Mandriva Update For Samba MDVSA-2012:067 (samba) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

A vulnerability has been found and corrected in samba: Security checks were incorrectly applied to the Local Security Authority (LSA) remote proceedure calls (RPC) CreateAccount, OpenAccount, AddAccountRights and RemoveAccountRights allowing any authenticated user to modify the privileges database (CVE-2012-2111). The updated packages have been patched to correct this issue.

Affected

samba on Mandriva Linux 2011.0, Mandriva Linux 2010.1

Severity

Classification

CVE CVE-2012-2111
CVSS Base Score: 6.5
AV:N/AC:L/Au:S/C:P/I:P/A:P

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:004 (pam_mount)
Mandrake Security Advisory MDVSA-2009:079 (postgresql)
Mandrake Security Advisory MDVSA-2009:211 (expat)
Mandrake Security Advisory MDVSA-2009:123 (opensc)
Mandrake Security Advisory MDVSA-2009:200 (libxml)

Mandriva Update for samba MDVSA-2012:067 (samba)

Take action and discover your vulnerabilities