drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mangelnde Rechteprüfung in Samba
Name: |
Mangelnde Rechteprüfung in Samba |
|
ID: |
USN-1434-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 10.04 LTS, Ubuntu 11.04, Ubuntu 11.10, Ubuntu 12.04 LTS |
|
Datum: |
Di, 1. Mai 2012, 14:58 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2111 |
|
Applikationen: |
Samba |
|
Originalnachricht |
--===============7895619225675275911== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="qMm9M+Fa2AknHoGS" Content-Disposition: inline
--qMm9M+Fa2AknHoGS Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
========================================================================== Ubuntu Security Notice USN-1434-1 May 01, 2012
samba vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS - Ubuntu 11.10 - Ubuntu 11.04 - Ubuntu 10.04 LTS
Summary:
Samba could allow a user to gain administrative privileges to the Samba server.
Software Description: - samba: SMB/CIFS file, print, and login server for Unix
Details:
Ivano Cristofolini discovered that Samba incorrectly handled some Local Security Authority (LSA) remote procedure calls (RPC). A remote, authenticated attacker could exploit this to grant administrative privileges to arbitrary users. The administrative privileges could be used to bypass permission checks performed by the Samba server.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 LTS: samba 2:3.6.3-2ubuntu2.1
Ubuntu 11.10: samba 2:3.5.11~dfsg-1ubuntu2.3
Ubuntu 11.04: samba 2:3.5.8~dfsg-1ubuntu2.5
Ubuntu 10.04 LTS: samba 2:3.4.7~dfsg-1ubuntu3.10
After a standard system update you may need to review the privileges of Samba user accounts.
References: http://www.ubuntu.com/usn/usn-1434-1 CVE-2012-2111
Package Information: https://launchpad.net/ubuntu/+source/samba/2:3.6.3-2ubuntu2.1 https://launchpad.net/ubuntu/+source/samba/2:3.5.11~dfsg-1ubuntu2.3 https://launchpad.net/ubuntu/+source/samba/2:3.5.8~dfsg-1ubuntu2.5 https://launchpad.net/ubuntu/+source/samba/2:3.4.7~dfsg-1ubuntu3.10
--qMm9M+Fa2AknHoGS Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)
iQIbBAEBCgAGBQJPn5HaAAoJENaSAD2qAscKrSwP+MHswfkl+o55P/CJaHeZa/h+ fm/DVMmXovM9wKAUCJO3YEqE7hJ+1BT9fXGr/AbDoVUKnn0hk6ilHsVpaDx95x7d O2cng4I9+UTM7gYldmHVWZmxfh+IWovHipvPXm+rFFu2a2THREEbEIa6gNbeNh2E AkjiQY40HpohxMcygYb3JpG/WsRoFBgFbIviOvJBsP/ebvZoba6NgooI6AFTQQ6F Q1a8oFCEBSo8mqityXS11aTrY/e+qJ87vmfI0E6iB/+coAybDZZekHbqJrjUmiPS fbwFZSH0x5zu15/LDwd21D1O/vpYlaA6gsWQsKmdLH8RDROIUvVYmtTKC/oxwnA2 IawP2HB8alpCcRelEbMfiVG14hFnKSlDhZCK6NFYgjjiUgIAKfEE+xGjBVIMGYpw shLq6hO1b2xGbcW8MwamdD2UMO/lX05+uhT3LT67VzRobP3fn1T5QQ0VFgw6IKrO dl5LWxbghqeSh7C88tmidR810bcjHLcjlFdh/b1I0TvMZPoqPj1hW63hJsV539bC XFnlYtgqQQATL7HKU5qZy7a+mzPqDqFGLbo5THrCFRqrCJfURIWTCW3gQQwD6AdY 8gnFXBVmDXOGJxLH5LNEMGqeA9QQtNJPW2B85Y1N2plKFGZOVEQuVJFYznvxrEAs D517Ny8CVfHrCCUdSOI= =iJBu -----END PGP SIGNATURE-----
--qMm9M+Fa2AknHoGS--
--===============7895619225675275911== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============7895619225675275911==--
|
|
|
|