← voltar
CVE-2012-2111

CVE-2012-2111

EPSS 4.8%
The (1) CreateAccount, (2) OpenAccount, (3) AddAccountRights, and (4) RemoveAccountRights LSA RPC procedures in smbd in Samba 3.4.x before 3.4.17, 3.5.x before 3.5.15, and 3.6.x before 3.6.5 do not properly restrict modifications to the privileges database, which allows remote authenticated users to obtain the "take ownership" privilege via an LSA connection.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079662.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2012-May/079670.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2012-May/079677.htmlhttp://lists.opensuse.org/opensuse-security-announce/2012-04/msg00023.htmlhttp://lists.opensuse.org/opensuse-security-announce/2012-05/msg00001.htmlhttp://lists.opensuse.org/opensuse-security-announce/2012-05/msg00003.htmlhttp://marc.info/?l=bugtraq&m=134323086902585&w=2http://osvdb.org/81648http://rhn.redhat.com/errata/RHSA-2012-0533.htmlhttp://secunia.com/advisories/48976http://secunia.com/advisories/48984http://secunia.com/advisories/48996