Joined: 12 May 2004
|Posted: Sun Jun 24, 2012 1:26 pm Post subject: [ GLSA 201206-22 ] Samba: Multiple vulnerabilities
|Gentoo Linux Security Advisory
Title: Samba: Multiple vulnerabilities (GLSA 201206-22)
Exploitable: local, remote
Date: June 24, 2012
Bug(s): #290633, #310105, #323785, #332063, #337295, #356917, #382263, #386375, #405551, #411487, #414319
Multiple vulnerabilities have been found in Samba, the worst of
which may allow execution of arbitrary code with root privileges.
Samba is a suite of SMB and CIFS client/server programs.
Vulnerable: < 3.5.15
Unaffected: >= 3.5.15
Architectures: All supported architectures
Multiple vulnerabilities have been discovered in Samba. Please review
the CVE identifiers referenced below for details.
A remote attacker could possibly execute arbitrary code with root
privileges, cause a Denial of Service condition, take ownership of shared
files, or bypass file permissions. Furthermore, a local attacker may be
able to cause a Denial of Service condition or obtain sensitive
information in a Samba credentials file.
There is no known workaround at this time.
All Samba users should upgrade to the latest version:
|# emerge --sync
# emerge --ask --oneshot --verbose ">=net-fs/samba-3.5.15"
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum