Published: 30/04/2012 Updated: 05/01/2018

CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8

VMScore: 578

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

The (1) CreateAccount, (2) OpenAccount, (3) AddAccountRights, and (4) RemoveAccountRights LSA RPC procedures in smbd in Samba 3.4.x prior to 3.4.17, 3.5.x prior to 3.5.15, and 3.6.x prior to 3.6.5 do not properly restrict modifications to the privileges database, which allows remote authenticated users to obtain the "take ownership" privilege via an LSA connection.

Vulnerable Product	Search on Vulmon	Subscribe to Product
samba samba 3.4.4
samba samba 3.4.5
samba samba 3.4.12
samba samba 3.4.13
samba samba 3.4.1
samba samba 3.4.2
samba samba 3.4.3
samba samba 3.4.10
samba samba 3.4.11
samba samba 3.4.0
samba samba 3.4.8
samba samba 3.4.9
samba samba 3.4.16
samba samba 3.4.6
samba samba 3.4.7
samba samba 3.4.14
samba samba 3.4.15
samba samba 3.5.2
samba samba 3.5.3
samba samba 3.5.11
samba samba 3.5.12
samba samba 3.5.0
samba samba 3.5.1
samba samba 3.5.8
samba samba 3.5.9
samba samba 3.5.10
samba samba 3.5.6
samba samba 3.5.7
samba samba 3.5.4
samba samba 3.5.5
samba samba 3.5.13
samba samba 3.5.14
samba samba 3.6.1
samba samba 3.6.0
samba samba 3.6.4
samba samba 3.6.2
samba samba 3.6.3

Synopsis Important: samba and samba3x security update Type/Severity Security Advisory: Important Topic Updated samba3x and samba packages that fix one security issue are nowavailable for Red Hat Enterprise Linux 5 and 6 respectivelyThe Red Hat Security Response Team has rated this update as havingimportant ...

Samba could allow a user to gain administrative privileges to the Samba server ...

Ivano Cristofolini discovered that insufficient security checks in Samba's handling of LSA RPC calls could lead to privilege escalation by gaining the take ownership privilege For the stable distribution (squeeze), this problem has been fixed in version 356~dfsg-3squeeze8 For the unstable distribution (sid), this problem has been fixed in versi ...

CWE-264 http://www.samba.org/samba/security/CVE-2012-2111 http://www.collax.com/produkte/AllinOne-server-for-small-businesses#id2565578 http://secunia.com/advisories/48999 http://www.ubuntu.com/usn/USN-1434-1 http://secunia.com/advisories/49017 http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00023.html http://www.debian.org/security/2012/dsa-2463 http://secunia.com/advisories/48996 http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079677.html http://osvdb.org/81648 http://secunia.com/advisories/49030 http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00003.html http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079670.html http://rhn.redhat.com/errata/RHSA-2012-0533.html http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079662.html http://www.securitytracker.com/id?1026988 http://secunia.com/advisories/48984 http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00001.html http://secunia.com/advisories/48976 http://marc.info/?l=bugtraq&m=134323086902585&w=2 http://www.mandriva.com/security/advisories?name=MDVSA-2012:067 https://access.redhat.com/errata/RHSA-2012:0533 https://usn.ubuntu.com/1434-1/https://nvd.nist.gov

CVE-2012-2111

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect