U radu programskog paketa Samba uočen je i ispravljen sigurnosni propust. Udaljeni napadač ga može iskoristiti za pokretanje proizvoljnog programskog koda.
| Paket: | Samba 3.x |
| Operacijski sustavi: | Mandriva Linux 2010.1, Mandriva Linux 2011, Mandriva Linux Enterprise Server 5.0 |
| Kritičnost: | 8.7 |
| Problem: | pogreška u programskoj komponenti |
| Iskorištavanje: | udaljeno |
| Posljedica: | proizvoljno izvršavanje programskog koda |
| Rješenje: | programska zakrpa proizvođača |
| CVE: | CVE-2012-1182 |
| Izvorni ID preporuke: | MDVSA-2012:055 |
| Izvor: | Mandriva |
| Problem: | |
| Propust je posljedica nepravilnosti u generatoru RPC koda. |
|
| Posljedica: | |
| Ranjivost napadaču omogućava pokretanje proizvoljnog programskog koda putem posebno oblikovanog RPC poziva. |
|
| Rješenje: | |
| Korisnicima se savjetuje instalacija ispravljenih inačica paketa. |
|
Izvorni tekst preporuke
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2012:055
http://www.mandriva.com/security/
_______________________________________________________________________
Package : samba
Date : April 11, 2012
Affected: 2010.1, 2011., Enterprise Server 5.0
_______________________________________________________________________
Problem Description:
A vulnerability has been found and corrected in samba:
The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before
3.5.14, and 3.6.x before 3.6.4 does not implement validation of an
array length in a manner consistent with validation of array memory
allocation, which allows remote attackers to execute arbitrary code
via a crafted RPC call (CVE-2012-1182).
The updated packages have been patched to correct this issue.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1182
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2010.1:
618a07a3b2880bcf1855d782d93f3007
2010.1/i586/libnetapi0-3.5.3-3.5mdv2010.2.i586.rpm
84793723c7a0b711ccf0054fda0a52da
2010.1/i586/libnetapi-devel-3.5.3-3.5mdv2010.2.i586.rpm
88cd11fac84aa9aa8405cbce6dd835bc
2010.1/i586/libsmbclient0-3.5.3-3.5mdv2010.2.i586.rpm
0836753a45ddb9760e27ee422cde449b
2010.1/i586/libsmbclient0-devel-3.5.3-3.5mdv2010.2.i586.rpm
141a9d5388457f80d6fc519d20180bc4
2010.1/i586/libsmbclient0-static-devel-3.5.3-3.5mdv2010.2.i586.rpm
1c10c6e959094d33f19b8279818361b6
2010.1/i586/libsmbsharemodes0-3.5.3-3.5mdv2010.2.i586.rpm
8c2ea1ca2e5ff06174579a95707fa7ff
2010.1/i586/libsmbsharemodes-devel-3.5.3-3.5mdv2010.2.i586.rpm
3f3a4c2575aa4b025608ca0a1b2e81ad
2010.1/i586/libwbclient0-3.5.3-3.5mdv2010.2.i586.rpm
11c5a7f84f6b60f4ba5c96feb6a182ff
2010.1/i586/libwbclient-devel-3.5.3-3.5mdv2010.2.i586.rpm
17eaac9a0b671be1303667e1127c7943
2010.1/i586/mount-cifs-3.5.3-3.5mdv2010.2.i586.rpm
9cf5a0b8975f3de3f7446263e60dbf90
2010.1/i586/nss_wins-3.5.3-3.5mdv2010.2.i586.rpm
934caa56ec7a351ccca4ff02ffb4c541
2010.1/i586/samba-client-3.5.3-3.5mdv2010.2.i586.rpm
6096e9066577d6fa93381276d8daa3bb
2010.1/i586/samba-common-3.5.3-3.5mdv2010.2.i586.rpm
e55c85a899f3546272f184fe69810139
2010.1/i586/samba-doc-3.5.3-3.5mdv2010.2.i586.rpm
26362e3a7e1b3472ef2ccdd52284b0d4
2010.1/i586/samba-domainjoin-gui-3.5.3-3.5mdv2010.2.i586.rpm
70eab496328572818809b15f080cf099
2010.1/i586/samba-server-3.5.3-3.5mdv2010.2.i586.rpm
6952e5097b510af3329c6f5d78f8cbe9
2010.1/i586/samba-swat-3.5.3-3.5mdv2010.2.i586.rpm
915ae724c3de06331cfd04fb0bd69265
2010.1/i586/samba-winbind-3.5.3-3.5mdv2010.2.i586.rpm
4c72879b63802de52b63ed7b83d4a918
2010.1/SRPMS/samba-3.5.3-3.5mdv2010.2.src.rpm
Mandriva Linux 2010.1/X86_64:
ace2c0860c17914d21dbe617fa87e0e7
2010.1/x86_64/lib64netapi0-3.5.3-3.5mdv2010.2.x86_64.rpm
74763ba858d48c7c448defa8b2ffd556
2010.1/x86_64/lib64netapi-devel-3.5.3-3.5mdv2010.2.x86_64.rpm
50ce33ea687930e080072efdfbfc004b
2010.1/x86_64/lib64smbclient0-3.5.3-3.5mdv2010.2.x86_64.rpm
f7f790f0205aecfa5b9914a6d9f6c52b
2010.1/x86_64/lib64smbclient0-devel-3.5.3-3.5mdv2010.2.x86_64.rpm
6d3a02bef858a12ee0934dce09e88be4
2010.1/x86_64/lib64smbclient0-static-devel-3.5.3-3.5mdv2010.2.x86_64.rpm
34853bcef699f85747d96d07c200555f
2010.1/x86_64/lib64smbsharemodes0-3.5.3-3.5mdv2010.2.x86_64.rpm
a6ec714a27184155cef1da72859119e5
2010.1/x86_64/lib64smbsharemodes-devel-3.5.3-3.5mdv2010.2.x86_64.rpm
295583bae32ab52bd25bc5b121e875ab
2010.1/x86_64/lib64wbclient0-3.5.3-3.5mdv2010.2.x86_64.rpm
9d33640b2e23f9f26833d37f472c7c29
2010.1/x86_64/lib64wbclient-devel-3.5.3-3.5mdv2010.2.x86_64.rpm
60676ae71f3ade9516a539f03354cf8d
2010.1/x86_64/mount-cifs-3.5.3-3.5mdv2010.2.x86_64.rpm
a8ac8164580908142c1ffa71285d7f46
2010.1/x86_64/nss_wins-3.5.3-3.5mdv2010.2.x86_64.rpm
fcb05e26eaf45d2b588580182ffdd0b0
2010.1/x86_64/samba-client-3.5.3-3.5mdv2010.2.x86_64.rpm
18456d389b3c2c0c109e31f80067f41c
2010.1/x86_64/samba-common-3.5.3-3.5mdv2010.2.x86_64.rpm
8622946366a3a05229555e9de579d85f
2010.1/x86_64/samba-doc-3.5.3-3.5mdv2010.2.x86_64.rpm
c4cdca61a5648a017f911fec5bb38e17
2010.1/x86_64/samba-domainjoin-gui-3.5.3-3.5mdv2010.2.x86_64.rpm
3f8ec5ea217e2da57fe2496a790cf613
2010.1/x86_64/samba-server-3.5.3-3.5mdv2010.2.x86_64.rpm
ed0292f244641a730a30c6b5adfce0cb
2010.1/x86_64/samba-swat-3.5.3-3.5mdv2010.2.x86_64.rpm
da63310faa0984097e4db35aafdb6af1
2010.1/x86_64/samba-winbind-3.5.3-3.5mdv2010.2.x86_64.rpm
4c72879b63802de52b63ed7b83d4a918
2010.1/SRPMS/samba-3.5.3-3.5mdv2010.2.src.rpm
Mandriva Linux 2011:
2ece08d6baf00f820370996304a7f464
2011/i586/libnetapi0-3.5.10-1.2-mdv2011.0.i586.rpm
391e0e83b2156f92bf06057ab44336e6
2011/i586/libnetapi-devel-3.5.10-1.2-mdv2011.0.i586.rpm
e6db8597c80e0f52fd8571ae20a2a07c
2011/i586/libsmbclient0-3.5.10-1.2-mdv2011.0.i586.rpm
550c87c7ab33576ffd4dab2ba0c6d57b
2011/i586/libsmbclient0-devel-3.5.10-1.2-mdv2011.0.i586.rpm
50004feba2de339c2c0d5a53a3b9a25f
2011/i586/libsmbclient0-static-devel-3.5.10-1.2-mdv2011.0.i586.rpm
0d73a396ea85b9efe9eb9103a4a506a3
2011/i586/libsmbsharemodes0-3.5.10-1.2-mdv2011.0.i586.rpm
b2fc366a39db8452d49b29aa87c0c3b1
2011/i586/libsmbsharemodes-devel-3.5.10-1.2-mdv2011.0.i586.rpm
4758e5dd9bcdc9a691cb9ffb11cbcc37
2011/i586/libwbclient0-3.5.10-1.2-mdv2011.0.i586.rpm
597f5729e0a9720bbdea9a78784bd9d9
2011/i586/libwbclient-devel-3.5.10-1.2-mdv2011.0.i586.rpm
79a52dd2215429b2a09253de672eb272
2011/i586/mount-cifs-3.5.10-1.2-mdv2011.0.i586.rpm
caa88a84173b74f2382fed9816b67ad3
2011/i586/nss_wins-3.5.10-1.2-mdv2011.0.i586.rpm
adcb26cca8e20413971f83858e613ca8
2011/i586/samba-client-3.5.10-1.2-mdv2011.0.i586.rpm
e23764ffc762ca871bb314906989e656
2011/i586/samba-common-3.5.10-1.2-mdv2011.0.i586.rpm
8c6077e30c837078cdd2accaf5f0b80b
2011/i586/samba-doc-3.5.10-1.2-mdv2011.0.noarch.rpm
bba48e5ecc36ddce12571d081c75b96a
2011/i586/samba-domainjoin-gui-3.5.10-1.2-mdv2011.0.i586.rpm
0ae58d4eab55baf06aab27ed1dacf8b5
2011/i586/samba-server-3.5.10-1.2-mdv2011.0.i586.rpm
e4aeea5e4368292c8dd242829ea9cfd6
2011/i586/samba-swat-3.5.10-1.2-mdv2011.0.i586.rpm
4d4eb5129e72ddbdf7e695c5d4023d14
2011/i586/samba-winbind-3.5.10-1.2-mdv2011.0.i586.rpm
43d6e58b17cf2f9c6eddc2c5162042ae 2011/SRPMS/samba-3.5.10-1.2.src.rpm
Mandriva Linux 2011/X86_64:
8e8379f1c13346f05b73dda02f1dd8d4
2011/x86_64/lib64netapi0-3.5.10-1.2-mdv2011.0.x86_64.rpm
58293f1655f7aa5fa263b949c2e19c45
2011/x86_64/lib64netapi-devel-3.5.10-1.2-mdv2011.0.x86_64.rpm
b6a4602bbbd5aec74ec7d9186056b2e2
2011/x86_64/lib64smbclient0-3.5.10-1.2-mdv2011.0.x86_64.rpm
d8d2b44cdec07717a8b69a9d25cf34a4
2011/x86_64/lib64smbclient0-devel-3.5.10-1.2-mdv2011.0.x86_64.rpm
a94819d1a6a845d88d227e8049fe68ff
2011/x86_64/lib64smbclient0-static-devel-3.5.10-1.2-mdv2011.0.x86_64.rpm
f0a0f8cd3949b4867d3c76c618a5fb11
2011/x86_64/lib64smbsharemodes0-3.5.10-1.2-mdv2011.0.x86_64.rpm
b32422d1dfd65572ebed6dc66ac7209d
2011/x86_64/lib64smbsharemodes-devel-3.5.10-1.2-mdv2011.0.x86_64.rpm
910b81c895ff651eeca1f78443c1ec17
2011/x86_64/lib64wbclient0-3.5.10-1.2-mdv2011.0.x86_64.rpm
a76a2ed3a3d013d096d42621dcf2daaa
2011/x86_64/lib64wbclient-devel-3.5.10-1.2-mdv2011.0.x86_64.rpm
c64d43b8616c133d5a6acbec19decad2
2011/x86_64/mount-cifs-3.5.10-1.2-mdv2011.0.x86_64.rpm
af87db22f74156d2daa4bf2d8cafaaaa
2011/x86_64/nss_wins-3.5.10-1.2-mdv2011.0.x86_64.rpm
a9df74cc2e94bc26c335cca2c128b674
2011/x86_64/samba-client-3.5.10-1.2-mdv2011.0.x86_64.rpm
d723b14c7f44582905cf5f061f98e959
2011/x86_64/samba-common-3.5.10-1.2-mdv2011.0.x86_64.rpm
6b4c30fe785206e3d492ba14a321bdf5
2011/x86_64/samba-doc-3.5.10-1.2-mdv2011.0.noarch.rpm
1c96c6dace7d31700f90880589ee26d3
2011/x86_64/samba-domainjoin-gui-3.5.10-1.2-mdv2011.0.x86_64.rpm
b9de9445a2b129b1ab8e8da10f0d3d19
2011/x86_64/samba-server-3.5.10-1.2-mdv2011.0.x86_64.rpm
44edbe0f928a3a0cfdb3e90b1cbfece8
2011/x86_64/samba-swat-3.5.10-1.2-mdv2011.0.x86_64.rpm
6a2e42f81bc0d0c3554d601981f874a2
2011/x86_64/samba-winbind-3.5.10-1.2-mdv2011.0.x86_64.rpm
43d6e58b17cf2f9c6eddc2c5162042ae 2011/SRPMS/samba-3.5.10-1.2.src.rpm
Mandriva Enterprise Server 5:
7a1d4e2588013fae490cba76c2bd2234
mes5/i586/libnetapi0-3.3.12-0.9mdvmes5.2.i586.rpm
ad114d018b79cafebb33d0afd53097fc
mes5/i586/libnetapi-devel-3.3.12-0.9mdvmes5.2.i586.rpm
2d33714f2a135a597ed3f5256472a95d
mes5/i586/libsmbclient0-3.3.12-0.9mdvmes5.2.i586.rpm
eda2371679144117ea1e77277f12c37d
mes5/i586/libsmbclient0-devel-3.3.12-0.9mdvmes5.2.i586.rpm
53ab484f0c8891e700ea10f09fdedae0
mes5/i586/libsmbclient0-static-devel-3.3.12-0.9mdvmes5.2.i586.rpm
d2c8ecd7fb50314aa6929dc358dee526
mes5/i586/libsmbsharemodes0-3.3.12-0.9mdvmes5.2.i586.rpm
feda8de36a0ed4111c5c41aa47f95fc6
mes5/i586/libsmbsharemodes-devel-3.3.12-0.9mdvmes5.2.i586.rpm
1414741281e22ca6dfdb12af8459c63d
mes5/i586/libtalloc1-3.3.12-0.9mdvmes5.2.i586.rpm
6e17ce41a00989e07280fbdd96088cdf
mes5/i586/libtalloc-devel-3.3.12-0.9mdvmes5.2.i586.rpm
d6c1fdb5e1c573116d4b3a33b3aeb320
mes5/i586/libtdb1-3.3.12-0.9mdvmes5.2.i586.rpm
cb44eb86989bae64095541066f06f35c
mes5/i586/libtdb-devel-3.3.12-0.9mdvmes5.2.i586.rpm
ec4532f047b2da1394bd802eb67e60f9
mes5/i586/libwbclient0-3.3.12-0.9mdvmes5.2.i586.rpm
9666097df96e9195455a2147908b7043
mes5/i586/libwbclient-devel-3.3.12-0.9mdvmes5.2.i586.rpm
c6b8f6647f919ab2cbbe81e0de74a401
mes5/i586/mount-cifs-3.3.12-0.9mdvmes5.2.i586.rpm
0e05dd31949540545a9864c4b282588e
mes5/i586/nss_wins-3.3.12-0.9mdvmes5.2.i586.rpm
f0d5bb15fed6a4056175f419fb50e47e
mes5/i586/samba-client-3.3.12-0.9mdvmes5.2.i586.rpm
20c4cdec0b728d6bd975684e6b8a9efc
mes5/i586/samba-common-3.3.12-0.9mdvmes5.2.i586.rpm
dd8c337420a8f98b769b47a696d5923b
mes5/i586/samba-doc-3.3.12-0.9mdvmes5.2.i586.rpm
efba0f8100a63041d8d16608314f5439
mes5/i586/samba-server-3.3.12-0.9mdvmes5.2.i586.rpm
b68b108b9637c9fb4d8b5e3030b539a7
mes5/i586/samba-swat-3.3.12-0.9mdvmes5.2.i586.rpm
0ea3f96b495075f00be667c7f659e674
mes5/i586/samba-winbind-3.3.12-0.9mdvmes5.2.i586.rpm
24d8a954cf8f2b5a7a034338b106791c mes5/SRPMS/samba-3.3.12-0.9mdvmes5.2.src.rpm
Mandriva Enterprise Server 5/X86_64:
545843ddaef8e31902a63d24ea1806f4
mes5/x86_64/lib64netapi0-3.3.12-0.9mdvmes5.2.x86_64.rpm
b50e3c389f3bc667a0a3a68dfec90761
mes5/x86_64/lib64netapi-devel-3.3.12-0.9mdvmes5.2.x86_64.rpm
2f2e273e4351768b6441301b31f4920d
mes5/x86_64/lib64smbclient0-3.3.12-0.9mdvmes5.2.x86_64.rpm
408b325ffcdd165f18f856ec3982a74a
mes5/x86_64/lib64smbclient0-devel-3.3.12-0.9mdvmes5.2.x86_64.rpm
992e8d328b483a2d0bb1cb347fdcd889
mes5/x86_64/lib64smbclient0-static-devel-3.3.12-0.9mdvmes5.2.x86_64.rpm
122979a46ebbabf10f8e982829f56004
mes5/x86_64/lib64smbsharemodes0-3.3.12-0.9mdvmes5.2.x86_64.rpm
8ac2e7f26ef202f44b4bc5f88fa033a2
mes5/x86_64/lib64smbsharemodes-devel-3.3.12-0.9mdvmes5.2.x86_64.rpm
08c109c58ece0602a7a860a71496cb98
mes5/x86_64/lib64talloc1-3.3.12-0.9mdvmes5.2.x86_64.rpm
d4941beba2ec0143de0fcc5ff9e446e4
mes5/x86_64/lib64talloc-devel-3.3.12-0.9mdvmes5.2.x86_64.rpm
c489b3efc90813ef3f94345791359a02
mes5/x86_64/lib64tdb1-3.3.12-0.9mdvmes5.2.x86_64.rpm
94d9ad3a330aff051fb4ed478348818b
mes5/x86_64/lib64tdb-devel-3.3.12-0.9mdvmes5.2.x86_64.rpm
66187cc6e379dccd47d4664e4b51f745
mes5/x86_64/lib64wbclient0-3.3.12-0.9mdvmes5.2.x86_64.rpm
7ccdbd98aa4388c207cc694f629f1a8b
mes5/x86_64/lib64wbclient-devel-3.3.12-0.9mdvmes5.2.x86_64.rpm
46c2e7cffbd2b16fa6fe4cb80b8ae217
mes5/x86_64/mount-cifs-3.3.12-0.9mdvmes5.2.x86_64.rpm
e93fb62b5d2669e00a5e8537d9538d03
mes5/x86_64/nss_wins-3.3.12-0.9mdvmes5.2.x86_64.rpm
aec52d59f0949e615de84f89b716c740
mes5/x86_64/samba-client-3.3.12-0.9mdvmes5.2.x86_64.rpm
74ca1045837e067fc16b35f5a9c8a959
mes5/x86_64/samba-common-3.3.12-0.9mdvmes5.2.x86_64.rpm
b424fdd77ed7e79cc27262008efddc50
mes5/x86_64/samba-doc-3.3.12-0.9mdvmes5.2.x86_64.rpm
711e19975e821852033e9badead55a9d
mes5/x86_64/samba-server-3.3.12-0.9mdvmes5.2.x86_64.rpm
ce12e60f6e6950c919b3da333b3a2e07
mes5/x86_64/samba-swat-3.3.12-0.9mdvmes5.2.x86_64.rpm
88406e56abedc8fd56da938f9a116304
mes5/x86_64/samba-winbind-3.3.12-0.9mdvmes5.2.x86_64.rpm
24d8a954cf8f2b5a7a034338b106791c mes5/SRPMS/samba-3.3.12-0.9mdvmes5.2.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iD8DBQFPhUl5mqjQ0CJFipgRAqwGAJ9WQalWqP6WzJFo7dRcgPySLjvhAgCeNuAz
3ifKrik8iH0LOdU2Q4hDsj4=
=S1NU
-----END PGP SIGNATURE-----
Posljednje sigurnosne preporuke