Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 414319 (CVE-2012-2111) - <net-fs/samba-3.5.15: Privilege bypass allows remote authenticated users to obtain the "take ownership" (CVE-2012-2111)
Summary: <net-fs/samba-3.5.15: Privilege bypass allows remote authenticated users to o...
Status: RESOLVED FIXED
Alias: CVE-2012-2111
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: http://nvd.nist.gov/nvd.cfm?cvename=C...
Whiteboard: B4 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2012-05-02 01:20 UTC by GLSAMaker/CVETool Bot
Modified: 2012-06-24 13:05 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description GLSAMaker/CVETool Bot gentoo-dev 2012-05-02 01:20:53 UTC
CVE-2012-2111 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2111):
  The (1) CreateAccount, (2) OpenAccount, (3) AddAccountRights, and (4)
  RemoveAccountRights LSA RPC procedures in smbd in Samba 3.4.x before 3.4.17,
  3.5.x before 3.5.15, and 3.6.x before 3.6.5 do not properly restrict
  modifications to the privileges database, which allows remote authenticated
  users to obtain the "take ownership" privilege via an LSA connection.
Comment 1 Patrick Lauer gentoo-dev 2012-05-02 03:27:45 UTC
+  02 May 2012; Patrick Lauer <patrick@gentoo.org> +samba-3.5.15.ebuild,
+  +samba-3.6.5.ebuild:
+  Bump for #414319

There's your ebuilds, 3.5.15 needs to be stabled now.
Comment 2 Patrick Lauer gentoo-dev 2012-05-02 03:33:01 UTC
Arch teams: please stabilize =net-fs/samba-3.5.15 

target keywords: "alpha amd64 arm hppa ia64 ~mips ppc ppc64 s390 sh sparc x86 ~x86-fbsd"
Comment 3 Jeff (JD) Horelick (RETIRED) gentoo-dev 2012-05-02 05:08:11 UTC
x86 stable
Comment 4 Maurizio Camisaschi (amd64 AT) 2012-05-02 12:50:45 UTC
amd64 ok
Comment 5 Agostino Sarubbo gentoo-dev 2012-05-02 17:21:15 UTC
amd64 stable
Comment 6 Jeroen Roovers gentoo-dev 2012-05-04 15:07:07 UTC
Stable for HPPA.
Comment 7 Markus Meier gentoo-dev 2012-05-05 09:16:34 UTC
arm stable
Comment 8 Raúl Porcel (RETIRED) gentoo-dev 2012-05-05 17:36:54 UTC
alpha/ia64/s390/sh/sparc stable
Comment 9 Brent Baude (RETIRED) gentoo-dev 2012-05-10 19:33:49 UTC
ppc64 done
Comment 10 Brent Baude (RETIRED) gentoo-dev 2012-05-21 19:04:13 UTC
ppc done
Comment 11 Sean Amoss gentoo-dev Security 2012-05-22 20:10:23 UTC
Thanks, everyone. 

GLSA vote: yes.
Comment 12 Tim Sammut (RETIRED) gentoo-dev 2012-05-23 02:54:41 UTC
GLSA Vote: yes. Added to existing GLSA draft.
Comment 13 GLSAMaker/CVETool Bot gentoo-dev 2012-06-24 13:05:49 UTC
This issue was resolved and addressed in
 GLSA 201206-22 at http://security.gentoo.org/glsa/glsa-201206-22.xml
by GLSA coordinator Sean Amoss (ackle).