Mandriva Update For Samba MDVSA-2012:067 (samba) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

A vulnerability has been found and corrected in samba: Security checks were incorrectly applied to the Local Security Authority (LSA) remote proceedure calls (RPC) CreateAccount, OpenAccount, AddAccountRights and RemoveAccountRights allowing any authenticated user to modify the privileges database (CVE-2012-2111). The updated packages have been patched to correct this issue.

Affected

samba on Mandriva Linux 2011.0, Mandriva Linux 2010.1

Severity

Classification

CVE CVE-2012-2111

CVSS	Base Score: 6.5 AV:N/AC:L/Au:S/C:P/I:P/A:P

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:208 (libgadu)
Mandrake Security Advisory MDVSA-2009:032 (kernel)
Mandrake Security Advisory MDVSA-2009:167 (php)
Mandrake Security Advisory MDVSA-2009:043 (gnumeric)
Mandrake Security Advisory MDVSA-2009:053 (squirrelmail)

Mandriva Update for samba MDVSA-2012:067 (samba)

Take action and discover your vulnerabilities