U radu programskog paketa Samba uočena je i ispravljena nova sigurnosna ranjivost. Udaljeni je napadač navedenu ranjivost mogao iskoristiti za preuzimanje kontrole nad sustavom.
Paket:
Samba 3.x
Operacijski sustavi:
SUSE Linux Enterprise Server (SLES) 10
Kritičnost:
6.5
Problem:
pogreška u programskoj komponenti
Iskorištavanje:
udaljeno
Posljedica:
preuzimanje potpune kontrole nad sustavom
Rješenje:
programska zakrpa proizvođača
CVE:
CVE-2012-2111
Izvorni ID preporuke:
SUSE-SU-2012:0591-1
Izvor:
SUSE
Problem:
Sigurnosna ranjivost se javlja zbog pogrešne implementacije nekih LSA RPC procedura u komponenti "smbd".
Posljedica:
Udaljeni napadač spomenuti propust može iskoristiti za preuzimanje potpune kontrole nad sustavom.
Rješenje:
Svim se korisnicima navedenog programskog paketa, u svrhu zaštite sigurnosti, savjetuje njegova nadogradnja na novije inačice.
SUSE Security Update: Security update for Samba
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0591-1
Rating: important
References: #757080 #757576
Cross-References: CVE-2012-2111
Affected Products:
SUSE Linux Enterprise Server 10 GPLv3 Extras
______________________________________________________________________________
An update that solves one vulnerability and has one errata
is now available.
Description:
This update of Samba fixes the following security issue:
* CVE-2012-2111: Ensure that users cannot hand out
their own privileges to everyone, only administrators are
allowed to do that.
Security Issue reference:
* CVE-2012-2111
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2111
>
Package List:
- SUSE Linux Enterprise Server 10 GPLv3 Extras (i586 ia64 ppc s390x x86_64):
libnetapi-devel-3.4.3-0.43.1
libnetapi0-3.4.3-0.43.1
libtalloc-devel-3.4.3-0.43.1
libtalloc1-3.4.3-0.43.1
libtdb-devel-3.4.3-0.43.1
libtdb1-3.4.3-0.43.1
libwbclient-devel-3.4.3-0.43.1
libwbclient0-3.4.3-0.43.1
samba-gplv3-3.4.3-0.43.1
samba-gplv3-client-3.4.3-0.43.1
samba-gplv3-krb-printing-3.4.3-0.43.1
samba-gplv3-winbind-3.4.3-0.43.1
- SUSE Linux Enterprise Server 10 GPLv3 Extras (noarch):
samba-gplv3-doc-3.4.3-0.43.1
References:
http://support.novell.com/security/cve/CVE-2012-2111.html
https://bugzilla.novell.com/757080
https://bugzilla.novell.com/757576
http://download.novell.com/patch/finder/?keywords=ef33002197942af3c4259067710592e2
--
To unsubscribe, e-mail: Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
For additional commands, e-mail: Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
Posljednje sigurnosne preporuke