Login
Newsletter
Werbung

Sicherheit: Ausführen beliebiger Kommandos in Samba
Aktuelle Meldungen Distributionen
Name: Ausführen beliebiger Kommandos in Samba
ID: USN-1374-1
Distribution: Ubuntu
Plattformen: Ubuntu 8.04 LTS
Datum: Fr, 24. Februar 2012, 16:32
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0870
Applikationen: Samba

Originalnachricht


--===============0476436308085455399==
Content-Type: multipart/signed; micalg="pgp-sha512";
protocol="application/pgp-signature";
boundary="=-In9okCcXcw1ZoU77Rcha"


--=-In9okCcXcw1ZoU77Rcha
Content-Type: text/plain; charset="UTF-8
Content-Transfer-Encoding: quoted-printable

==========================================================================
Ubuntu Security Notice USN-1374-1
February 24, 2012

samba vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 8.04 LTS

Summary:

Samba could be made to crash or run programs if it received specially
crafted network traffic.

Software Description:
- samba: SMB/CIFS file, print, and login server for Unix

Details:

Andy Davis discovered that Samba incorrectly handled certain AndX offsets.
A remote attacker could send a specially crafted request to the server and
cause a denial of service, or possibly execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 8.04 LTS:
samba 3.0.28a-1ubuntu4.17

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1374-1
CVE-2012-0870

Package Information:
https://launchpad.net/ubuntu/+source/samba/3.0.28a-1ubuntu4.17



--Òn9okCcXcw1ZoU77Rcha
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAABCgAGBQJPR6rMAAoJEGVp2FWnRL6TtpgP/jFl5RjVj5gtXJtxMciXukc7
g8Sj+9b7OPuTHMZn6rMsPhFTfFi0GKYt64o2zCdJm9aD2FqiLxQnrfImAnHlka08
2KkXg9WqmBLS1+8I05Al42n/xH7VPefF3CbJzL0k4ByXJFszBUugAVsfBpJ5tIkg
3u0VGgdD3fr0/8fMRrtxiiXXvq7lrKu0TGiDt+xvjp4Hgc7ZaoHYEToW/jAfqSHn
Og5apnl4UcKlPo11MNQi28PhuKnkCCZWf+oDE8Oe9bVZpxxUe4Rrdx1JMyNlG66f
mv92GRRvFDg/zxTLfegcIbGbwPnWl//u4jmQRdvjQ0o1XVAsnzfaBRBNEhWyRqLB
VgoWCckEQNjSgoe/KbkWGzKQTKoQWP8yIPuMk9dJLJ8YHP+y3WB8ZuwG/yEy63HV
0ADp47qjAbEvAAJrRRredgqyZSBjHr76NswVkqNHU5I7S/itpkOwpN5zSoG7j2ru
R4xd/sUXvuMCm0eNrcP/jTHL1I6/h4M0gSFnjoEzg1E40YwW1IJCtggQaE2SPZrz
i4TY7KMtUVNctghr6pAw+GCzKnvFjs2y3HiFvErOx7IjQDs0kny/jCJbyHucN47n
svsrSQVqM7mwisYzmXrbyfdwzQ7XQlg/9yyufJMiONCutplZCFJrGkH6pJfP5+t+
O1Mz5CIjjQpFYkQKU/ZB
=5HC5
-----END PGP SIGNATURE-----

--=-In9okCcXcw1ZoU77Rcha--



--===============0476436308085455399==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

--===============0476436308085455399==--
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung