(RHSA-2012:0332) Critical: samba security update

2012-02-2300:00:00

access.redhat.com

7.9 High

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:M/Au:N/C:C/I:C/A:C

0.959 High

EPSS

Percentile

99.3%

JSON

Samba is a suite of programs used by machines to share files, printers, and
other information.

An input validation flaw was found in the way Samba handled Any Batched
(AndX) requests. A remote, unauthenticated attacker could send a
specially-crafted SMB packet to the Samba server, possibly resulting in
arbitrary code execution with the privileges of the Samba server (root).
(CVE-2012-0870)

Red Hat would like to thank the Samba team for reporting this issue.
Upstream acknowledges Andy Davis of NGS Secure as the original reporter.

Users of Samba are advised to upgrade to these updated packages, which
contain a backported patch to resolve this issue. After installing this
update, the smb service will be restarted automatically.

OSVersionArchitecturePackageVersionFilename
RedHat5s390xsamba-common< 3.0.33-3.38.el5_8samba-common-3.0.33-3.38.el5_8.s390x.rpm
RedHat5ia64samba-common< 3.0.33-3.29.el5_6.4samba-common-3.0.33-3.29.el5_6.4.ia64.rpm
RedHat4i386samba-swat< 3.0.33-0.35.el4samba-swat-3.0.33-0.35.el4.i386.rpm
RedHat5i386samba-swat< 3.0.33-3.29.el5_6.4samba-swat-3.0.33-3.29.el5_6.4.i386.rpm
RedHat5i386samba< 3.0.33-3.29.el5_6.4samba-3.0.33-3.29.el5_6.4.i386.rpm
RedHat5ppcsamba-debuginfo< 3.0.33-3.38.el5_8samba-debuginfo-3.0.33-3.38.el5_8.ppc.rpm
RedHat5ppc64samba-common< 3.0.33-3.29.el5_6.4samba-common-3.0.33-3.29.el5_6.4.ppc64.rpm
RedHat5s390xsamba-swat< 3.0.33-3.29.el5_6.4samba-swat-3.0.33-3.29.el5_6.4.s390x.rpm
RedHat5s390xlibsmbclient< 3.0.33-3.29.el5_6.4libsmbclient-3.0.33-3.29.el5_6.4.s390x.rpm
RedHat5ia64libsmbclient< 3.0.33-3.29.el5_6.4libsmbclient-3.0.33-3.29.el5_6.4.ia64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	5	s390x	samba-common	< 3.0.33-3.38.el5_8	samba-common-3.0.33-3.38.el5_8.s390x.rpm
RedHat	5	ia64	samba-common	< 3.0.33-3.29.el5_6.4	samba-common-3.0.33-3.29.el5_6.4.ia64.rpm
RedHat	4	i386	samba-swat	< 3.0.33-0.35.el4	samba-swat-3.0.33-0.35.el4.i386.rpm
RedHat	5	i386	samba-swat	< 3.0.33-3.29.el5_6.4	samba-swat-3.0.33-3.29.el5_6.4.i386.rpm
RedHat	5	i386	samba	< 3.0.33-3.29.el5_6.4	samba-3.0.33-3.29.el5_6.4.i386.rpm
RedHat	5	ppc	samba-debuginfo	< 3.0.33-3.38.el5_8	samba-debuginfo-3.0.33-3.38.el5_8.ppc.rpm
RedHat	5	ppc64	samba-common	< 3.0.33-3.29.el5_6.4	samba-common-3.0.33-3.29.el5_6.4.ppc64.rpm
RedHat	5	s390x	samba-swat	< 3.0.33-3.29.el5_6.4	samba-swat-3.0.33-3.29.el5_6.4.s390x.rpm
RedHat	5	s390x	libsmbclient	< 3.0.33-3.29.el5_6.4	libsmbclient-3.0.33-3.29.el5_6.4.s390x.rpm
RedHat	5	ia64	libsmbclient	< 3.0.33-3.29.el5_6.4	libsmbclient-3.0.33-3.29.el5_6.4.ia64.rpm