LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: September 26th, 2014
Linux Security Week: September 22nd, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Mandriva: 2012:067: samba Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Mandrake A vulnerability has been found and corrected in samba: Security checks were incorrectly applied to the Local Security Authority (LSA) remote proceedure calls (RPC) CreateAccount, OpenAccount, AddAccountRights and RemoveAccountRights allowing any [More...]
 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2012:067
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : samba
 Date    : May 1, 2012
 Affected: 2010.1, 2011.
 _______________________________________________________________________

 Problem Description:

 A vulnerability has been found and corrected in samba:
 
 Security checks were incorrectly applied to the Local Security
 Authority (LSA) remote proceedure calls (RPC) CreateAccount,
 OpenAccount, AddAccountRights and RemoveAccountRights allowing any
 authenticated user to modify the privileges database (CVE-2012-2111).
 
 The updated packages have been patched to correct this issue.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2111
 http://www.samba.org/samba/security/CVE-2012-2111
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2010.1:
 b0c16888573af1114e9ad0bfde46808b  2010.1/i586/libnetapi0-3.5.3-3.6mdv2010.2.i586.rpm
 7c98470fb3a8c4081ebaf10f0c1332bb  2010.1/i586/libnetapi-devel-3.5.3-3.6mdv2010.2.i586.rpm
 fb64c34589ac83010bc471489911fb2f  2010.1/i586/libsmbclient0-3.5.3-3.6mdv2010.2.i586.rpm
 ea8dee1fc52bad7595724def30a6fd69  2010.1/i586/libsmbclient0-devel-3.5.3-3.6mdv2010.2.i586.rpm
 986549d1f25d8c5c870eaf87b9e7cf08  2010.1/i586/libsmbclient0-static-devel-3.5.3-3.6mdv2010.2.i586.rpm
 19b33f2132413cf36031f8d7d0f6f5c4  2010.1/i586/libsmbsharemodes0-3.5.3-3.6mdv2010.2.i586.rpm
 145adf5071677e950fc071e894e45bd9  2010.1/i586/libsmbsharemodes-devel-3.5.3-3.6mdv2010.2.i586.rpm
 ca052c237ab25c02f7366888ed6bde33  2010.1/i586/libwbclient0-3.5.3-3.6mdv2010.2.i586.rpm
 b401a4c10ad4ff5b1b6209c43d0369fe  2010.1/i586/libwbclient-devel-3.5.3-3.6mdv2010.2.i586.rpm
 e7f118657fea080c43a0a6377eb02d10  2010.1/i586/mount-cifs-3.5.3-3.6mdv2010.2.i586.rpm
 cfb25b984affc20ff7b32245558a86bd  2010.1/i586/nss_wins-3.5.3-3.6mdv2010.2.i586.rpm
 58b2405220ad8f461968d9213167b25c  2010.1/i586/samba-client-3.5.3-3.6mdv2010.2.i586.rpm
 f790e91505f6e5b7cb7905a82ec37ab1  2010.1/i586/samba-common-3.5.3-3.6mdv2010.2.i586.rpm
 73ad8d9bc99d605e7a3cf1e862b5acb7  2010.1/i586/samba-doc-3.5.3-3.6mdv2010.2.i586.rpm
 72efce39b1ecf4f1fce38bbfb5d52a73  2010.1/i586/samba-domainjoin-gui-3.5.3-3.6mdv2010.2.i586.rpm
 2a912520751bd6ee71cd3d7a2bcd652a  2010.1/i586/samba-server-3.5.3-3.6mdv2010.2.i586.rpm
 f900b32e99a90b0e4b02f78739aec352  2010.1/i586/samba-swat-3.5.3-3.6mdv2010.2.i586.rpm
 3416b4b6a0b581cee20ca92135cb81a9  2010.1/i586/samba-winbind-3.5.3-3.6mdv2010.2.i586.rpm 
 aa719946518e4cde4a7e246707447037  2010.1/SRPMS/samba-3.5.3-3.6mdv2010.2.src.rpm

 Mandriva Linux 2010.1/X86_64:
 4555cdf1cf1e309adf310020a0c2bacd  2010.1/x86_64/lib64netapi0-3.5.3-3.6mdv2010.2.x86_64.rpm
 4324676ed91aff0cc726b5b1c9699914  2010.1/x86_64/lib64netapi-devel-3.5.3-3.6mdv2010.2.x86_64.rpm
 6cad4c5c96ecf4aff1535461321381da  2010.1/x86_64/lib64smbclient0-3.5.3-3.6mdv2010.2.x86_64.rpm
 89a56321c42cc94b4a8748d33d20b3cd  2010.1/x86_64/lib64smbclient0-devel-3.5.3-3.6mdv2010.2.x86_64.rpm
 e2ab03c50e2daa90011cb12a7b3260e6  2010.1/x86_64/lib64smbclient0-static-devel-3.5.3-3.6mdv2010.2.x86_64.rpm
 a1f6db735b484608a9adb6d71b2c6bf9  2010.1/x86_64/lib64smbsharemodes0-3.5.3-3.6mdv2010.2.x86_64.rpm
 2316afe1be6ac09e8985447f906d78d1  2010.1/x86_64/lib64smbsharemodes-devel-3.5.3-3.6mdv2010.2.x86_64.rpm
 7e20f319a9fbbf7eeb251adfc103bb22  2010.1/x86_64/lib64wbclient0-3.5.3-3.6mdv2010.2.x86_64.rpm
 49604738194c0f13c268c79acfa3ed96  2010.1/x86_64/lib64wbclient-devel-3.5.3-3.6mdv2010.2.x86_64.rpm
 e02391b2c8676786ea21268380e0c267  2010.1/x86_64/mount-cifs-3.5.3-3.6mdv2010.2.x86_64.rpm
 c0bf73ba14ce610beeb84340d3dc3ff7  2010.1/x86_64/nss_wins-3.5.3-3.6mdv2010.2.x86_64.rpm
 e091ae55c4018bb218dfeafcc57620a3  2010.1/x86_64/samba-client-3.5.3-3.6mdv2010.2.x86_64.rpm
 79d7d55c5413db0c5143d3aadaed9498  2010.1/x86_64/samba-common-3.5.3-3.6mdv2010.2.x86_64.rpm
 5164c31f03228f112ea76d2abbbe1cc6  2010.1/x86_64/samba-doc-3.5.3-3.6mdv2010.2.x86_64.rpm
 92cd364fa5d300b86484eb967b960bc3  2010.1/x86_64/samba-domainjoin-gui-3.5.3-3.6mdv2010.2.x86_64.rpm
 8e928172bb0b614635e01c52d05f96a9  2010.1/x86_64/samba-server-3.5.3-3.6mdv2010.2.x86_64.rpm
 c2615e1db28f1eefb713c115e82e8ba8  2010.1/x86_64/samba-swat-3.5.3-3.6mdv2010.2.x86_64.rpm
 25a7e8cad30bf78f9ea217cc68e27a1a  2010.1/x86_64/samba-winbind-3.5.3-3.6mdv2010.2.x86_64.rpm 
 aa719946518e4cde4a7e246707447037  2010.1/SRPMS/samba-3.5.3-3.6mdv2010.2.src.rpm

 Mandriva Linux 2011:
 cff0ff110611aa92de13e1e6d21047d1  2011/i586/libnetapi0-3.5.10-1.3-mdv2011.0.i586.rpm
 089dc3e2e37fe8ee0a3ad0385ae03e6b  2011/i586/libnetapi-devel-3.5.10-1.3-mdv2011.0.i586.rpm
 04954a46b3938198545553a644bf01f0  2011/i586/libsmbclient0-3.5.10-1.3-mdv2011.0.i586.rpm
 89d114cddad50da83a4d53d513441e47  2011/i586/libsmbclient0-devel-3.5.10-1.3-mdv2011.0.i586.rpm
 3909db914cdbbf99edf58c6795b5dff8  2011/i586/libsmbclient0-static-devel-3.5.10-1.3-mdv2011.0.i586.rpm
 cec79a0acd368786713468870122f4f3  2011/i586/libsmbsharemodes0-3.5.10-1.3-mdv2011.0.i586.rpm
 d3c78587799b381737b0feb00e50f287  2011/i586/libsmbsharemodes-devel-3.5.10-1.3-mdv2011.0.i586.rpm
 994f5c96f6c4d87b66d77efe9aededd0  2011/i586/libwbclient0-3.5.10-1.3-mdv2011.0.i586.rpm
 9250693ddfb45284676f1fe1f037791f  2011/i586/libwbclient-devel-3.5.10-1.3-mdv2011.0.i586.rpm
 88a93a320f0785258f3b3915589bd7d2  2011/i586/mount-cifs-3.5.10-1.3-mdv2011.0.i586.rpm
 b568d3cac9ee0dbe647e86b1e5579d3f  2011/i586/nss_wins-3.5.10-1.3-mdv2011.0.i586.rpm
 4b62e10c477f054e1b1108f1de52e9ba  2011/i586/samba-client-3.5.10-1.3-mdv2011.0.i586.rpm
 15e3ab4b525a3e09c5e81724e53d16da  2011/i586/samba-common-3.5.10-1.3-mdv2011.0.i586.rpm
 7e6028bcd35c577ef1921ac2569690b9  2011/i586/samba-doc-3.5.10-1.3-mdv2011.0.noarch.rpm
 0dc103d9ee84e0f249cc89344e278143  2011/i586/samba-domainjoin-gui-3.5.10-1.3-mdv2011.0.i586.rpm
 66c78b0f067f3fd2209ab7e1b970c68e  2011/i586/samba-server-3.5.10-1.3-mdv2011.0.i586.rpm
 f302f1867604fafbf74d74e09604a71b  2011/i586/samba-swat-3.5.10-1.3-mdv2011.0.i586.rpm
 0d0d8649d3d426c5f8cc50c31c76f8c8  2011/i586/samba-winbind-3.5.10-1.3-mdv2011.0.i586.rpm 
 be1dff8504d05199b02576691f5ae86b  2011/SRPMS/samba-3.5.10-1.3.src.rpm

 Mandriva Linux 2011/X86_64:
 1a851b2f20ee67453467a23727a2424a  2011/x86_64/lib64netapi0-3.5.10-1.3-mdv2011.0.x86_64.rpm
 44603aa8df1c8307a3deccf291e42f7b  2011/x86_64/lib64netapi-devel-3.5.10-1.3-mdv2011.0.x86_64.rpm
 556104aef89a4b9ebd9bb66a833236d0  2011/x86_64/lib64smbclient0-3.5.10-1.3-mdv2011.0.x86_64.rpm
 0d5dc0adf88bd341f7218585e7e33228  2011/x86_64/lib64smbclient0-devel-3.5.10-1.3-mdv2011.0.x86_64.rpm
 38ea7589c0013ffada677dfe2def0e98  2011/x86_64/lib64smbclient0-static-devel-3.5.10-1.3-mdv2011.0.x86_64.rpm
 b04f159a984c3b693ff89b7cc179136d  2011/x86_64/lib64smbsharemodes0-3.5.10-1.3-mdv2011.0.x86_64.rpm
 50ea8303bebbc5c751ab911d539b8535  2011/x86_64/lib64smbsharemodes-devel-3.5.10-1.3-mdv2011.0.x86_64.rpm
 8d80e36d55a5609504bdd0bfca353b5c  2011/x86_64/lib64wbclient0-3.5.10-1.3-mdv2011.0.x86_64.rpm
 e8ac81e9b840ffc2449af46e8824156b  2011/x86_64/lib64wbclient-devel-3.5.10-1.3-mdv2011.0.x86_64.rpm
 0904a4afc0df9a00839b90a5bf92f2e0  2011/x86_64/mount-cifs-3.5.10-1.3-mdv2011.0.x86_64.rpm
 0e60aefdd6f434a0889013246f1471a0  2011/x86_64/nss_wins-3.5.10-1.3-mdv2011.0.x86_64.rpm
 8ecb1369ad46eae88cf8d273b0cbad07  2011/x86_64/samba-client-3.5.10-1.3-mdv2011.0.x86_64.rpm
 e4b3cc6e3a32b33012c36a17f7ab4b1d  2011/x86_64/samba-common-3.5.10-1.3-mdv2011.0.x86_64.rpm
 b6511465523ffd89ff81f7f528eb3335  2011/x86_64/samba-doc-3.5.10-1.3-mdv2011.0.noarch.rpm
 34abf2242369315d0346d26509b6efbf  2011/x86_64/samba-domainjoin-gui-3.5.10-1.3-mdv2011.0.x86_64.rpm
 f412fafe8607022394bb6ec927f966b0  2011/x86_64/samba-server-3.5.10-1.3-mdv2011.0.x86_64.rpm
 f896be75e59f63a3e207ab66f5c5a870  2011/x86_64/samba-swat-3.5.10-1.3-mdv2011.0.x86_64.rpm
 01821aace53b923c7ad4a1bc096fd456  2011/x86_64/samba-winbind-3.5.10-1.3-mdv2011.0.x86_64.rpm 
 be1dff8504d05199b02576691f5ae86b  2011/SRPMS/samba-3.5.10-1.3.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Honeypot Snares Two Bots Exploiting Bash Vulnerability
CloudFlare Rolls Out Free SSL
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.