LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: September 15th, 2014
Linux Security Week: September 8th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Mandriva: 2012:055: samba Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Mandrake A vulnerability has been found and corrected in samba: The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory [More...]
 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2012:055
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : samba
 Date    : April 11, 2012
 Affected: 2010.1, 2011., Enterprise Server 5.0
 _______________________________________________________________________

 Problem Description:

 A vulnerability has been found and corrected in samba:
 
 The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before
 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an
 array length in a manner consistent with validation of array memory
 allocation, which allows remote attackers to execute arbitrary code
 via a crafted RPC call (CVE-2012-1182).
 
 The updated packages have been patched to correct this issue.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1182
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2010.1:
 618a07a3b2880bcf1855d782d93f3007  2010.1/i586/libnetapi0-3.5.3-3.5mdv2010.2.i586.rpm
 84793723c7a0b711ccf0054fda0a52da  2010.1/i586/libnetapi-devel-3.5.3-3.5mdv2010.2.i586.rpm
 88cd11fac84aa9aa8405cbce6dd835bc  2010.1/i586/libsmbclient0-3.5.3-3.5mdv2010.2.i586.rpm
 0836753a45ddb9760e27ee422cde449b  2010.1/i586/libsmbclient0-devel-3.5.3-3.5mdv2010.2.i586.rpm
 141a9d5388457f80d6fc519d20180bc4  2010.1/i586/libsmbclient0-static-devel-3.5.3-3.5mdv2010.2.i586.rpm
 1c10c6e959094d33f19b8279818361b6  2010.1/i586/libsmbsharemodes0-3.5.3-3.5mdv2010.2.i586.rpm
 8c2ea1ca2e5ff06174579a95707fa7ff  2010.1/i586/libsmbsharemodes-devel-3.5.3-3.5mdv2010.2.i586.rpm
 3f3a4c2575aa4b025608ca0a1b2e81ad  2010.1/i586/libwbclient0-3.5.3-3.5mdv2010.2.i586.rpm
 11c5a7f84f6b60f4ba5c96feb6a182ff  2010.1/i586/libwbclient-devel-3.5.3-3.5mdv2010.2.i586.rpm
 17eaac9a0b671be1303667e1127c7943  2010.1/i586/mount-cifs-3.5.3-3.5mdv2010.2.i586.rpm
 9cf5a0b8975f3de3f7446263e60dbf90  2010.1/i586/nss_wins-3.5.3-3.5mdv2010.2.i586.rpm
 934caa56ec7a351ccca4ff02ffb4c541  2010.1/i586/samba-client-3.5.3-3.5mdv2010.2.i586.rpm
 6096e9066577d6fa93381276d8daa3bb  2010.1/i586/samba-common-3.5.3-3.5mdv2010.2.i586.rpm
 e55c85a899f3546272f184fe69810139  2010.1/i586/samba-doc-3.5.3-3.5mdv2010.2.i586.rpm
 26362e3a7e1b3472ef2ccdd52284b0d4  2010.1/i586/samba-domainjoin-gui-3.5.3-3.5mdv2010.2.i586.rpm
 70eab496328572818809b15f080cf099  2010.1/i586/samba-server-3.5.3-3.5mdv2010.2.i586.rpm
 6952e5097b510af3329c6f5d78f8cbe9  2010.1/i586/samba-swat-3.5.3-3.5mdv2010.2.i586.rpm
 915ae724c3de06331cfd04fb0bd69265  2010.1/i586/samba-winbind-3.5.3-3.5mdv2010.2.i586.rpm 
 4c72879b63802de52b63ed7b83d4a918  2010.1/SRPMS/samba-3.5.3-3.5mdv2010.2.src.rpm

 Mandriva Linux 2010.1/X86_64:
 ace2c0860c17914d21dbe617fa87e0e7  2010.1/x86_64/lib64netapi0-3.5.3-3.5mdv2010.2.x86_64.rpm
 74763ba858d48c7c448defa8b2ffd556  2010.1/x86_64/lib64netapi-devel-3.5.3-3.5mdv2010.2.x86_64.rpm
 50ce33ea687930e080072efdfbfc004b  2010.1/x86_64/lib64smbclient0-3.5.3-3.5mdv2010.2.x86_64.rpm
 f7f790f0205aecfa5b9914a6d9f6c52b  2010.1/x86_64/lib64smbclient0-devel-3.5.3-3.5mdv2010.2.x86_64.rpm
 6d3a02bef858a12ee0934dce09e88be4  2010.1/x86_64/lib64smbclient0-static-devel-3.5.3-3.5mdv2010.2.x86_64.rpm
 34853bcef699f85747d96d07c200555f  2010.1/x86_64/lib64smbsharemodes0-3.5.3-3.5mdv2010.2.x86_64.rpm
 a6ec714a27184155cef1da72859119e5  2010.1/x86_64/lib64smbsharemodes-devel-3.5.3-3.5mdv2010.2.x86_64.rpm
 295583bae32ab52bd25bc5b121e875ab  2010.1/x86_64/lib64wbclient0-3.5.3-3.5mdv2010.2.x86_64.rpm
 9d33640b2e23f9f26833d37f472c7c29  2010.1/x86_64/lib64wbclient-devel-3.5.3-3.5mdv2010.2.x86_64.rpm
 60676ae71f3ade9516a539f03354cf8d  2010.1/x86_64/mount-cifs-3.5.3-3.5mdv2010.2.x86_64.rpm
 a8ac8164580908142c1ffa71285d7f46  2010.1/x86_64/nss_wins-3.5.3-3.5mdv2010.2.x86_64.rpm
 fcb05e26eaf45d2b588580182ffdd0b0  2010.1/x86_64/samba-client-3.5.3-3.5mdv2010.2.x86_64.rpm
 18456d389b3c2c0c109e31f80067f41c  2010.1/x86_64/samba-common-3.5.3-3.5mdv2010.2.x86_64.rpm
 8622946366a3a05229555e9de579d85f  2010.1/x86_64/samba-doc-3.5.3-3.5mdv2010.2.x86_64.rpm
 c4cdca61a5648a017f911fec5bb38e17  2010.1/x86_64/samba-domainjoin-gui-3.5.3-3.5mdv2010.2.x86_64.rpm
 3f8ec5ea217e2da57fe2496a790cf613  2010.1/x86_64/samba-server-3.5.3-3.5mdv2010.2.x86_64.rpm
 ed0292f244641a730a30c6b5adfce0cb  2010.1/x86_64/samba-swat-3.5.3-3.5mdv2010.2.x86_64.rpm
 da63310faa0984097e4db35aafdb6af1  2010.1/x86_64/samba-winbind-3.5.3-3.5mdv2010.2.x86_64.rpm 
 4c72879b63802de52b63ed7b83d4a918  2010.1/SRPMS/samba-3.5.3-3.5mdv2010.2.src.rpm

 Mandriva Linux 2011:
 2ece08d6baf00f820370996304a7f464  2011/i586/libnetapi0-3.5.10-1.2-mdv2011.0.i586.rpm
 391e0e83b2156f92bf06057ab44336e6  2011/i586/libnetapi-devel-3.5.10-1.2-mdv2011.0.i586.rpm
 e6db8597c80e0f52fd8571ae20a2a07c  2011/i586/libsmbclient0-3.5.10-1.2-mdv2011.0.i586.rpm
 550c87c7ab33576ffd4dab2ba0c6d57b  2011/i586/libsmbclient0-devel-3.5.10-1.2-mdv2011.0.i586.rpm
 50004feba2de339c2c0d5a53a3b9a25f  2011/i586/libsmbclient0-static-devel-3.5.10-1.2-mdv2011.0.i586.rpm
 0d73a396ea85b9efe9eb9103a4a506a3  2011/i586/libsmbsharemodes0-3.5.10-1.2-mdv2011.0.i586.rpm
 b2fc366a39db8452d49b29aa87c0c3b1  2011/i586/libsmbsharemodes-devel-3.5.10-1.2-mdv2011.0.i586.rpm
 4758e5dd9bcdc9a691cb9ffb11cbcc37  2011/i586/libwbclient0-3.5.10-1.2-mdv2011.0.i586.rpm
 597f5729e0a9720bbdea9a78784bd9d9  2011/i586/libwbclient-devel-3.5.10-1.2-mdv2011.0.i586.rpm
 79a52dd2215429b2a09253de672eb272  2011/i586/mount-cifs-3.5.10-1.2-mdv2011.0.i586.rpm
 caa88a84173b74f2382fed9816b67ad3  2011/i586/nss_wins-3.5.10-1.2-mdv2011.0.i586.rpm
 adcb26cca8e20413971f83858e613ca8  2011/i586/samba-client-3.5.10-1.2-mdv2011.0.i586.rpm
 e23764ffc762ca871bb314906989e656  2011/i586/samba-common-3.5.10-1.2-mdv2011.0.i586.rpm
 8c6077e30c837078cdd2accaf5f0b80b  2011/i586/samba-doc-3.5.10-1.2-mdv2011.0.noarch.rpm
 bba48e5ecc36ddce12571d081c75b96a  2011/i586/samba-domainjoin-gui-3.5.10-1.2-mdv2011.0.i586.rpm
 0ae58d4eab55baf06aab27ed1dacf8b5  2011/i586/samba-server-3.5.10-1.2-mdv2011.0.i586.rpm
 e4aeea5e4368292c8dd242829ea9cfd6  2011/i586/samba-swat-3.5.10-1.2-mdv2011.0.i586.rpm
 4d4eb5129e72ddbdf7e695c5d4023d14  2011/i586/samba-winbind-3.5.10-1.2-mdv2011.0.i586.rpm 
 43d6e58b17cf2f9c6eddc2c5162042ae  2011/SRPMS/samba-3.5.10-1.2.src.rpm

 Mandriva Linux 2011/X86_64:
 8e8379f1c13346f05b73dda02f1dd8d4  2011/x86_64/lib64netapi0-3.5.10-1.2-mdv2011.0.x86_64.rpm
 58293f1655f7aa5fa263b949c2e19c45  2011/x86_64/lib64netapi-devel-3.5.10-1.2-mdv2011.0.x86_64.rpm
 b6a4602bbbd5aec74ec7d9186056b2e2  2011/x86_64/lib64smbclient0-3.5.10-1.2-mdv2011.0.x86_64.rpm
 d8d2b44cdec07717a8b69a9d25cf34a4  2011/x86_64/lib64smbclient0-devel-3.5.10-1.2-mdv2011.0.x86_64.rpm
 a94819d1a6a845d88d227e8049fe68ff  2011/x86_64/lib64smbclient0-static-devel-3.5.10-1.2-mdv2011.0.x86_64.rpm
 f0a0f8cd3949b4867d3c76c618a5fb11  2011/x86_64/lib64smbsharemodes0-3.5.10-1.2-mdv2011.0.x86_64.rpm
 b32422d1dfd65572ebed6dc66ac7209d  2011/x86_64/lib64smbsharemodes-devel-3.5.10-1.2-mdv2011.0.x86_64.rpm
 910b81c895ff651eeca1f78443c1ec17  2011/x86_64/lib64wbclient0-3.5.10-1.2-mdv2011.0.x86_64.rpm
 a76a2ed3a3d013d096d42621dcf2daaa  2011/x86_64/lib64wbclient-devel-3.5.10-1.2-mdv2011.0.x86_64.rpm
 c64d43b8616c133d5a6acbec19decad2  2011/x86_64/mount-cifs-3.5.10-1.2-mdv2011.0.x86_64.rpm
 af87db22f74156d2daa4bf2d8cafaaaa  2011/x86_64/nss_wins-3.5.10-1.2-mdv2011.0.x86_64.rpm
 a9df74cc2e94bc26c335cca2c128b674  2011/x86_64/samba-client-3.5.10-1.2-mdv2011.0.x86_64.rpm
 d723b14c7f44582905cf5f061f98e959  2011/x86_64/samba-common-3.5.10-1.2-mdv2011.0.x86_64.rpm
 6b4c30fe785206e3d492ba14a321bdf5  2011/x86_64/samba-doc-3.5.10-1.2-mdv2011.0.noarch.rpm
 1c96c6dace7d31700f90880589ee26d3  2011/x86_64/samba-domainjoin-gui-3.5.10-1.2-mdv2011.0.x86_64.rpm
 b9de9445a2b129b1ab8e8da10f0d3d19  2011/x86_64/samba-server-3.5.10-1.2-mdv2011.0.x86_64.rpm
 44edbe0f928a3a0cfdb3e90b1cbfece8  2011/x86_64/samba-swat-3.5.10-1.2-mdv2011.0.x86_64.rpm
 6a2e42f81bc0d0c3554d601981f874a2  2011/x86_64/samba-winbind-3.5.10-1.2-mdv2011.0.x86_64.rpm 
 43d6e58b17cf2f9c6eddc2c5162042ae  2011/SRPMS/samba-3.5.10-1.2.src.rpm

 Mandriva Enterprise Server 5:
 7a1d4e2588013fae490cba76c2bd2234  mes5/i586/libnetapi0-3.3.12-0.9mdvmes5.2.i586.rpm
 ad114d018b79cafebb33d0afd53097fc  mes5/i586/libnetapi-devel-3.3.12-0.9mdvmes5.2.i586.rpm
 2d33714f2a135a597ed3f5256472a95d  mes5/i586/libsmbclient0-3.3.12-0.9mdvmes5.2.i586.rpm
 eda2371679144117ea1e77277f12c37d  mes5/i586/libsmbclient0-devel-3.3.12-0.9mdvmes5.2.i586.rpm
 53ab484f0c8891e700ea10f09fdedae0  mes5/i586/libsmbclient0-static-devel-3.3.12-0.9mdvmes5.2.i586.rpm
 d2c8ecd7fb50314aa6929dc358dee526  mes5/i586/libsmbsharemodes0-3.3.12-0.9mdvmes5.2.i586.rpm
 feda8de36a0ed4111c5c41aa47f95fc6  mes5/i586/libsmbsharemodes-devel-3.3.12-0.9mdvmes5.2.i586.rpm
 1414741281e22ca6dfdb12af8459c63d  mes5/i586/libtalloc1-3.3.12-0.9mdvmes5.2.i586.rpm
 6e17ce41a00989e07280fbdd96088cdf  mes5/i586/libtalloc-devel-3.3.12-0.9mdvmes5.2.i586.rpm
 d6c1fdb5e1c573116d4b3a33b3aeb320  mes5/i586/libtdb1-3.3.12-0.9mdvmes5.2.i586.rpm
 cb44eb86989bae64095541066f06f35c  mes5/i586/libtdb-devel-3.3.12-0.9mdvmes5.2.i586.rpm
 ec4532f047b2da1394bd802eb67e60f9  mes5/i586/libwbclient0-3.3.12-0.9mdvmes5.2.i586.rpm
 9666097df96e9195455a2147908b7043  mes5/i586/libwbclient-devel-3.3.12-0.9mdvmes5.2.i586.rpm
 c6b8f6647f919ab2cbbe81e0de74a401  mes5/i586/mount-cifs-3.3.12-0.9mdvmes5.2.i586.rpm
 0e05dd31949540545a9864c4b282588e  mes5/i586/nss_wins-3.3.12-0.9mdvmes5.2.i586.rpm
 f0d5bb15fed6a4056175f419fb50e47e  mes5/i586/samba-client-3.3.12-0.9mdvmes5.2.i586.rpm
 20c4cdec0b728d6bd975684e6b8a9efc  mes5/i586/samba-common-3.3.12-0.9mdvmes5.2.i586.rpm
 dd8c337420a8f98b769b47a696d5923b  mes5/i586/samba-doc-3.3.12-0.9mdvmes5.2.i586.rpm
 efba0f8100a63041d8d16608314f5439  mes5/i586/samba-server-3.3.12-0.9mdvmes5.2.i586.rpm
 b68b108b9637c9fb4d8b5e3030b539a7  mes5/i586/samba-swat-3.3.12-0.9mdvmes5.2.i586.rpm
 0ea3f96b495075f00be667c7f659e674  mes5/i586/samba-winbind-3.3.12-0.9mdvmes5.2.i586.rpm 
 24d8a954cf8f2b5a7a034338b106791c  mes5/SRPMS/samba-3.3.12-0.9mdvmes5.2.src.rpm

 Mandriva Enterprise Server 5/X86_64:
 545843ddaef8e31902a63d24ea1806f4  mes5/x86_64/lib64netapi0-3.3.12-0.9mdvmes5.2.x86_64.rpm
 b50e3c389f3bc667a0a3a68dfec90761  mes5/x86_64/lib64netapi-devel-3.3.12-0.9mdvmes5.2.x86_64.rpm
 2f2e273e4351768b6441301b31f4920d  mes5/x86_64/lib64smbclient0-3.3.12-0.9mdvmes5.2.x86_64.rpm
 408b325ffcdd165f18f856ec3982a74a  mes5/x86_64/lib64smbclient0-devel-3.3.12-0.9mdvmes5.2.x86_64.rpm
 992e8d328b483a2d0bb1cb347fdcd889  mes5/x86_64/lib64smbclient0-static-devel-3.3.12-0.9mdvmes5.2.x86_64.rpm
 122979a46ebbabf10f8e982829f56004  mes5/x86_64/lib64smbsharemodes0-3.3.12-0.9mdvmes5.2.x86_64.rpm
 8ac2e7f26ef202f44b4bc5f88fa033a2  mes5/x86_64/lib64smbsharemodes-devel-3.3.12-0.9mdvmes5.2.x86_64.rpm
 08c109c58ece0602a7a860a71496cb98  mes5/x86_64/lib64talloc1-3.3.12-0.9mdvmes5.2.x86_64.rpm
 d4941beba2ec0143de0fcc5ff9e446e4  mes5/x86_64/lib64talloc-devel-3.3.12-0.9mdvmes5.2.x86_64.rpm
 c489b3efc90813ef3f94345791359a02  mes5/x86_64/lib64tdb1-3.3.12-0.9mdvmes5.2.x86_64.rpm
 94d9ad3a330aff051fb4ed478348818b  mes5/x86_64/lib64tdb-devel-3.3.12-0.9mdvmes5.2.x86_64.rpm
 66187cc6e379dccd47d4664e4b51f745  mes5/x86_64/lib64wbclient0-3.3.12-0.9mdvmes5.2.x86_64.rpm
 7ccdbd98aa4388c207cc694f629f1a8b  mes5/x86_64/lib64wbclient-devel-3.3.12-0.9mdvmes5.2.x86_64.rpm
 46c2e7cffbd2b16fa6fe4cb80b8ae217  mes5/x86_64/mount-cifs-3.3.12-0.9mdvmes5.2.x86_64.rpm
 e93fb62b5d2669e00a5e8537d9538d03  mes5/x86_64/nss_wins-3.3.12-0.9mdvmes5.2.x86_64.rpm
 aec52d59f0949e615de84f89b716c740  mes5/x86_64/samba-client-3.3.12-0.9mdvmes5.2.x86_64.rpm
 74ca1045837e067fc16b35f5a9c8a959  mes5/x86_64/samba-common-3.3.12-0.9mdvmes5.2.x86_64.rpm
 b424fdd77ed7e79cc27262008efddc50  mes5/x86_64/samba-doc-3.3.12-0.9mdvmes5.2.x86_64.rpm
 711e19975e821852033e9badead55a9d  mes5/x86_64/samba-server-3.3.12-0.9mdvmes5.2.x86_64.rpm
 ce12e60f6e6950c919b3da333b3a2e07  mes5/x86_64/samba-swat-3.3.12-0.9mdvmes5.2.x86_64.rpm
 88406e56abedc8fd56da938f9a116304  mes5/x86_64/samba-winbind-3.3.12-0.9mdvmes5.2.x86_64.rpm 
 24d8a954cf8f2b5a7a034338b106791c  mes5/SRPMS/samba-3.3.12-0.9mdvmes5.2.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Today's Security Hacks Are After More Than Bank Info
How Boston Children's Hospital Hit Back at Anonymous
SNMP DDoS Scans Spoof Google Public DNS Server
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.