Mandrake Local Security Checks : Mandriva Update for samba MDVSA-2012:067 (samba)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.831570

Categoría: Mandrake Local Security Checks

Título: Mandriva Update for samba MDVSA-2012:067 (samba)

Resumen: The remote host is missing an update for the 'samba'; package(s) announced via the referenced advisory.

Descripción: Summary:
The remote host is missing an update for the 'samba'
package(s) announced via the referenced advisory.

Vulnerability Insight:
A vulnerability has been found and corrected in samba:

Security checks were incorrectly applied to the Local Security
Authority (LSA) remote procedure calls (RPC) CreateAccount,
OpenAccount, AddAccountRights and RemoveAccountRights allowing any
authenticated user to modify the privileges database (CVE-2012-2111).

The updated packages have been patched to correct this issue.

Affected Software/OS:
samba on Mandriva Linux 2011.0,
Mandriva Linux 2010.1

Solution:
Please Install the Updated Packages.

CVSS Score:
6.5

CVSS Vector:
AV:N/AC:L/Au:S/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2012-2111
1026988
http://www.securitytracker.com/id?1026988
48976
http://secunia.com/advisories/48976
48984
http://secunia.com/advisories/48984
48996
http://secunia.com/advisories/48996
48999
http://secunia.com/advisories/48999
49017
http://secunia.com/advisories/49017
49030
http://secunia.com/advisories/49030
81648
http://osvdb.org/81648
DSA-2463
http://www.debian.org/security/2012/dsa-2463
FEDORA-2012-6981
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079662.html
FEDORA-2012-6999
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079670.html
FEDORA-2012-7006
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079677.html
HPSBUX02789
http://marc.info/?l=bugtraq&m=134323086902585&w=2
MDVSA-2012:067
http://www.mandriva.com/security/advisories?name=MDVSA-2012:067
RHSA-2012:0533
http://rhn.redhat.com/errata/RHSA-2012-0533.html
SSRT100824
SUSE-SU-2012:0573
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00023.html
SUSE-SU-2012:0591
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00003.html
USN-1434-1
http://www.ubuntu.com/usn/USN-1434-1
http://www.collax.com/produkte/AllinOne-server-for-small-businesses#id2565578
http://www.samba.org/samba/security/CVE-2012-2111
openSUSE-SU-2012:0583
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00001.html

Copyright Copyright (C) 2012 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.831570
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Update for samba MDVSA-2012:067 (samba)
Resumen:	The remote host is missing an update for the 'samba'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'samba' package(s) announced via the referenced advisory. Vulnerability Insight: A vulnerability has been found and corrected in samba: Security checks were incorrectly applied to the Local Security Authority (LSA) remote procedure calls (RPC) CreateAccount, OpenAccount, AddAccountRights and RemoveAccountRights allowing any authenticated user to modify the privileges database (CVE-2012-2111). The updated packages have been patched to correct this issue. Affected Software/OS: samba on Mandriva Linux 2011.0, Mandriva Linux 2010.1 Solution: Please Install the Updated Packages. CVSS Score: 6.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-2111 1026988 http://www.securitytracker.com/id?1026988 48976 http://secunia.com/advisories/48976 48984 http://secunia.com/advisories/48984 48996 http://secunia.com/advisories/48996 48999 http://secunia.com/advisories/48999 49017 http://secunia.com/advisories/49017 49030 http://secunia.com/advisories/49030 81648 http://osvdb.org/81648 DSA-2463 http://www.debian.org/security/2012/dsa-2463 FEDORA-2012-6981 http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079662.html FEDORA-2012-6999 http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079670.html FEDORA-2012-7006 http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079677.html HPSBUX02789 http://marc.info/?l=bugtraq&m=134323086902585&w=2 MDVSA-2012:067 http://www.mandriva.com/security/advisories?name=MDVSA-2012:067 RHSA-2012:0533 http://rhn.redhat.com/errata/RHSA-2012-0533.html SSRT100824 SUSE-SU-2012:0573 http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00023.html SUSE-SU-2012:0591 http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00003.html USN-1434-1 http://www.ubuntu.com/usn/USN-1434-1 http://www.collax.com/produkte/AllinOne-server-for-small-businesses#id2565578 http://www.samba.org/samba/security/CVE-2012-2111 openSUSE-SU-2012:0583 http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00001.html
Copyright	Copyright (C) 2012 Greenbone AG