f5c9970eff7f41a382ce1de8  mes5/i586/samba-swat-3.3.12-0.8mdvmes5.2.i586.rpm
 d0826b2d50dd03a8a2def0ab8217a10b  mes5/i586/samba-winbind-3.3.12-0.8mdvmes5.2.i586.rpm 
 e63162eb725a3c786a9d6ce6e3ffa834  mes5/SRPMS/samba-3.3.12-0.8mdvmes5.2.src.rpm

 Mandriva Enterprise Server 5/X86_64:
 08052ae7f504d3afebc2592c4563cb26  mes5/x86_64/lib64netapi0-3.3.12-0.8mdvmes5.2.x86_64.rpm
 959b440b7a52de85774c7826c23e5a0d  mes5/x86_64/lib64netapi-devel-3.3.12-0.8mdvmes5.2.x86_64.rpm
 4fbf3c6550bbd781101b19a5f59db31f  mes5/x86_64/lib64smbclient0-3.3.12-0.8mdvmes5.2.x86_64.rpm
 fa0e52cf4f492cb5d991ca5305f4eca7  mes5/x86_64/lib64smbclient0-devel-3.3.12-0.8mdvmes5.2.x86_64.rpm
 3aab55b5470b2dd3fe21bc22aac57881  mes5/x86_64/lib64smbclient0-static-devel-3.3.12-0.8mdvmes5.2.x86_64.rpm
 62faaa06906b9b03f73d130c30841e24  mes5/x86_64/lib64smbsharemodes0-3.3.12-0.8mdvmes5.2.x86_64.rpm
 2989b58fbd3b45bc9f59c252c694970f  mes5/x86_64/lib64smbsharemodes-devel-3.3.12-0.8mdvmes5.2.x86_64.rpm
 7b02247f56fbae2c39148fbbdb2a9753  mes5/x86_64/lib64talloc1-3.3.12-0.8mdvmes5.2.x86_64.rpm
 c06c34fbdf4472157ce75f438c8975fe  mes5/x86_64/lib64talloc-devel-3.3.12-0.8mdvmes5.2.x86_64.rpm
 05412945bb2a1b2be22aab619395366e  mes5/x86_64/lib64tdb1-3.3.12-0.8mdvmes5.2.x86_64.rpm
 a5d3e798398970a92129d182766049ab  mes5/x86_64/lib64tdb-devel-3.3.12-0.8mdvmes5.2.x86_64.rpm
 fa4659a2d3591b354ed48fe4780e318a  mes5/x86_64/lib64wbclient0-3.3.12-0.8mdvmes5.2.x86_64.rpm
 a647ebd6ed3d00f8e0cf32db8deddd89  mes5/x86_64/lib64wbclient-devel-3.3.12-0.8mdvmes5.2.x86_64.rpm
 5075846b37b482eee78d1390284d221f  mes5/x86_64/mount-cifs-3.3.12-0.8mdvmes5.2.x86_64.rpm
 08968a5c3682f2af4dab4433d3c4906c  mes5/x86_64/nss_wins-3.3.12-0.8mdvmes5.2.x86_64.rpm
 1f391d0c654c0efa93a4a9b90ff8abad  mes5/x86_64/samba-client-3.3.12-0.8mdvmes5.2.x86_64.rpm
 9d374a84dab147dd3a7e20f38032740f  mes5/x86_64/samba-common-3.3.12-0.8mdvmes5.2.x86_64.rpm
 fbc801397a2f7b94b06397aed9e037a8  mes5/x86_64/samba-doc-3.3.12-0.8mdvmes5.2.x86_64.rpm
 39fde58a25e8180b574cf6e5a8f7e432  mes5/x86_64/samba-server-3.3.12-0.8mdvmes5.2.x86_64.rpm
 d9f108c12ade5b0f8905cb453cdb99dc  mes5/x86_64/samba-swat-3.3.12-0.8mdvmes5.2.x86_64.rpm
 78f300cd217228b7e44d0845f2b29c53  mes5/x86_64/samba-winbind-3.3.12-0.8mdvmes5.2.x86_64.rpm 
 e63162eb725a3c786a9d6ce6e3ffa834  mes5/SRPMS/samba-3.3.12-0.8mdvmes5.2.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Hackers From China Waste Little Time in Exploiting Heartbleed
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Why a hacker got paid for finding the Heartbleed bug
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.