|
|
Log in / Subscribe / Register

samba: privilege escalation

Package(s):samba CVE #(s):CVE-2012-2111
Created:May 1, 2012 Updated:May 7, 2012
Description: From the CVE entry:

The (1) CreateAccount, (2) OpenAccount, (3) AddAccountRights, and (4) RemoveAccountRights LSA RPC procedures in smbd in Samba 3.4.x before 3.4.17, 3.5.x before 3.5.15, and 3.6.x before 3.6.5 do not properly restrict modifications to the privileges database, which allows remote authenticated users to obtain the "take ownership" privilege via an LSA connection.

Alerts:
Gentoo 201206-22 samba 2012-06-24
SUSE SUSE-SU-2012:0591-1 Samba 2012-05-07
openSUSE openSUSE-SU-2012:0583-1 samba 2012-05-04
Fedora FEDORA-2012-7006 samba 2012-05-03
Fedora FEDORA-2012-6999 samba 2012-05-03
Debian DSA-2463-1 samba 2012-05-02
Oracle ELSA-2012-0533 samba 2012-05-01
Oracle ELSA-2012-0533 samba 2012-05-01
Ubuntu USN-1434-1 samba 2012-05-01
Mandriva MDVSA-2012:067 samba 2012-05-01
CentOS CESA-2012:0533 samba 2012-05-01
SUSE SUSE-SU-2012:0575-1 Samba 2012-05-01
SUSE SUSE-SU-2012:0573-1 Samba 2012-05-01
Scientific Linux SL-samb-20120430 samba 2012-04-30
CentOS CESA-2012:0533 samba 2012-04-30
Red Hat RHSA-2012:0533-01 samba 2012-04-30
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds