Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2012:0533
HistoryApr 30, 2012 - 12:00 a.m.

(RHSA-2012:0533) Important: samba and samba3x security update

2012-04-3000:00:00
access.redhat.com
13

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

70.3%

JSON

Samba is an open-source implementation of the Server Message Block (SMB) or
Common Internet File System (CIFS) protocol, which allows PC-compatible
machines to share files, printers, and other information.

A flaw was found in the way Samba handled certain Local Security Authority
(LSA) Remote Procedure Calls (RPC). An authenticated user could use this
flaw to issue an RPC call that would modify the privileges database on the
Samba server, allowing them to steal the ownership of files and directories
that are being shared by the Samba server, and create, delete, and modify
user accounts, as well as other Samba server administration tasks.
(CVE-2012-2111)

Red Hat would like to thank the Samba project for reporting this issue.
Upstream acknowledges Ivano Cristofolini as the original reporter.

Users of Samba are advised to upgrade to these updated packages, which
contain a backported patch to resolve this issue. After installing this
update, the smb service will be restarted automatically.

OSVersionArchitecturePackageVersionFilename
RedHat6s390samba-common< 3.5.10-116.el6_2samba-common-3.5.10-116.el6_2.s390.rpm
RedHat6i686samba-domainjoin-gui< 3.5.10-116.el6_2samba-domainjoin-gui-3.5.10-116.el6_2.i686.rpm
RedHat5i386samba3x-winbind< 3.5.10-0.109.el5_8samba3x-winbind-3.5.10-0.109.el5_8.i386.rpm
RedHat6s390xsamba-client< 3.5.10-116.el6_2samba-client-3.5.10-116.el6_2.s390x.rpm
RedHat6i686samba-swat< 3.5.10-116.el6_2samba-swat-3.5.10-116.el6_2.i686.rpm
RedHat6i686libsmbclient< 3.5.10-116.el6_2libsmbclient-3.5.10-116.el6_2.i686.rpm
RedHat6ppcsamba-debuginfo< 3.5.10-116.el6_2samba-debuginfo-3.5.10-116.el6_2.ppc.rpm
RedHat6ppc64samba-client< 3.5.10-116.el6_2samba-client-3.5.10-116.el6_2.ppc64.rpm
RedHat5ppcsamba3x-winbind< 3.5.10-0.109.el5_8samba3x-winbind-3.5.10-0.109.el5_8.ppc.rpm
RedHat6s390samba-winbind-devel< 3.5.10-116.el6_2samba-winbind-devel-3.5.10-116.el6_2.s390.rpm
Rows per page:
1-10 of 1101

Related

openvas 33
nessus 18
securityvulns 3
fedora 7
ubuntu 1
osv 1
veracode 1
samba 1
ibm 2
suse 4
freebsd 1
oraclelinux 1
debian 1
debiancve 1
altlinux 1
prion 1
cve 1
centos 1
ubuntucve 1
gentoo 1
openvas
openvas
Fedora Update for openchange FEDORA-2012-7317
2012-08-30 00:00:00
SuSE Update for update openSUSE-SU-2012:0583-1 (update)
2012-12-13 00:00:00
CentOS Update for samba3x CESA-2012:0533 centos5
2012-07-30 00:00:00
nessus
nessus
RHEL 5 / 6 : samba and samba3x (RHSA-2012:0533)
2012-05-01 00:00:00
SuSE 11.2 Security Update : Samba (SAT Patch Number 6211)
2012-05-01 00:00:00
openSUSE Security Update : samba (openSUSE-SU-2012:0583-1)
2014-06-13 00:00:00
securityvulns
securityvulns
Samba privilege escalation
2012-05-10 00:00:00
[ MDVSA-2012:067 ] samba
2012-05-10 00:00:00
HP System Management Homepage multiple security vulnerabilities
2013-07-19 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: openchange-1.0-6.fc17
2012-05-08 04:16:26
[SECURITY] Fedora 17 Update: samba4-4.0.0-47alpha18.fc17
2012-05-08 04:16:26
[SECURITY] Fedora 17 Update: samba-3.6.5-85.fc17.1
2012-05-02 20:57:30
ubuntu
ubuntu
Samba vulnerability
2012-05-01 00:00:00
osv
osv
samba - missing permission checks
2012-05-02 00:00:00
veracode
veracode
Authorization Bypass
2019-01-15 08:51:03
samba
samba
Incorrect permission checks when granting/removing
2012-04-30 00:00:00
ibm
ibm
Security Bulletin: Storwize V7000 Unified Fix Available for Incorrect Permission Checks when Granting/Removing Privilege (CVE-2012-2111)
2022-09-26 04:23:14
Security Bulletin: SONAS Fix Available for Incorrect Permission Checks when Granting/Removing Privilege (CVE-2012-2111)
2022-09-26 04:23:14
suse
suse
update for samba (important)
2012-05-04 15:08:17
Security update for Samba (important)
2012-05-01 00:08:25
Security update for Samba (important)
2012-05-07 17:08:21
freebsd
freebsd
samba -- incorrect permission checks vulnerability
2012-04-30 00:00:00
oraclelinux
oraclelinux
samba and samba3x security update
2012-04-30 00:00:00
debian
debian
[SECURITY] [DSA 2463-1] samba security update
2012-05-02 15:33:03
debiancve
debiancve
CVE-2012-2111
2012-04-30 14:55:00
altlinux
altlinux
Security fix for the ALT Linux 6 package samba version 3.5.15-alt1.M60P.1
2012-05-02 00:00:00
prion
prion
Design/Logic Flaw
2012-04-30 14:55:00
cve
cve
CVE-2012-2111
2012-04-30 14:55:00
centos
centos
libsmbclient, samba, samba3x security update
2012-04-30 22:24:11
ubuntucve
ubuntucve
CVE-2012-2111
2012-04-30 00:00:00
gentoo
gentoo
Samba: Multiple vulnerabilities
2012-06-24 00:00:00

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

70.3%

JSON
Related for RHSA-2012:0533
openvas33nessus18securityvulns3fedora7ubuntu1osv1veracode1samba1ibm2suse4freebsd1oraclelinux1debian1debiancve1altlinux1prion1cve1centos1ubuntucve1gentoo1