Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:10707
HistoryJan 15, 2019 - 8:51 a.m.

Authorization Bypass

2019-01-1508:51:03
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
12

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

JSON

samba is vulnerable to authorization bypass attacks. The vulnerabiltiy exists as the (1) CreateAccount, (2) OpenAccount, (3) AddAccountRights, and (4) RemoveAccountRights LSA RPC procedures in smbd in Samba 3.4.x before 3.4.17, 3.5.x before 3.5.15, and 3.6.x before 3.6.5 do not properly restrict modifications to the privileges database, which allows remote authenticated users to obtain the “take ownership” privilege via an LSA connection.

References

Related

nessus 18
osv 1
openvas 37
samba 1
fedora 7
securityvulns 3
ubuntu 1
suse 4
redhat 1
ibm 2
freebsd 1
prion 1
altlinux 1
ubuntucve 1
cve 1
centos 1
oraclelinux 1
debian 1
debiancve 1
gentoo 1
nessus
nessus
Mandriva Linux Security Advisory : samba (MDVSA-2012:067)
2012-05-01 00:00:00
Debian DSA-2463-1 : samba - missing permission checks
2012-05-03 00:00:00
Fedora 16 : samba-3.6.5-85.fc16 (2012-7006)
2012-05-04 00:00:00
osv
osv
samba - missing permission checks
2012-05-02 00:00:00
openvas
openvas
Fedora Update for evolution-mapi FEDORA-2012-7317
2012-08-30 00:00:00
Ubuntu Update for samba USN-1434-1
2012-05-04 00:00:00
RedHat Update for samba and samba3x RHSA-2012:0533-01
2012-05-04 00:00:00
samba
samba
Incorrect permission checks when granting/removing
2012-04-30 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: samba-3.6.5-85.fc17.1
2012-05-02 20:57:30
[SECURITY] Fedora 17 Update: openchange-1.0-6.fc17
2012-05-08 04:16:26
[SECURITY] Fedora 17 Update: samba4-4.0.0-47alpha18.fc17
2012-05-08 04:16:26
securityvulns
securityvulns
Samba privilege escalation
2012-05-10 00:00:00
[ MDVSA-2012:067 ] samba
2012-05-10 00:00:00
HP System Management Homepage multiple security vulnerabilities
2013-07-19 00:00:00
ubuntu
ubuntu
Samba vulnerability
2012-05-01 00:00:00
suse
suse
update for samba (important)
2012-05-04 15:08:17
Security update for Samba (important)
2012-05-01 00:08:25
Security update for Samba (important)
2012-05-07 17:08:21
redhat
redhat
(RHSA-2012:0533) Important: samba and samba3x security update
2012-04-30 00:00:00
ibm
ibm
Security Bulletin: Storwize V7000 Unified Fix Available for Incorrect Permission Checks when Granting/Removing Privilege (CVE-2012-2111)
2022-09-26 04:23:14
Security Bulletin: SONAS Fix Available for Incorrect Permission Checks when Granting/Removing Privilege (CVE-2012-2111)
2022-09-26 04:23:14
freebsd
freebsd
samba -- incorrect permission checks vulnerability
2012-04-30 00:00:00
prion
prion
Design/Logic Flaw
2012-04-30 14:55:00
altlinux
altlinux
Security fix for the ALT Linux 6 package samba version 3.5.15-alt1.M60P.1
2012-05-02 00:00:00
ubuntucve
ubuntucve
CVE-2012-2111
2012-04-30 00:00:00
cve
cve
CVE-2012-2111
2012-04-30 14:55:00
centos
centos
libsmbclient, samba, samba3x security update
2012-04-30 22:24:11
oraclelinux
oraclelinux
samba and samba3x security update
2012-04-30 00:00:00
debian
debian
[SECURITY] [DSA 2463-1] samba security update
2012-05-02 15:33:03
debiancve
debiancve
CVE-2012-2111
2012-04-30 14:55:00
gentoo
gentoo
Samba: Multiple vulnerabilities
2012-06-24 00:00:00

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

JSON
Related for VERACODE:10707
nessus18osv1openvas37samba1fedora7securityvulns3ubuntu1suse4redhat1ibm2freebsd1prion1altlinux1ubuntucve1cve1centos1oraclelinux1debian1debiancve1gentoo1