RedHatRHSA-2012:0332(RHSA-2012:0332) Critical: samba security update
EPSS
Percentile
99.5%
Samba is a suite of programs used by machines to share files, printers, and
other information.
An input validation flaw was found in the way Samba handled Any Batched
(AndX) requests. A remote, unauthenticated attacker could send a
specially-crafted SMB packet to the Samba server, possibly resulting in
arbitrary code execution with the privileges of the Samba server (root).
(CVE-2012-0870)
Red Hat would like to thank the Samba team for reporting this issue.
Upstream acknowledges Andy Davis of NGS Secure as the original reporter.
Users of Samba are advised to upgrade to these updated packages, which
contain a backported patch to resolve this issue. After installing this
update, the smb service will be restarted automatically.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 5 | s390x | samba-common | <Β 3.0.33-3.38.el5_8 | samba-common-3.0.33-3.38.el5_8.s390x.rpm |
| RedHat | 5 | ia64 | samba-common | <Β 3.0.33-3.29.el5_6.4 | samba-common-3.0.33-3.29.el5_6.4.ia64.rpm |
| RedHat | 4 | i386 | samba-swat | <Β 3.0.33-0.35.el4 | samba-swat-3.0.33-0.35.el4.i386.rpm |
| RedHat | 5 | i386 | samba-swat | <Β 3.0.33-3.29.el5_6.4 | samba-swat-3.0.33-3.29.el5_6.4.i386.rpm |
| RedHat | 5 | i386 | samba | <Β 3.0.33-3.29.el5_6.4 | samba-3.0.33-3.29.el5_6.4.i386.rpm |
| RedHat | 5 | ppc | samba-debuginfo | <Β 3.0.33-3.38.el5_8 | samba-debuginfo-3.0.33-3.38.el5_8.ppc.rpm |
| RedHat | 5 | ppc64 | samba-common | <Β 3.0.33-3.29.el5_6.4 | samba-common-3.0.33-3.29.el5_6.4.ppc64.rpm |
| RedHat | 5 | s390x | samba-swat | <Β 3.0.33-3.29.el5_6.4 | samba-swat-3.0.33-3.29.el5_6.4.s390x.rpm |
| RedHat | 5 | s390x | libsmbclient | <Β 3.0.33-3.29.el5_6.4 | libsmbclient-3.0.33-3.29.el5_6.4.s390x.rpm |
| RedHat | 5 | ia64 | libsmbclient | <Β 3.0.33-3.29.el5_6.4 | libsmbclient-3.0.33-3.29.el5_6.4.ia64.rpm |
Related
