Ausführen beliebiger Kommandos in Samba
ID: | USN-1374-1 |
Distribution: | Ubuntu |
Plattformen: | Ubuntu 8.04 LTS |
Datum: | Fr, 24. Februar 2012, 16:32 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0870 |
Applikationen: | Samba |
Originalnachricht |
|
--===============0476436308085455399== Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="=-In9okCcXcw1ZoU77Rcha" --=-In9okCcXcw1ZoU77Rcha Content-Type: text/plain; charset="UTF-8 Content-Transfer-Encoding: quoted-printable ========================================================================== Ubuntu Security Notice USN-1374-1 February 24, 2012 samba vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 8.04 LTS Summary: Samba could be made to crash or run programs if it received specially crafted network traffic. Software Description: - samba: SMB/CIFS file, print, and login server for Unix Details: Andy Davis discovered that Samba incorrectly handled certain AndX offsets. A remote attacker could send a specially crafted request to the server and cause a denial of service, or possibly execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 8.04 LTS: samba 3.0.28a-1ubuntu4.17 In general, a standard system update will make all the necessary changes. References: http://www.ubuntu.com/usn/usn-1374-1 CVE-2012-0870 Package Information: https://launchpad.net/ubuntu/+source/samba/3.0.28a-1ubuntu4.17 --Òn9okCcXcw1ZoU77Rcha Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQIcBAABCgAGBQJPR6rMAAoJEGVp2FWnRL6TtpgP/jFl5RjVj5gtXJtxMciXukc7 g8Sj+9b7OPuTHMZn6rMsPhFTfFi0GKYt64o2zCdJm9aD2FqiLxQnrfImAnHlka08 2KkXg9WqmBLS1+8I05Al42n/xH7VPefF3CbJzL0k4ByXJFszBUugAVsfBpJ5tIkg 3u0VGgdD3fr0/8fMRrtxiiXXvq7lrKu0TGiDt+xvjp4Hgc7ZaoHYEToW/jAfqSHn Og5apnl4UcKlPo11MNQi28PhuKnkCCZWf+oDE8Oe9bVZpxxUe4Rrdx1JMyNlG66f mv92GRRvFDg/zxTLfegcIbGbwPnWl//u4jmQRdvjQ0o1XVAsnzfaBRBNEhWyRqLB VgoWCckEQNjSgoe/KbkWGzKQTKoQWP8yIPuMk9dJLJ8YHP+y3WB8ZuwG/yEy63HV 0ADp47qjAbEvAAJrRRredgqyZSBjHr76NswVkqNHU5I7S/itpkOwpN5zSoG7j2ru R4xd/sUXvuMCm0eNrcP/jTHL1I6/h4M0gSFnjoEzg1E40YwW1IJCtggQaE2SPZrz i4TY7KMtUVNctghr6pAw+GCzKnvFjs2y3HiFvErOx7IjQDs0kny/jCJbyHucN47n svsrSQVqM7mwisYzmXrbyfdwzQ7XQlg/9yyufJMiONCutplZCFJrGkH6pJfP5+t+ O1Mz5CIjjQpFYkQKU/ZB =5HC5 -----END PGP SIGNATURE----- --=-In9okCcXcw1ZoU77Rcha-- --===============0476436308085455399== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline -- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce --===============0476436308085455399==-- |