#VU32799 Permissions, Privileges, and Access Controls in Samba - CVE-2012-2111

Description

The vulnerability allows a remote #AU# to read and manipulate data.

The (1) CreateAccount, (2) OpenAccount, (3) AddAccountRights, and (4) RemoveAccountRights LSA RPC procedures in smbd in Samba 3.4.x before 3.4.17, 3.5.x before 3.5.15, and 3.6.x before 3.6.5 do not properly restrict modifications to the privileges database, which allows remote authenticated users to obtain the "take ownership" privilege via an LSA connection.

Remediation

External links

• http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079662.html
• http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079670.html
• http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079677.html
• http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00023.html
• http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00001.html
• http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00003.html
• http://marc.info/?l=bugtraq&m=134323086902585&w=2
• http://osvdb.org/81648
• http://rhn.redhat.com/errata/RHSA-2012-0533.html
• http://secunia.com/advisories/48976
• http://secunia.com/advisories/48984
• http://secunia.com/advisories/48996
• http://secunia.com/advisories/48999
• http://secunia.com/advisories/49017
• http://secunia.com/advisories/49030
• http://www.collax.com/produkte/AllinOne-server-for-small-businesses#id2565578
• http://www.debian.org/security/2012/dsa-2463
• http://www.mandriva.com/security/advisories?name=MDVSA-2012:067
• http://www.samba.org/samba/security/CVE-2012-2111
• http://www.securitytracker.com/id?1026988
• http://www.ubuntu.com/usn/USN-1434-1