Samba CVE-2012-2111 Remote Security Bypass Vulnerability
BID:53307
Info
Samba CVE-2012-2111 Remote Security Bypass Vulnerability
| Bugtraq ID: | 53307 |
| Class: | Access Validation Error |
| CVE: |
CVE-2012-2111 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 30 2012 12:00AM |
| Updated: | Apr 13 2015 08:39PM |
| Credit: | Ivano Cristofolini |
| Vulnerable: |
Ubuntu Ubuntu Linux 12.04 LTS i386 Ubuntu Ubuntu Linux 12.04 LTS amd64 Ubuntu Ubuntu Linux 11.10 i386 Ubuntu Ubuntu Linux 11.10 amd64 Ubuntu Ubuntu Linux 11.04 powerpc Ubuntu Ubuntu Linux 11.04 i386 Ubuntu Ubuntu Linux 11.04 ARM Ubuntu Ubuntu Linux 11.04 amd64 Ubuntu Ubuntu Linux 10.04 sparc Ubuntu Ubuntu Linux 10.04 powerpc Ubuntu Ubuntu Linux 10.04 i386 Ubuntu Ubuntu Linux 10.04 ARM Ubuntu Ubuntu Linux 10.04 amd64 SuSE SUSE Linux Enterprise Server for VMware 11 SP2 SuSE SUSE Linux Enterprise Server for VMware 11 SP1 SuSE SUSE Linux Enterprise Server 11 SP2 SuSE SUSE Linux Enterprise Server 11 SP1 SuSE SUSE Linux Enterprise Server 10 GPLv3 Extras SuSE SUSE Linux Enterprise SDK 11 SP2 SuSE SUSE Linux Enterprise SDK 11 SP1 SuSE SUSE Linux Enterprise Desktop 11 SP2 SuSE SUSE Linux Enterprise Desktop 11 SP1 SuSE openSUSE 12.1 SuSE openSUSE 11.4 Samba Samba 3.6.4 Samba Samba 3.6.3 Samba Samba 3.6.2 Samba Samba 3.6.1 Samba Samba 3.6 Samba Samba 3.5.9 Samba Samba 3.5.9 Samba Samba 3.5.8 Samba Samba 3.5.2 Samba Samba 3.5.1 Samba Samba 3.5 Samba Samba 3.4.14 Samba Samba 3.4.13 Samba Samba 3.4.12 Samba Samba 3.4.11 Samba Samba 3.4.10 Samba Samba 3.4.8 Samba Samba 3.4.7 Samba Samba 3.4.6 Samba Samba 3.4.5 Samba Samba 3.4.2 Samba Samba 3.4.1 Samba Samba 3.4 Samba Samba 3.5.7 Samba Samba 3.5.6 Samba Samba 3.5.5 Samba Samba 3.5.4 Samba Samba 3.5.3 Samba Samba 3.5.14 Samba Samba 3.5.11 Samba Samba 3.5.10 Samba Samba 3.5 Samba Samba 3.4.9 Samba Samba 3.4.4 Samba Samba 3.4.3 Samba Samba 3.4.16 RedHat Enterprise Linux Desktop Workstation 5 client Red Hat Enterprise Linux Workstation Optional 6 Red Hat Enterprise Linux Workstation 6 Red Hat Enterprise Linux Server Optional 6 Red Hat Enterprise Linux Server 6 Red Hat Enterprise Linux HPC Node Optional 6 Red Hat Enterprise Linux HPC Node 6 Red Hat Enterprise Linux Desktop Optional 6 Red Hat Enterprise Linux Desktop 6 Red Hat Enterprise Linux Desktop 5 client Red Hat Enterprise Linux 5 Server Oracle Enterprise Linux 6 Oracle Enterprise Linux 5 Mandriva Linux Mandrake 2011 x86_64 Mandriva Linux Mandrake 2011 Mandriva Linux Mandrake 2010.1 x86_64 Mandriva Linux Mandrake 2010.1 IBM Scale Out Network Attached Storage 1.3.0.5 IBM Scale Out Network Attached Storage 1.3.0.4 HP HP-UX B.11.31 HP HP-UX B.11.23 Gentoo Linux Collax Collax Business Server 5.5 Avaya IP Office Application Server 8.1 |
| Not Vulnerable: |
Samba Samba 3.6.5 Samba Samba 3.5.15 Samba Samba 3.4.17 Collax Collax Business Server 5.5.2 |
Discussion
Samba CVE-2012-2111 Remote Security Bypass Vulnerability
Samba is prone to a security-bypass vulnerability.
Successfully exploiting this issue may allow an attacker to modify privileges on a file server and perform unauthorized actions.
Versions prior to Samba 3.6.5, 3.5.15 and 3.4.17 are vulnerable.
Samba is prone to a security-bypass vulnerability.
Successfully exploiting this issue may allow an attacker to modify privileges on a file server and perform unauthorized actions.
Versions prior to Samba 3.6.5, 3.5.15 and 3.4.17 are vulnerable.
Exploit / POC
Samba CVE-2012-2111 Remote Security Bypass Vulnerability
Currently we are not aware of any exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Samba CVE-2012-2111 Remote Security Bypass Vulnerability
Solution:
Updates are available. Please see the references for more information.
Mandriva Linux Mandrake 2010.1 x86_64
Mandriva Linux Mandrake 2010.1
Mandriva Linux Mandrake 2011 x86_64
Mandriva Linux Mandrake 2011
Solution:
Updates are available. Please see the references for more information.
Mandriva Linux Mandrake 2010.1 x86_64
-
Mandriva lib64netapi-devel-3.5.3-3.6mdv2010.2.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva lib64netapi0-3.5.3-3.6mdv2010.2.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva lib64smbclient0-3.5.3-3.6mdv2010.2.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva lib64smbclient0-devel-3.5.3-3.6mdv2010.2.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva lib64smbclient0-static-devel-3.5.3-3.6mdv2010.2.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva lib64smbsharemodes-devel-3.5.3-3.6mdv2010.2.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva lib64smbsharemodes0-3.5.3-3.6mdv2010.2.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva lib64wbclient-devel-3.5.3-3.6mdv2010.2.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva lib64wbclient0-3.5.3-3.6mdv2010.2.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva mount-cifs-3.5.3-3.6mdv2010.2.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva nss_wins-3.5.3-3.6mdv2010.2.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva samba-client-3.5.3-3.6mdv2010.2.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva samba-common-3.5.3-3.6mdv2010.2.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva samba-doc-3.5.3-3.6mdv2010.2.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva samba-domainjoin-gui-3.5.3-3.6mdv2010.2.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva samba-server-3.5.3-3.6mdv2010.2.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva samba-swat-3.5.3-3.6mdv2010.2.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva samba-winbind-3.5.3-3.6mdv2010.2.x86_64.rpm
http://www.mandriva.com/en/downloads/
Mandriva Linux Mandrake 2010.1
-
Mandriva libnetapi-devel-3.5.3-3.6mdv2010.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libnetapi0-3.5.3-3.6mdv2010.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libsmbclient0-3.5.3-3.6mdv2010.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libsmbclient0-devel-3.5.3-3.6mdv2010.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libsmbclient0-static-devel-3.5.3-3.6mdv2010.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libsmbsharemodes-devel-3.5.3-3.6mdv2010.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libsmbsharemodes0-3.5.3-3.6mdv2010.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libwbclient-devel-3.5.3-3.6mdv2010.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libwbclient0-3.5.3-3.6mdv2010.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva mount-cifs-3.5.3-3.6mdv2010.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva nss_wins-3.5.3-3.6mdv2010.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva samba-client-3.5.3-3.6mdv2010.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva samba-common-3.5.3-3.6mdv2010.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva samba-doc-3.5.3-3.6mdv2010.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva samba-domainjoin-gui-3.5.3-3.6mdv2010.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva samba-server-3.5.3-3.6mdv2010.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva samba-swat-3.5.3-3.6mdv2010.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva samba-winbind-3.5.3-3.6mdv2010.2.i586.rpm
http://www.mandriva.com/en/downloads/
Mandriva Linux Mandrake 2011 x86_64
-
Mandriva lib64netapi-devel-3.5.10-1.3-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva lib64netapi0-3.5.10-1.3-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva lib64smbclient0-3.5.10-1.3-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva lib64smbclient0-devel-3.5.10-1.3-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva lib64smbclient0-static-devel-3.5.10-1.3-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva lib64smbsharemodes-devel-3.5.10-1.3-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva lib64smbsharemodes0-3.5.10-1.3-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva lib64wbclient-devel-3.5.10-1.3-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva lib64wbclient0-3.5.10-1.3-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva mount-cifs-3.5.10-1.3-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva nss_wins-3.5.10-1.3-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva samba-client-3.5.10-1.3-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva samba-common-3.5.10-1.3-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva samba-doc-3.5.10-1.3-mdv2011.0.noarch.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva samba-domainjoin-gui-3.5.10-1.3-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva samba-server-3.5.10-1.3-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva samba-swat-3.5.10-1.3-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva samba-winbind-3.5.10-1.3-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/
Mandriva Linux Mandrake 2011
-
Mandriva libnetapi-devel-3.5.10-1.3-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libnetapi0-3.5.10-1.3-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libsmbclient0-3.5.10-1.3-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libsmbclient0-devel-3.5.10-1.3-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libsmbclient0-static-devel-3.5.10-1.3-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libsmbsharemodes-devel-3.5.10-1.3-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libsmbsharemodes0-3.5.10-1.3-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libwbclient-devel-3.5.10-1.3-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libwbclient0-3.5.10-1.3-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva mount-cifs-3.5.10-1.3-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva nss_wins-3.5.10-1.3-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva samba-client-3.5.10-1.3-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva samba-common-3.5.10-1.3-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva samba-doc-3.5.10-1.3-mdv2011.0.noarch.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva samba-domainjoin-gui-3.5.10-1.3-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva samba-server-3.5.10-1.3-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva samba-swat-3.5.10-1.3-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva samba-winbind-3.5.10-1.3-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/