English
Log in
Search
The Internet threat alert status is currently normal. At present, no major epidemics or other serious incidents have been recorded by Kaspersky Lab’s monitoring service. Internet threat level: 1

HomeDescriptionsSA48976

Samba LSA RPC "take ownership" Privilege Security Bypass Security Issue


Secunia ID

SA48976
CVE-ID

CVE-2012-2111
Release Date

01 May 2012
Criticality

Less Critical
Solution Status

Vendor Patch
Software

Samba 3.x
Where

From local network
Impact
Security Bypass

This covers vulnerabilities or security issues where malicious users or people can bypass certain security mechanisms of the application.

The actual impact varies significantly depending on the design and purpose of the affected application.
Description

A security issue has been reported in Samba, which can be exploited by malicious users to bypass certain security restrictions.

The security issue is caused due to improper application of security checks in the CreateAccount, OpenAccount, AddAccountRights, and RemoveAccountRights remote procedure calls (RPC) within the Local Security Authoriy (LSA). This can be exploited to gain "take ownership" privileges and e.g. change the ownership of arbitrary files and directories on the smdb file server.

The security issue is reported in versions 3.4.x through 3.6.4.
Solution

Apply patch or update to version 3.4.17, 3.5.15, and 3.6.5.
http://www.samba.org/samba/patches/
Reported by

The vendor credits Ivano Cristofolini.
Original Advisory

http://www.samba.org/samba/security/CVE-2012-2111

© 1997-2013 Kaspersky Lab ZAO. All Rights Reserved.
Industry-leading Antivirus Software.
Registered trademarks and service marks are the property of their respective owners.
The authors' opinions do not necessarily reflect the official positions of Kaspersky Lab.

kaspersky.com

Products

eStore

Threats

Downloads

Support

Partners

About Us

Search

securelist.com

Threats

Analysis

Blog

Descriptions

Glossary

RSS feeds

Contacts

Search