First published: Mon Apr 30 2012(Updated: )
The (1) CreateAccount, (2) OpenAccount, (3) AddAccountRights, and (4) RemoveAccountRights LSA RPC procedures in smbd in Samba 3.4.x before 3.4.17, 3.5.x before 3.5.15, and 3.6.x before 3.6.5 do not properly restrict modifications to the privileges database, which allows remote authenticated users to obtain the "take ownership" privilege via an LSA connection.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Samba | =3.4.0 | |
Samba | =3.4.1 | |
Samba | =3.4.2 | |
Samba | =3.4.3 | |
Samba | =3.4.4 | |
Samba | =3.4.5 | |
Samba | =3.4.6 | |
Samba | =3.4.7 | |
Samba | =3.4.8 | |
Samba | =3.4.9 | |
Samba | =3.4.10 | |
Samba | =3.4.11 | |
Samba | =3.4.12 | |
Samba | =3.4.13 | |
Samba | =3.4.14 | |
Samba | =3.4.15 | |
Samba | =3.4.16 | |
Samba | =3.5.0 | |
Samba | =3.5.1 | |
Samba | =3.5.2 | |
Samba | =3.5.3 | |
Samba | =3.5.4 | |
Samba | =3.5.5 | |
Samba | =3.5.6 | |
Samba | =3.5.7 | |
Samba | =3.5.8 | |
Samba | =3.5.9 | |
Samba | =3.5.10 | |
Samba | =3.5.11 | |
Samba | =3.5.12 | |
Samba | =3.5.13 | |
Samba | =3.5.14 | |
Samba | =3.6.0 | |
Samba | =3.6.1 | |
Samba | =3.6.2 | |
Samba | =3.6.3 | |
Samba | =3.6.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2012-2111 has a medium severity rating due to the potential for remote authenticated users to modify the privileges database.
To fix CVE-2012-2111, upgrade Samba to versions 3.4.17, 3.5.15, or 3.6.5 or later.
CVE-2012-2111 affects Samba versions 3.4.x before 3.4.17, 3.5.x before 3.5.15, and 3.6.x before 3.6.5.
CVE-2012-2111 allows authenticated users to potentially gain unauthorized access to modify account privileges, impacting system security.
Yes, it is recommended to apply the appropriate updates as soon as possible to mitigate the risks associated with CVE-2012-2111.