Anfälligkeitssuche        Suche in 211766 CVE Beschreibungen
und 97459 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:
Kategorie:SuSE Local Security Checks
Titel:SUSE: Security Advisory (SUSE-SU-2012:0515-1)
Zusammenfassung:The remote host is missing an update for the 'Samba' package(s) announced via the SUSE-SU-2012:0515-1 advisory.
The remote host is missing an update for the 'Samba' package(s) announced via the SUSE-SU-2012:0515-1 advisory.

Vulnerability Insight:
The following issues have been fixed in Samba:

* CVE-2012-1182: PIDL based autogenerated code uses client supplied size values which allows attackers to write beyond the allocated array size
* CVE-2012-0870: Ensure AndX offsets are increasing strictly monotonically in pre-3.4 versions
* CVE-2012-0817: Fix memory leak in parent smbd on connection

Also the following non-security bugs have been fixed:

* s3-winbindd: Only use SamLogonEx when we can get unencrypted session keys, (bso#8599).
* Correctly handle DENY ACEs when privileges apply,
* s3:smb2_server: fix a logic error, we should sign non guest sessions, (bso8749).
* Allow vfs_aio_pthread to build as a static module,
* s3:dbwrap_ctdb: return the number of records in db_ctdb_traverse() for persistent dbs, (#bso8527).
* s3: segfault in dom_sid_compare(bso#8567).
* Honor SeTakeOwnershiPrivilege when client asks for SEC_STD_WRITE_OWNER, (bso#8768).
* s3-winbindd: Close netlogon connection if the status returned by the NetrSamLogonEx call is timeout in the pam_auth_crap path, (bso#8771).
* s3-winbindd: set the can_do_validation6 also for trusted domain, (bso#8599).
* Fix problem when calculating the share security mask,
take priviliges into account for the connecting user,
* Fix crash in dcerpc_lsa_lookup_sids_noalloc() with over 1000 groups, (bso#8807), (bnc#751454).
* s3-printing: fix crash in printer_list_set_printer(),
(bso#8762), (bnc#746825).
* s3:winbindd fix a return code check, (bso#8406).
* s3: Add rmdir operation to streams_depot, (bso#8733).
* s3:smbd:smb2: fix an assignment-instead-of-check bug conn_snum_used(), (bso#8738).
* s3:auth: fill the sids array of the info3 in wbcAuthUserInfo_to_netr_SamInfo3(), (bso#8739).
* Do not map POSIX execute permission to Windows FILE_READ_ATTRIBUTES, (bso#8631), (bnc#732572).
* Remove all precompiled idl output to ensure any pidl changes take effect, (bnc#757080).

Affected Software/OS:
'Samba' package(s) on SUSE Linux Enterprise Software Development Kit 11 SP2, SUSE Linux Enterprise Server 11 SP2, SUSE Linux Enterprise Desktop 11 SP2

Please install the updated package(s).

CVSS Score:

CVSS Vector:

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2012-0817
SuSE Security Announcement: SUSE-SU-2012:0502 (Google Search)
SuSE Security Announcement: SUSE-SU-2012:0515 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2012-0870
SuSE Security Announcement: SUSE-SU-2012:0337 (Google Search)
SuSE Security Announcement: SUSE-SU-2012:0338 (Google Search)
XForce ISS Database: blackberry-playbook-samba-code-execution(73361)
Common Vulnerability Exposure (CVE) ID: CVE-2012-1182
Debian Security Information: DSA-2450 (Google Search)
HPdes Security Advisory: HPSBMU02790
HPdes Security Advisory: HPSBUX02789
HPdes Security Advisory: SSRT100824
HPdes Security Advisory: SSRT100872
SuSE Security Announcement: SUSE-SU-2012:0501 (Google Search)
SuSE Security Announcement: SUSE-SU-2012:0504 (Google Search)
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

Dies ist nur einer von 97459 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

© 1998-2021 E-Soft Inc. Alle Rechte vorbehalten.